How to Fix NET:: ERR_CERT_AUTHORITY_INVALID Error?

It is not a big deal if you just encountered NET:: ERR_CERT_AUTHORITY_INVALID your connection is not private error on Google Chrome. This is one of the most common errors faced by Chrome users every day. And the good news is, you don’t need to know rocket science to fix it. Starting with a brief introduction about NET ERR CERT AUTHORITY INVALID, I will try to explain all the possible solutions that are working for most users.

How to Fix NET:: ERR_CERT_AUTHORITY_INVALID Error?

NET:: ERR_CERT_AUTHORITY_INVALID

When you try to open a website or page in Google Chrome or in any other browser’s, before going for a secured connection browser checks for the status of the certificate authority of the SSL. If Google finds any security breach in your privacy then you will be restricted to browse that stuff and getting an error message displayed on your screen. One good example of such warning that you may have come across many times while browsing Chrome is HTTPS/SSL Error with the message displayed on your screen “Your Connection is Not Private” accompanying a Red Padlock showing the “Connection is Not Secure”.

“Your Connection is Not Private”

To fix the Invalid certificate authority error the user must contact the website admin or should reinstall SSL certificate if the certificate is valid and still you are getting the net::err_cert_authority_invalid error then follow the below solutions to fix this error.

Your connection is not private or not secure

The browser will throw your connection is not private error only related to sites that are running over HTTPS. When you visit a website your browser will send a request to the server where the site is hosted.  The browser has to validate the certificate installed on the site to ensure it up to current privacy standards. If the browser finds the certificate isn’t valid, it will automatically try to prevent you from reaching the site.

Common warnings reported by the Chrome users

In Google Chrome, if there is any problem in validating a certificate then you will get an error message as “your connection is not private”. Many of the users reported various types of messages received while browsing various sites.Some common error messages are highlightd as under. The error code message will help you to find the exact issue. You can see some of the error codes in Google Chrome.

NET::ERR_CERT_AUTHORITY_INVALID
NET::ERR_CERT_INVALID
NET:: ERR_CERTIFICATE_TRANSPARENCY_REQUIRED
NET::ERR_CERT_COMMON_NAME_INVALID
NET::ERR_CERT_DATE_INVALID
SSL CERTIFICATE ERROR
ERR_CERT_SYMANTEC_LEGACY

Why net:: err_cert_authority_invalid error occurs in Chrome?

The above mentioned errors occur due to various reasons. The probable causes for the individual error are mentioned as under:

Net::Err_Cert_Authority_Invalid 

Causes-

  • Authority certificate may be obsolete.
  • The website certificate is not secure.
  • Outdated browser.

Net::Err_Cert_Common_Name_Invalid

Causes-

  • Mismatch in the name of the certificate issuing authority.
  • Address error
  • Google Chrome Browser error.

Net::Err_Cert_Date_Invalid

Causes-

  • The certificate may not be uploaded.
  • The date may be incorrect.

Common warnings reported by Mozilla Firefox users

On Mozilla Firefox the error code will change slightly, you will see “your connection is not secure” instead of “your connection is not private”.

The below error codes will help to find the problem. The most common error codes in Mozilla Firefox.

MOZILLA_PKIX_ERROR_ADDITIONAL_POLICY_CONSTRAINT_FAILED

SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE

MOZILLA_PKIX_ERROR_MITM_DETECTED

ERROR_SELF_SIGNED_CERT

SSSL_ERROR_BAD_CERT_DOMAIN

SEC_ERROR_EXPIRED_CERTIFICATE

How to fix net::err_cert_authirity_invalid (Your Connection is not Private)?

These are the practical and step by step solutions along with the images to fix the error NET:: ERR_CERT_AUTHORITY_INVALID.

Reload Website or Page

Reload Website or Page

This is one of the easiest ways if you find the error just close the browser relaunching it. Now try to open the website or page again. This is because the website owner will be reissuing their SSL certificate and the error will get fixed.

Restart your computer or router

It may be annoying to hear but sometimes this small technique also works to fix the error. Some time’s you may have many tabs and windows opened in your system due to this also error occurs. So rebooting your system may help you to sort out the issue. Before going for another solution trying this simple trick may help you to save much time.

Restart your computer or router

Switch off the router and remove the cables if it is wired connection and re-fix the cable. If you are using a wireless router switch it off and on the router. If the error is due to overburden on your system hopefully, this simple technique will fix the issue without trying other time taking solutions.

Try Incognito Mode

If you want to check the website is working without clearing your browser cache. Here, the incognito mode will do that as they don’t save any browser cache and cookies.

  • Go to the menu tab in your browser. On the list, you can find a new incognito window. Select it.

Try Incognito Mode

  • Now enter the same website address in the URL bar. If the website opens here the problem is with your cache and cookies.

enter the same website address in the URL bar

NOTE: Mozilla Firefox browser, incognito mode is referred to as a new private window under menu options.

Delete Chrome Extensions

Each one of us has added Chrome extensions for our ease. Sometimes these extensions might start misbehaving and you have to encounter err_cert_common_name_invalid error. The quick fix to this error is to delete Google Chrome extensions. To do so follow these steps:

  • Try to open the problematic webpage in the Incognito Mode.
  • If the webpage opens there securely, then the problem lies with your Chrome extensions.
  • Turn off all the extensions. Here you need to go: chrome://extensions and Uncheck all the extensions.

Here you need to go: chrome://extensions and Uncheck all the extensions

Check SSL Certificate hasn’t expired

Expiring of SSL certificate happens sometimes without the knowledge of the website owner.

Check SSL Certificate hasn't expired

Typically this happens due to the following reasons.

  • If the website had not enabled autorenew enabled with the domain registrar or SSL certificate provider.
  • Even though auto-renew is enabled but payment fails. Because the website owner forgot to update their payment details.  
  • If the website owner uses a free let’s encrypt certificate which expires every 90 days.

NOTE: Checking the website sometime later may help to go to the website. As in the meanwhile, the website owner fixes the errors regarding certificate expiry.

How to check the SSL Certificate in Chrome

  • Go to the address bar and click on the lock icon and then tap on the certificate section.

Go to the address bar and click on the lock icon and then tap on the certificate section.

  • On the pop – up window, you can see valid from and to as shown in the image.

On the pop – up window, you can see valid from and to as shown in the image.

  • If the certificate shows expiry date, come back after some time later. In meanwhile error can be fixed.
  • If the certificate validation is not changing then try the solution of clear SSL state in this article. This helps you to get the website new certificate loaded into the browser and will open the page without any error.

Proceed manually (Unsafe)

Though in some of the sites, you will get net::err_certificate_authority_invalid error and you will have a manual option to proceed. If you believe that nothing will get encrypted, go to the website by clicking on the website proceeding link or button. The error means that someone is trying to fool you or steal info you send. So, you have to close the website immediately. There may be also a chance of compromised and malicious redirection when you open the website. If you are in a public place, don’t ever dare to bypass these types of sites.

Check and update your Computer’s Clock to fix the Net::Err_Cert_Date_Invalid

Another common reason for getting an error is due to your date and time settings in your clock. All the browsers will rely on your computer date and time to correctly sync up to verify the SSL certificate. This error usually happens with your new laptop or Wi-Fi for the first time.

Steps to update the date and time on your Windows computer

  • On the desktop screen, you can find date and time, rightclick on it.

Steps to update the date and time on your Windows computer.

  • You will find a set of options. Select the adjust time and date option from the list.

Steps to update the date and time on your Windows computer.

  • You will get a pop – up window, click on change date and time button.

Steps to update the date and time on your Windows computer.

  • Here, on the new pop – up window. Change date and time according to the present. After successful completion, click on the ok button.

Change date and time according to the present. After successful completion, click on the ok button

  • You can also change the time zone, click on change time zone. A new pop – up window, show the time zone. Click on the down arrow button to change the time zone.

change the time zone

  • Finally, click on the OK button on the main window.
  • Successfully you have changed the time and date.
  • Try to relaunch your browser. Hope this solution fixes the error.

Steps to update date and time on Mac

  • Click on the Apple menu.
  • On the pop – up window, choose system preferences and select the date & time.

On the pop – up window, choose system preferences  and select the date & time

  • If the padlock appears at the bottom of the window, click on it. Enter your administrator username and password.

If the padlock appears at the bottom of the window, click on it. Enter your administrator username and password

  • Choose set date & time automatically. This will update according to Apple’s NTP servers.

Choose set date & time automatically. This will update according to Apple’s NTP servers

  • Go to the time zone tab. if it doesn’t determine your location automatically simply uncheck it so manually set it. You can select the time zone region and city on the map.

Go to the time zone tab. if it doesn’t determine your location automatically simply uncheck it so manually set it. You can select the time zone region and city on the map

  • Close all the windows and relaunch the Chrome browser. Now retry to enter the website.

Clear Browser Cache and Cookies

Clearing browsing cache and cookies may sometimes fix the error. Below are the detailed steps to clear browsing history.

  • Go to the browser menu and from the drop-down menu, click Settings.

click Settings

  • Now at the bottom of the window, select the advanced option.

select the advanced option

  • On the expanded window, under privacy & security. Go to clear browsing data option.

How to Fix NET:: ERR_CERT_AUTHORITY_INVALID Error?

  • Pop – up window click drop-down menu and select all time. Uptick the browser cache and cookies option and finally click on clear data button.

clear data button

  • Now, close the browser and relaunch it. Now try to go to the website. I hope it will clear the error.

Clear SSL State

If the things get out of sync then clearing SSL state through chrome will help you to fix the error.

Steps to clear SSL state on your computer

  • Go to the menu settings of the browser as shown in the figure.

Steps to clear SSL state on your computer

  • Select the setting from the drop-down options.

Select the setting

  • On the opened window, click on the advanced settings option.

click on the advanced settings option

  • Under the system category, navigate to open proxy settings.

Under the system category, navigate to open proxy settings

  • When you pop–up button then you will get a pop–up window of internet properties.

Under the system category, navigate to open proxy settings

  • Select the content tab from the menu bar of internet properties. Click on Clear SSL state under certificates option and later click on the OK button.

Under the system category, navigate to open proxy settings

  • Close all the tabs and relaunch chrome. This may fix the error.

Change DNS Servers

Changing DNS servers will hopefully fix the error. Removing DNS servers and defaulting back to your ISP’s DNS servers can fix the error. Google and Cloudflare may not 100% perfect, so you are facing the issue NET:: ERR_CERT_AUTHORITY_INVALID every now and then.

  • Click on the start menu. 

Change DNS Servers

  • Go to the control panel. For Windows 10 select settings.

Go to the control panel. For Windows 10 select settings

  • Select network and internet options.

Select network and internet options.

  • Navigate to network and sharing center.

Select network and internet options.

  • Choose change adapter settings.

change adapter settings

  • Go to the currently active network and right-click to choose the properties option.

choose the properties option

  • Under the networking menu, this connection uses the following item select internet protocol version 4 (TCP / IPv4). Click on the properties option.

Under the networking menu, this connection uses the following item select internet protocol version 4 (TCP / IPv4). Click on the properties option

  • Choose Obtain an IP address automatically and obtain DNS server address automatically. Finally, click on the ok button.

Under the networking menu, this connection uses the following item select internet protocol version 4 (TCP / IPv4). Click on the properties option

  • Close all the windows, restart chrome and this may fix the error. If the settings are already there then go to other solutions.

Disable VPN and Antivirus Temporarily

Disable VPN and Antivirus Temporarily

Some of the times VPNs and antivirus software may have conflicts or will override your network settings. It will also block certain SSL certificates or connections. So turn off VPN and antivirus software which may help you to fix the error.

Import & Export Certificate

This is nothing but you can make the site certificate valid to open in your browser to fix err_cert_invalid error. You have to proceed with this process if you trust the website otherwise skip this solution and continue with the other solutions.

First, you have to acquire the certificate of the MITM (Man In – The Middle Attack).

  • Initially go to the Chrome window and open the website. Here near the website address bar, you will find HTTPS with a cross mark in red color as a danger to open the site. Or you will get not secure, parallel to the website address bar. The security warning resemblance may be anything if you are facing the error of your connection is not private. That resembles that the website is not secure to open.
  • For example, one of the addresses is taken to explain the process.

Disable VPN and Antivirus Temporarily

  • If you trust the website, continue with this step. The way of showing lock may vary for different websites. Click on the https lock or not secure option as shown in the figure. You will get a set of options. And click on the certificate option from the given expanded list.

Disable VPN and Antivirus Temporarily

  • You will now get a pop – up window, on which go to the menu bar and click on the Details tab.

Disable VPN and Antivirus Temporarily

  • Click on copy to file option present on the bottom right corner of the window.

Click on copy to file option present on the bottom right corner of the window.

  • The new window of certificate export wizard will pop – up to export the certificate of the web page or site. Click on the Next button.

Click on the Next button

  • Now you will get a window that will show how to save the file. Select the option according to your requirements. If the site is localhost goes with PKCS # 7 else go with the other two options.

DER encoded binary X.509 (.CER): The distinguished encoding rules (DER) format supports the storage of a single certificate. This storage does not support a private key or certification path.

Base – 64 encoded X.509 (.CER): The base 64 format supports the storage of a single certificate. This format does not support the storage of a private key or certificate path.

Cryptographic message syntax standard – PKCS # 7 CERTIFICATES (.P7B): This format supports the storage of certificates in the certification path.

  • NOTE: Select third option cryptographic message and uptick include all certificates option. And after selecting the file type, click on the Next button.

Click on the Next button

  • You will see a pop–up window to enter a file name. Select browse option and select desktop; enter the file name and click on next.

Click on the Next button

  • You can save the file anywhere you want to but remember the location as you have to import the file.

Click on the Next button

  • On the next pop – up window. Click on the finish button.

Click on the finish

  • The exporting of the file is successfully completed.

Now we will look into the process of importing the file.

  • Go to the menu option of your browser. From the drop-down list go to settings.

go to settings

  • Scroll down to the advanced option on the window.

advanced option

  • You can see manage certificates under the privacy and security category. You can see a pop–up button parallel to it, click on it.

privacy and security

  • A pop – up window opens, under the personal menu. Click on the import option.

Click on the import option

  • A pop – up window opens. Click on the Next button.

Click on the Next button

  • On the next window, click on the browse button.

click on the browse button

  • Select the file from the location where you exported.

Select the file

  • After the selection of the file, click on the Next button.

click on the Next button

  • You can go with the option to automatically select the certificate store based on the type of certificate. After selecting the category click on the Next button.

select the certificate store

  • On the next screen, tap on the finish button.

tap on the finish button

  • You will get a pop – up with message import was successful. Click on the OK button.

Click on the OK button

  • Now you can see the certificate of the website any of the categories present in the manage certificates option, according to your selection.
  • Now close all the windows and chrome. Restart your computer.
  • After restart try whether the website is opening without any error. Mostly this solution will work out to open the website.

Update your Operating System

If the operating system is older, the system falls out of date with newer technologies. Upgrading to a newer operating system such as Windows 10 for Windows users or the latest version of Mac OS x for Apple users. Make sure that your system is up to date on Windows, Mac or other operating systems.

Over to You

The above given are all the possible solutions to fix the NET:: ERR_CERT_AUTHORITY_INVALID error. Please write to us in the comment section which method works for you. Wanna some more DeviceTricks? Stay tuned to this space for more updates and tutorials.

If you feel this article helpful please like, share and follow our Facebook page or keep visiting our website.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top