Protect Your Site, Build Trust
Discover practical solutions to fix all SSL and security errors quickly and keep your website safe and reliable.
Google reCAPTCHA used. Privacy Policy and Terms of Service apply
Every internet user encounters the NET::ERR_CERT_AUTHORITY_INVALID error once in a while. It’s not an error you can easily miss since it comes with huge alert signs and warning messages in most browsers.
Understandably, many visitors get anxious when it pops up. But you don’t have to worry. Usually, the causes are quite trivial, and you can easily fix the error with a bit of patience.
After reading this guide, you’ll know what the error means, what causes it, and how to fix it as a website owner or visitor.
Protect Your Site, Build Trust
Discover practical solutions to fix all SSL and security errors quickly and keep your website safe and reliable.
Google reCAPTCHA used. Privacy Policy and Terms of Service apply
Hence, it tries to protect you from visiting an unsecured and unencrypted website which hackers may exploit to steal your information.
NET::ERR_CERT_AUTHORITY_INVALID is one of the several errors related to SSL certificates. You can find more information about them in this tutorial about what is an SSL certificate and how to fix SSL errors.
Nowadays, SSL encryption is a must-have for every website. It encrypts the connection between a website and its visitors. As a result, a third party can’t intercept the exchanged information.
The encryption is facilitated by an SSL certificate installed on the website server. When a visitor opens a website, the following sequence ensues:
However, if the browser detects a problem with the certificate or doesn’t trust it, it displays the NET::ERR_CERT_AUTHORITY_INVALID error message.
While at first glance, it seems like you landed on a dangerous website or you are under a hacker attack, that’s rarely the case. When there is a problem with the SSL certificate or your local device, this error can appear on any legitimate website, including yours.
Although the error is usually represented by the code NET::ERR_CERT_AUTHORITY_INVALID, other error codes indicate the same problem. They include:
The error page appears differently depending on the browser you are using. It will have a varying design, message, and even error code. We will look below at the most popular browsers.
On Google Chrome, NET::ERR_CERT_AUTHORITY_INVALID comes with a plain error page. You will see a red warning sign, “Your connection is not private,” and the NET::ERR_CERT_AUTHORITY_INVALID code below.
Clicking on the Advanced button reveals more information about the potential risk. The browser informs you the certificate is not trusted but doesn’t give instructions on fixing the problem.
Mozilla Firefox displays a yellow warning sign accompanied by the message “Warning: Potential Security Risk Ahead.” It informs you that there are issues with the site’s certificate chain, but “NET::ERR_CERT_AUTHORITY_INVALID” is nowhere to be seen.
Clicking the Advanced button expands the message, giving hints of what might be wrong. You can also see the error code, which in Firefox is usually SEC_ERROR_UNKNOWN_ISSUER.
Although the code might be different, it points out exactly the same issue as NET::ERR_CERT_AUTHORITY_INVALID.
Safari acknowledges the problem with the message “This Connection Is Not Private.” It warns you that the certificate is invalid and that someone might try to steal your information.
Microsoft Edge displays an error page similar to Chrome. It shows almost an identical warning sign and initial message. When you click Advanced, the browser explains what might have gone wrong and how it protects you by stopping the connection.
The NET::ERR_CERT_AUTHORITY_INVALID error could originate from the website’s SSL certificate or the visitor’s local computer or network. Local problems affect only individual users, and there is actually no problem with the website itself. In contrast, problems with the website’s certificate affect all visitors.
The primary cause of the NET::ERR_CERT_AUTHORITY_INVALID error is problems with the website’s certificate. The most common cases are:
Apart from certificate problems, local issues on a visitor’s device could also trigger a NET::ERR_CERT_AUTHORITY_INVALID error. The problems that could lead to the error are:
Before taking any corrective actions, you could check the website’s SSL status. If you are the website owner, that could save you a lot of time and help you focus on the exact solution to get back on track.
You can examine the details of the website’s certificate directly from your browser. For instance, when you get the error on Google Chrome, click on the red warning Not Secure in the address bar. In the menu that will pop up, select Certificate is not valid.
In the General tab, you can see the general information about the certificate’s owner, issuer, and encryption. The Details tab displays a breakdown of all certificate’s parameters.
Many online SSL checkers can inspect your certificate and provide more comprehensive information. They can be quite handy in pinpointing the exact issue.
Such a tool is the SSL checker from SSL Shopper. After typing your website’s address, press the Check SSL button. The checker will present a full report of the certificate. If everything is marked in green, your SSL is set correctly. Pay attention to red or yellow warning signs as they point out problems with the SSL certificate.
Using the report’s information, you can focus on the particular issue with your certificate and take the appropriate action.
If your website suffers the error and you’ve already determined it stems from the SSL certificate, a few actions can fix the problem – you’ll have to reinstall, renew or replace the certificate.
Below, you’ll find the detailed steps.
If you’ve forced your website to load with HTTPS but haven’t installed an SSL, the usual result is the NET::ERR_CERT_AUTHORITY_INVALID error.
Alternatively, you may have a working certificate, but if browsers don’t trust it, visitors will still see the error. That happens in the following cases:
The solution, in either case, is to install a new certificate from a well-known authority. SiteGround users can take advantage of the Let’s Encrypt SSL Installer, which lets them add a free SSL certificate with a few clicks. Let’s Encrypt is universally recognized and trusted by all major browsers and operating systems.
For more information, read this tutorial on how to add an SSL to your website.
If you prefer to install your own SSL certificate purchased from a third-party vendor, read this guide on how to install a third-party SSL.
Your SSL might appear as valid when you look it up in your hosting panel, yet the website could still produce the NET::ERR_CERT_AUTHORITY_INVALID error. The certificate’s chain of trust may be broken, or one of the certificate’s keys might not be inserted correctly.
Another common case is installing an SSL certificate before your domain DNS is fully propagated. The website opens with the naked yourdomain.com name, but the address www.yourdomain.com produces the error.
That’s because the DNS record for yourdomain.com propagated to the Certificate Authority servers, and they could validate the name with the issued certificate. However, the DNS record for www.yourdomain.com had not propagated before the SSL was issued, and your website’s certificate doesn’t cover it.
Regardless of the particular reason, reinstalling the SSL should fix the problem.
The SSL certificates have an expiration date as they are issued for a limited time frame. Once the SSL expires, it should be renewed or replaced with a new certificate. Otherwise, it becomes invalid, and your website produces the NET::ERR_CERT_AUTHORITY_INVALID error.
For example, Let’s Encrypt certificates expire every 90 days. SiteGround users don’t have to keep track of the expiration date since all Let’s Encrypt certificates installed with the SSL installer are automatically renewed.
If your hosting doesn’t provide an SSL auto-renewal system or, for some reason, your SSL hasn’t been renewed, renew your certificate from your hosting panel.
If you’ve established that the error doesn’t affect other visitors, you can conclude that it is a local issue on your end. Thus, you can take a few actions to fix the problem as a visitor.
There might have been a temporary connectivity issue causing the error on your end. Try reloading the page to see if the problem persists.
In case the error is gone, you can safely assume it was a momentary issue.
Browsers store cached content and cookies to speed up web browsing. Although extremely useful, cache and cookies may become corrupted or keep expired information which could lead to the “NET::ERR_CERT_AUTHORITY_INVALID” error.
Clear your browser’s cached files and cookies and reload the page. If the page resolves properly now, you can conclude the issue was invalid browsing data for the website.
Read the following guides to find the exact process of clearing your browsing data depending on your device or browser.
The error could appear when connected to a public network like in a library, airport, or cafe. You may see the error visiting some websites on this type of network since it is often unprotected and doesn’t transmit the data securely.
Office networks are also prone to the NET::ERR_CERT_AUTHORITY_INVALID error. In many cases, they restrict access to websites deemed unrelated to work. The error could manifest when you visit such a website.
Test visiting the website from your home or mobile network. If you are now able to get in, you can safely assume that the previous network caused the error.
The error NET::ERR_CERT_AUTHORITY_INVALID may appear on outdated browsers that don’t trust the SSL certificate of a website. The latest browser version should contain an up-to-date SSL certificate list. Thus, updating your browser could fix the error.
If you use Google Chrome, click on the kebab menu in the top right corner and select Settings.
On the next page, choose About Chrome, where you can see the current version of your browser. You will see either Chrome is up to date or Update Google Chrome. If an update is available, install it and check if the error is gone.
To check your Mozilla Firefox version, open the hamburger menu on the top right and choose Settings.
On the next page, select General, and scroll down to the section Firefox Updates. Press the Check for updates button to run a new check on your browser. You will see Firefox is up to date or an available update.
An older version of your Operating System (OS) could also cause the NET::ERR_CERT_AUTHORITY_INVALID error. The website’s SSL certificate might be updated, and the OS no longer trusts the certificate.
Thus, you’ll have to update your OS to the latest version to renew its list of trusted certificates.
You can follow the steps below to update your operating system if you get NET::ERR_CERT_AUTHORITY_INVALID on your Mac.
Open the Apple menu in the top left corner. From the drop-down menu, select About This Mac, which will open a new window.
Choose Software Update from the Overview tab. Another window will appear, where you can see the Software Updates. Press the Upgrade Now button if there is an available macOS update.
If you are a Windows user, use the following steps to check or update your operating system.
Open Settings from the Windows menu in the lower left corner. On the new pop-up window, select Update & Security, where you can see the current Windows version.
On the next screen, you will see the message “You’re up to date” if you use the latest version or an available update. You can do a manual check by pressing the Check for updates button. If there is a later version, update your Windows and test if the NET::ERR_CERT_AUTHORITY_INVALID error is gone.
Your operating system’s clock defines the time settings of your applications. If the clock is set incorrectly, your browser may perceive a valid SSL certificate as expired and produce the NET::ERR_CERT_AUTHORITY_INVALID error.
Therefore, adjusting the correct time in your OS could be an easy fix.
To check your macOS time, open System Preferences from the Dock and select Date & Time.
Open the Date & Time tab and check the box for Set date and time automatically.
Follow this by opening the Time Zone tab and selecting the correct time zone for your location. Then, check the box for Set time zone automatically using current location. This lets your Mac determine the correct zone based on your geographic location. Keep in mind that in order to use this feature, you must have Location Services enabled.
To check your Windows clock, open the Windows menu and select Settings. In the following pop-up window, open Time & Language.
You will open the Date & Time section, where you can adjust the time. Enable both options Set time automatically and Set time zone automatically to make Windows set the correct time for your location. Make sure that Location is turned on, so Windows can determine your location.
You can also press Sync now to force a new synchronization manually.
Browser extensions are applications adding extra features to your browser. Undoubtedly, they are handy tools, but in rare cases, they can block the connection to some websites. These problems could lead to the NET::ERR_CERT_AUTHORITY_INVALID error. Try disabling your extensions to determine if one of them is the culprit.
Let’s take Google Chrome, for example. Open the kebab menu in the top right corner and select More Tools > Extensions.
Here, you can see all installed extensions. Each extension has an ON/OFF switch. Test disabling them one by one and opening the website. If an extension is causing the problem, you can open the website when deactivated.
Once you find the culprit, consider replacing it with an alternative or report the problem to its developers.
A virtual private network (VPN) lets you change the geographic location of your computer and adds extra security layers for filtering traffic. However, these features could sometimes clash with a website’s SSL certificate and trigger the NET::ERR_CERT_AUTHORITY_INVALID error.
If you use a VPN service, disable it and test loading the problematic website again. Given that the error is gone, you can conclude that the VPN is somehow causing a conflict. Keep the VPN disabled when visiting certain websites, contact the VPN support team, or look for an alternative service.
Antivirus programs are crucial to your online security, protecting you from various threats. But sometimes, they could flag harmless websites as dangerous and block the connection.
When it happens, you are very likely to see the NET::ERR_CERT_AUTHORITY_INVALID error. Disable your antivirus or firewall software and check if you can access the website.
It is a clear indication that it is causing the issue if you are now able to get in. You may need to whitelist the website’s address, contact the antivirus support team or look for alternative software.
Although the entire SSL verification takes milliseconds, computers reduce the time further by keeping cached certificates of the websites you previously visited. However, if a website has renewed or replaced its certificate and your device keeps an outdated version, you will see the NET::ERR_CERT_AUTHORITY_INVALID error.
Therefore, you must delete the cached certificate so your computer can save an up-to-date version. Afterward, test opening the website again to check if the error persists.
Your Mac stores the SSL certificates in the Keychain Access tool. You can open it from Finder > Go > Utilities > Keychain Access.
In the next window, you can see the stored certificates from the Certificates tab. Any untrusted or problematic certificate is marked with a red cross when selected. The certificate of the website you have trouble accessing might be one of them. Right-click on it and select Delete to remove the certificate.
Your computer should save the correct version the next time you visit the website.
Windows users must clear the SSL state from the Control Panel. Start by clicking on the Windows menu in the lower left corner and type in the search bar “control panel.” Click on the Control Panel icon that will appear as the first result.
In the Control Panel menu, click on the Network and Internet icon.
Next, choose Internet Options, which will open a new pop-up screen.
Here, open the Content tab and press the button Clear SSL state. Your computer will wipe the data of all saved SSL certificates.
The NET::ERR_CERT_AUTHORITY_INVALID error can easily throw you off if you are unfamiliar with it. Browsers display huge warning signs and intimidating messages that suggest a serious threat.
However, in reality, there is no immediate danger, and the error is caused by local device issues or misconfigured certificates that you can quickly fix. This article helped you understand the nature of the problem, what causes it, and how to fix it. So next time you encounter it, you will confidently approach it, knowing how to deal with it.
Tackle all SSL errors like an expert! Download our free “How to Fix the Most Common SSL and Security Errors” ebook!