Why might a browser sometimes ask for confirmation when going to an HTTPS page

Trust for HTTPS is based on the certificates being signed by a trusted certificate authority. There are now hundreds of these, but your phone may exclude authorities you are less likely to encounter. There are several reasons why you can expect to be asked if you want to connect:

• The certificate was issued for a domain other than the one you are connecting to. This may occur more frequently for phones as some organizations use different domains for phones (mobile devices) than the one used for their main site. You may also encounter this with phishing sites.
• The certificate was signed by an authority which is not loaded in your phone's (or browser's) database of trusted authorities.
• The certificate was signed by a trusted authority but has expired. Signatures are usually only good for one or two years.
• The certificate was not signed by a trusted authority. These are often self-signed certificates, but may be signed by an untrusted authority. This is the form I use for my personal site. (HTTPS is only used for personal access.)

This is likely not a complete list of reasons you may be prompted to continue connecting. If information on the reason is available, consider it before continuing.

I suspect we will soon be able to add another item to this list:

• The authority was trusted, but had their signing certificate compromised (stolen). At least two trusted authorities appear to fall in this class already.