NET::ERR_CERT_AUTHORITY_INVALID – Meaning & Fixes

Photo of author

Uchchash Talukder Rana

ERR CERT AUTHORITY INVALID
NET::ERR_CERT_AUTHORITY_INVALID Meaning
ERR_CERT_AUTHORITY_INVALID means the SSL certificate used on the website is either invalid/expired or your device can’t trust the Certificate Authority(CA) that issued the certificate.
 

Reasons Behind This Error Code

This is one such problem that could be on your end or the website’s end. 

Your end: 

  • Old browser cache.
  • DNS cache. 
  • Invalid time and date. 
  • Browser bugs.
  • Antivirus software. 

Website’s end:

  • Self-signed certificate.
  • Misconfigured certificate.
  • Expired certificate. 

ERR_CERT_AUTHORITY_INVALIDFixes

Proceed to the website

Despite showing this error code, browsers offer you an option to continue using the insecure website. It also warns you that the attackers can steal your passwords, messages, or payment information as the connection is not encrypted. 

In most cases, you shouldn’t proceed to websites with invalid SSL certificates. You should only visit those unsafe websites when you are certain that you won’t provide sensitive information. 

It’s not the website owners you have to worry about, it’s the attackers who can steal your data. Unless it’s a pretty famous website, there’s little chance that someone will try to steal your data. 

Click Advanced, it will expand the area.

Click on Advanced

Ignore the warning and click on Proceed to destination (unsafe).  

Proceed to website

Try Incognito Mode

An Incognito window is an ideal way to check the SSL Status of a website. If a website is new and installed its SSL Certificate recently, or didn’t have SSL before, you may see an insecure version due to browser caching. 

When you use an incognito window to browse a website, it doesn’t use the stored cache on your device. Instead, it loads the website’s current state and doesn’t create a cached version on your device. 

If you can access a website using incognito mode, but normally it shows the error, you can clear your browser cache or flush DNS to solve this issue. Otherwise, you should check the website’s SSL status.

Check SSL Certificate

Whether you are the website owner or a visitor, you can check the SSL Certificate information of a website. Your browser can show you the information or you can use third-party tools. 

Type the website URL in the address bar and press Enter. Click Not Secure from the address bar and select Certificate is not valid to find the details of the SSL certificate. 

Otherwise, use SSL Checker to find out what’s the issue. You can contact the website owner via other channels to resolve the issue, or, if you are the owner of the website contact your developer or hosting provider for further assistance. 

SSL Checker

Re-install SSL Certificate

If you are facing this issue on your website, it could be due to SSL Configurations. Re-installing the SSL Certificate only takes a few minutes and can solve the issue once and for all. 

Shared hosting providers allow re-installing the SSL Certificate in a few clicks. If you are using a VPS, ask your developer to reinstall the SSL Certificate. Additionally, you can also use Cloudflare to enable SSL on your website. 

Re-installing the SSL Server will cause a temporary problem for the visitors. They might have to use an incognito mode, clear browser cache, or flush DNS to access your website. 

Clear Browser Cache

As I mentioned earlier, I face this issue often when I start a new website and install a fresh SSL certificate. 

It happens due to the caching system, suppose, I visited the website before installing the certificate and the browser cached it. Now even though I installed the certificate, the browser is still showing the cached data and couldn’t verify the authenticity of the certificate. 

If the website loads without a warning in the incognito mode, it could be the browser cache causing the error. Clear the browser cache and visit the website to check if the issue is resolved.

Clear DNS Cache

Computers store the fetched DNS queries locally to load websites faster in the future. The problem is when a website changes its server or makes changes to the server, your computer may still try to provide the cached information. 

If you tried everything as a visitor/website owner and still can’t access it from your computer, it could be the DNS cache. 

FlushDNS

Open the CMD on your computer in administrator mode, type ipconfig /flushdns and press Enter

Restart your computer and visit the website. It would be fixed if the DNS cache was the culprit. 

Disable Antivirus / Firewall

Modern antivirus software can monitor your web activity and prevent you from accessing insecure websites to protect you online. However, sometimes these antivirus software can show false positive results. 

In a false positive scenario, you won’t be able to visit a website with a valid SSL Certificate and get this error on your browser. 

You can temporarily disable your antivirus if you are certain that the website is trusted, or you can whitelist it so the antivirus won’t check the SSL status of the site. 

This issue arises mostly with Kaspersky users. You can read this article to learn how to exclude a website from Kaspersky security scanning. 

Check Time Settings

The time and date of your device are crucial for your online privacy. Your browser will show various error codes if the time and date are incorrect by a long margin. 

ERR_CERT_AUTHORITY_INVALID is an error that can appear if the date and time are incorrect. Every issued SSL Certificate has validity; when the date and time of your computer is behind the issued date or expiry date, your browser considers the certificate invalid. 

That’s why you should always use auto synchronization on your device. This feature is available on any modern device, it uses the internet to fetch the current time and date based on your device’s location. 

Android Users:

  • Open the Settings app.
  • Navigate to Additional settings > Date & time
  • Toggle on Set time automatically and Set time zone automatically

Mac Users:

  • Click on the Apple icon at the top left corner.
  • Select System Preferences. 
  • Open Date & time.
  • Click on the lock icon to make changes and enter your user account’s password.
  • Select Set date and time automatically

Windows Users:

  • Press the Windows key on your keyboard.
  • Open Settings.
  • Click on Time & language from the left navigation panel. 
  • Click on Date & time
  • Toggle on Set time automatically and Set time zone automatically. 

iPhone Users: 

  • Go to Settings
  • Tap on General.
  • Tap on Date & Time.
  • Toggle on Set Automatically

Opinion

Always go through an SSL checker if a website ever shows this error. It’s important to know whether the certificate is expired or self-signed. 

And, never enter login details, private information, or payment information on such websites. Attackers can spoof your information. 

SSL technology secures the connection between your browser and the server. Everything you enter on a secured website is encrypted and hackers can’t spoof the data. 

An invalid SSL certificate often means the website owners are careless. Because it’s extremely cheap and easy to get an SSL certificate. So, avoid such sites at all costs. 

Photo of author
Uchchash Talukder Rana
Uchchash Talukder Rana is the one man army behind BrowserNerd. From writing, editing, publishing to promoting, he handles everything like a man.
0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x