While trying to download the Xcode 9 Beta 3, I am getting the following error on Google Chrome:
Your connection is not private.
Attackers might be trying to steal your information from download.developer.apple.com (for example, passwords, messages or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
On Safari, it says
Safari can't verify the identity of the website "download.developer.apple.com"
The certificate for this website is invalid. You might be connecting to a website that is pretending to be "download.developer.apple.com", which could put your confidential information at risk. Would you like to connect to the website anyway?
I already have Xcode 9 Beta 1 and it downloaded just fine. I just want to know if everyone is experiencing this and it's safe to proceed or is this really someone trying to steal my information.
Yes, I get this error as well. It's been like this for few days.
This happens to Apple sites from time to time. I don't know why they can't get their act together and keep their certificates updated and correct for the relevant domains.
It's almost certain that this is safe to download regardless of the certificate error. If you want to be more secure, check the downloaded file hash. There are few places which keep track of Apple downloaded file hashes. For example here (well, theoretically, you can say that those hashes are also from unvalidated source, but you need to trust something at some point)