The problem: you have an SSL certificate installed on your site, but your users keep getting a NET::ERR_CERT_AUTHORITY_INVALID error message.
It can certainly be very frustrating, especially if you’ve spent the time to move your website from HTTP to HTTPS.
What causes this error? It varies, but there are two basic types of problems, issues with your own browser or Internet connection and issues with your website and its SSL certificate.
In this post, we’ll examine this error and look at the different ways it occurs in separate browsers like Google Chrome, Firefox and Safari.
Then, we’ll walk you through solving the issue by going through over a dozen different solutions.
Thankfully, the NET::ERR_CERT_AUTHORITY_INVALID error isn’t too difficult to fix, although tracking down the exact source of the problem may require running a few different tests.
- What Is the NET::ERR_CERT_AUTHORITY_INVALID Error?
- What Different Browsers Display
- What Causes the NET::ERR_CERT_AUTHORITY_INVALID Error?
- Fixing the NET::ERR_CERT_AUTHORITY_INVALID Error
What Is the NET::ERR_CERT_AUTHORITY_INVALID Error?
SSL is an absolute must for any website. That’s especially true for any website that handles sensitive data like credit cards or banking information.
If the browser perceives the certificate as having a problem, it will usually refuse to load the page and display an error message.
This message is the NET::ERR_CERT_AUTHORITY_INVALID error.
The error can be caused by an issue with your network, device or browser that stops the SSL certificate being properly read.
It can also be caused by an invalid certificate on the website’s end.
We’ll show you some troubleshooting steps for both. That way, we can help solve the issue whether you’re just browsing or if you’re managing your own website.
Depending on which browser you use, the error message displayed will be slightly different.
These are all essentially the same error, explained in slightly different terms.
Hello! My name is Sujay and I’m CEO of Astra.
We’re on a mission to help small businesses grow online with affordable software products and the education you need to succeed.
In Chrome, you’ll see a message that looks like this:
Your connection is not private. Attackers might be trying to steal your information from yoursite.com (for example, passwords, messages, or credit cards).
Then, below that, you’ll see the actual error message:
Firefox will usually tell you that your connection is not safe and that you should go back to the previous page.
In Safari, you will get a message which says that someone is trying to impersonate the site. The NET::ERR_CERT_AUTHORITY_INVALID error message will also likely be displayed at the bottom of the page.
Opera’s error message will usually be something like this:
Opera cannot verify the identity of the server “yoursite.com”, due to a certificate problem. The server could be trying to trick you. Would you like to continue to the server?
Other variations of the error message include the following. They all basically mean the same thing:
- NET ERR_CERT_AUTHORITY_INVALID
- NET ERR CERT AUTHORITY INVALID
As a final disclaimer, don’t be too quick to brush off this error, especially if you are visiting an external website that you are not in control of.
This message sometimes appears because the site has been compromised by hackers. If you enter any personal information (like account names, passwords, or bank credentials) you are at serious risk of identity theft.
If you see a NET::ERR_CERT_AUTHORITY_INVALID message and need to access this particular site, get in touch with the webmasters before entering any personal information. They might not even know about it.
Now that we have a firm grasp of what this error looks like, let’s talk about what causes it.
As we mentioned a minute ago, there are a number of reasons why this error occurs. They can be categorized into two broad categories:
- Issues with your personal computer or network
- Issues with your website/SSL certificate
Errors in the first section are caused by issues with your computer and/or internet connection, while errors in the second section are with the SSL certificate on the website itself.
If the issue is with your personal browser or connection, you can fix it by changing some settings or trying a different computer.
If you run your own website and the issue is with your SSL certificate, you’ll need to reinstall the certificate or correct any errors with the current one.
While you may have a certificate installed correctly, if it can’t be accessed by a browser, it is functionally useless.
Here are some fixes we know to work with this particular error. We’ll begin with those most relevant for general web browsing.
If you own the website causing the error, your fixes come afterwards.
Issues With Your Personal Browser or Connection
The first category of issue is with your own individual computer, connection, or browser. These are normally easier to fix, as they only require changing some aspect of your own device.
It seems simple, but oftentimes a simple reload will fix a problem. If you haven’t reloaded the page, try that now.
You can also try closing the browser and re-opening it, then reloading the page.
Sometimes, public networks (e.g. WiFi at a coffee shop or library) have certain restrictions that prevent web pages from being loaded correctly. This can also cause the NET:ERR_CERT_AUTHORITY_INVALID error to appear.
If you are on a public network and receive the error message, try to connect to a private network and see if the issue remains. If you don’t have immediate access to a private network (for example, if you are working at a cafe far from home), try using the personal hotspot feature on your smartphone.
If you have a VPN installed, you could also try that. Connect to your VPN and retry the website. A VPN is a secure network that uses different security rules to public WiFi and may allow the website to load properly.
If the date or time is incorrect on your device, it can often be flagged by the browser. The browser can interpret this incorrect data as indicating that the SSL certificate has expired.
Some browsers also flag any incorrect time/date data as being indicative of some other security issue and will then give a security warning in response.
To avoid this sort of issue, make sure the time and date are set automatically.
To fix your date/time on a Mac computer, go to System Preferences > Date & Time.
To fix it on a Windows computer, go to Settings > Select Time and Language.
If you’re using an old or outdated version of Chrome, Firefox, Safari, or other browser, you may run into errors.
As browsers are updated, security holes are closed, bugs are found and fixed, and other issues addressed. As such, if you use an older version of the browser, there may be a connection issue as a result.
5. The Operating System Is Outdated
If you are using an old or very outdated operating system on your computer, it’s likely that your system will have issues with newer websites and browsers.
Do you have a different computer available? What about a smartphone? Try visiting the site from these devices to see if the same issue persists.
If other devices have the same issue, it’s likely that the problem is with the website. If only you have the issue, it’s probably caused by your browser, device, or connection.
Incognito or private mode is a quick way to see if your browser has cache or cookie issues.
- Google Chrome: Open an incognito window by going to File > New Incognito Window.
- Firefox. Go to File > New Private Window to open an incognito window.
- Safari. To open an incognito window, go to File > New Private Window.
- Opera. Go to File > New Private Window.
- You can also use the keyboard shortcut Ctrl+Shift+N for Windows or ⌘+Shift+N for Mac.
After opening a new private tab, navigate to the site. You’ll see what a “totally new” visitor will see.
Your browser cache or cookies may be loading an old version of the page. To prevent this from happening, you can reset your cache and cookies.
- Google Chrome: In the top left corner, click on the Chrome menu item. Then, click Clear Browsing Data. A new tab will open. Making sure that Cookies and Cached images and files are selected, press the Clear Data button.
- Firefox. Open the Preferences section from the menu, click on Privacy and Security, and then scroll down to Cookies and Site Data. Click the Clear Data button.
- Safari. Open the Preferences section from the menu. Then, click on the Privacy tab and the Manage Website Data button. Finally, click the Reset All button.
- Opera. Press Ctrl+Shift+Del ( [shift] + [cmd] + [del] on Mac) to open your Clear browsing data options. Make sure Cookies and site data is selected, as well as Cached images and files. Finally, press the Clear data button.
Now try visiting the website. Is the error message still appearing?
Sometimes, the problem is just with your network. To find out if that’s the case, try connecting to a different network. If you don’t have more than one network at your home or office, try a public place, like a library, coffee shop, or train station. Most of these establishments will have free WiFi.
If you’re using your computer, try using your phone. Connect using 4G/5G and see if you can see the website or not.
Once you connect to a different network, try visiting your site. Is the error still there?
If you are using browser extensions (especially in Chrome or Firefox), it’s possible for them to cause issues with the browser.
This is more common with extensions that aren’t made by larger companies or well-known software developers.
Try disabling all of your extensions.
In Chrome, you can do this by going to Window > Extensions and making sure every extension is gray, not blue.
In Firefox, click the menu button, then click Add-ons and Themes. Select Extensions, and click the blue toggle next to all of them.
Then, visit your site. Does the error go away?
We generally don’t recommend disabling your firewall or antivirus software because it can open up your network to risk. However, firewalls can be a source of connectivity issues.
In Windows, click the Start menu, find the search box, and type in “Windows Firewall”. Pick the option when it appears.
Then, in the sidebar on the left, click on Turn Windows Firewall On or Off.
Finally, under the heading Home or Work Network Location Settings, click Turn Off Windows Firewall.
In Mac OSX, the exact location depends on the OSX version you are using. Nonetheless, these instructions should be mostly accurate, no matter what version you’re on.
Go to System Preferences and find the Security icon. Then, click on the Firewall tab. Unlock the page by clicking the lock icon in the bottom left and entering your password. Finally, click Turn Off Firewall.
After disabling your firewall or antivirus software, visit the website. Still getting the error message, or not?
Don’t forget to turn the firewall back on when you’re finished!
A virtual private network (VPN) allows you to connect to a website from another server, typically from a different part of the world.
VPNs can cause connectivity issues, especially if you are connecting from a far away country or from a place that has restrictions on internet use. They can also be part of the solution.
If you’re using a VPN, turn it off and try to access your site again. Is the error message still displayed?
Alternatively, the issue may be with your own regional internet and using a VPN can be a way to test the site from another location.
If you have a VPN, try connecting from a country that is far away from yours but has unrestricted Internet.
For example, if you are located in New York City, try to connect from Tokyo.
Issues With Your Website/SSL Certificate
Do you own the website that’s presenting the error? The problem could be with your website and/or the SSL certificate itself.
Let’s run through some potential solutions.
Before trying other options, it helps to first run a test on your SSL certificate. There are many free tools that can do this for you.
If the test is successful, you’ll get a result like this:
If the test is unsuccessful, you will get a number of different messages. You can scroll down to see them, but in essence, they say that…
- A certificate was found but it doesn’t match the domain name
- The website doesn’t use SSL but shares an IP address with another website that does
- The domain uses a CDN that interferes with the SSL certificate
In other words, there is a mismatch between the domain and the SSL certificate. You may also just get an “invalid certificate” error.
If you get an unsuccessful result, try to reinstall the SSL certificate.
As each web host has different ways of doing this, we suggest checking with your host for specifics.
If you are using a self-signed certificate, you will almost certainly get an error as all browsers will consider them invalid.
Most hosts make it easy to get a SSL certificate when you purchase a domain or a hosting package.
You can also use Let’s Encrypt to get one for free, although setting it up and renewing it does require some work.
It’s also not a bad idea to pay for a premium SSL certificate. They don’t need to be renewed as often and offer extra protection.
If you aren’t technically-inclined and plan on handling sensitive information (e.g. credit cards or personal data) it is probably a good idea to just pay for a premium SSL certificate.
As mentioned above, some free SSL certificates need to be manually renewed every so often. Usually, this is every 90 days. This is to ensure that you still have active control over the domain.
Let’s Encrypt should send you emails to warn you about an expiring certificate. If you are comfortable with the command line, you can manually renew it yourself. However, many hosts like SiteGround will automatically renew the certificate for you.
The NET::ERR_CERT_AUTHORITY_INVALID error message can seem like a confusing, difficult problem to have to fix. It isn’t really.
It could simply be a configuration issue with your computer or the public WiFi network you’re using.
If you own the website in question, it could also be the SSL certificate you’re using. While setting up a SSL certificate is usually an easy process, there can sometimes be technical problems. Thankfully, finding a solution isn’t as difficult as it seems.
In this post, we walked you through over a dozen different possible solutions to solving the NET::ERR_CERT_AUTHORITY_INVALID error. We’re sure one of them will work!
Have you seen this error yourself? What solution worked for you? Share it in the comments to help out other readers!