When attempting to connect to a VPN using AWS VPN Client, the authentication window in Safari shows a dialog stating "This is a non-secure form" and asking for confirmation before sending. When the "Send It" button is clicked, Safari presents an error page, stating that Safari can't open the page, stating "Navigation failed because the request was for an HTTP URL with HTTPS-Only enabled"
- AWS VPN Client v5.2.0
- Safari v18.4 (20621.1.15.11.10)
- MacOS Sequoia 15.4.1 (24E263)
If you're getting this error when using AWS VPN Client (and perhaps other OpenVPN clients) with Safari, you can open Safari's preferences, select the Security tab, and disable the "Warn before connecting to a website over HTTP" setting. You will still get the dialog, but clicking the "Send" button will no longer result in an error.
- (In Safari 18.2 the default was changed)[https://developer.apple.com/documentation/safari-release-notes/safari-18_2-release-notes#Security] from
http:tohttps:- When this change was made, a new "Non-secure site connections" setting was added to Safari's preferences
- The default of this setting is "Warn before connecting to a website over HTTP"
- This interferes with the callback from authentication to
http://127.0.0.1:35001which AWS uses to signal to the AWS VPN client that the authentication has finished
- This is also (a problem for other OpenVPN clients and Chromium based browsers)[https://issues.chromium.org/issues/330364341]
- "(OpenVPN (AWS VPN) Authentication fails)[https://issues.chromium.org/issues/330364341]
- ("How can I enable HTTP in Safari settings")[https://discussions.apple.com/thread/255914488?answerId=261091134022&sortBy=rank#261091134022]