How to Fix the NET::ERR_CERT_DATE_INVALID Error

  • May 24, 2024

Encountering the NET::ERR_CERT_DATE_INVALID error can be frustrating, but it’s important to address it promptly to ensure your website remains secure and trustworthy. This error typically indicates an issue with your website’s SSL/TLS certificate, which is essential for encrypting data and ensuring a secure connection between your website and its visitors. When this error occurs, users might be deterred from visiting your site, potentially harming your reputation and causing a loss of traffic.

Understanding and resolving this error is important — not just for the security of your website but also for maintaining the confidence of your users.

In this post, we’ll explain the different types of this error across various browsers and provide step-by-step solutions to fix it. Whether you’re a seasoned website owner or new to managing a site, these tips will help you troubleshoot and resolve the NET::ERR_CERT_DATE_INVALID error.

Contents:

What is the NET::ERR_CERT_DATE_INVALID error?

The NET::ERR_CERT_DATE_INVALID error is a common SSL/TLS certificate error that occurs when your browser cannot verify the security certificate of the website you are trying to visit. This error typically indicates that the SSL/TLS certificate is either expired, not yet valid, or its validity period does not match the current date and time settings on your device.

SSL/TLS certificates are essential for establishing a secure connection between a web server and a browser. They encrypt data exchanged between the user and the website, ensuring privacy and security. When there is an issue with the certificate, browsers like Chrome, Firefox, Edge, and Safari will display the NET::ERR_CERT_DATE_INVALID error to warn users that their connection might not be secure.

Example of an NET::ERR_CERT_DATE_INVALID error. 
Example of an NET::ERR_CERT_DATE_INVALID error.

Common Causes of the NET::ERR_CERT_DATE_INVALID Error

This error can arise from various causes, such as an expired certificate, incorrect system date and time, misconfigured server settings, or problems with intermediate certificates.

Expired SSL/TLS certificate

SSL/TLS certificates have a validity period and must be renewed regularly. When a certificate expires, the browser can no longer verify that your website is secure, leading to the NET::ERR_CERT_DATE_INVALID error. It’s essential to monitor your certificate’s expiration date and renew it before it lapses to avoid this issue.

Incorrect system date and time

Your browser relies on your computer’s clock to verify SSL/TLS certificates. If your system’s date and time are incorrect, it can cause your browser to think the certificate is invalid, even if it’s not. Ensuring your computer’s date and time are accurate can prevent this error.

Misconfigured server settings

Sometimes, server settings can be misconfigured, leading to SSL/TLS certificate errors. This can include incorrect domain names, missing intermediate certificates, or outdated server software. Regularly checking and updating your server settings can help prevent these configuration issues.

Intermediate certificate issues

SSL/TLS certificates often rely on intermediate certificates to establish a chain of trust from the certificate authority to your website. If these intermediate certificates are missing or incorrectly installed, your browser might not trust your SSL certificate, resulting in the NET::ERR_CERT_DATE_INVALID error. Ensuring all necessary intermediate certificates are properly installed on your server can resolve this issue.

How to fix the NET::ERR_CERT_DATE_INVALID error

Now, let’s get to work on fixing this error. Here are eleven steps you can try:

1. Click the Advanced button on the error page

The first troubleshooting step you should take is to click on the Advanced button of the error page.

Clicking the Advanced button to find more information

Details found here will help you obtain certificate information and expiration dates, along with other important details:

Advanced details for SSL certificate error

2. Determine whether the certificate has expired

90% of the time, this error is related to a certificate that has failed to renew. SSL/TLS certs have a set validity period. If a certificate expires, it needs to be renewed to maintain a secure connection.

Check your website’s certificate expiration date to see if this is the cause of the error. In modern browsers like Chrome and Firefox, you can do this by clicking the padlock icon in the address bar and viewing the certificate details.

If your certificate has expired, you’ll need to renew it. Most hosting providers offer an easy renewal process through their control panel. Once renewed, the NET::ERR_CERT_DATE_INVALID error should be resolved.

3. Reload the page

Sometimes, simply refreshing the page can resolve the NET::ERR_CERT_DATE_INVALID error. Websites can temporarily lose connection to their SSL/TLS certificates, or there might be a momentary glitch in the browser’s SSL verification process. By reloading the page, you give your browser a chance to reestablish a connection and recheck the certificate.

If reloading the page doesn’t work, try closing and reopening your browser. This can clear out any temporary issues that might be causing the error. If the problem persists, proceed with the next steps to ensure it’s not a more significant issue.

4. Avoid public wifi

Public wifi networks are convenient but can be insecure. These networks often lack proper encryption, making it easier for malicious actors to intercept your data. When using public wifi, your connection might not be private, leading to SSL/TLS certificate errors like NET::ERR_CERT_DATE_INVALID.

To avoid this, try switching to a secure network, such as your home wifi. If you must use public wifi, consider using a Virtual Private Network (VPN) to encrypt your connection. If the error disappears on a secure network, it confirms that the public wifi was the issue.

5. Check your date and time

Your computer’s date and time settings are crucial for SSL/TLS verification. If your system clock is incorrect, your browser might think the SSL certificate is expired or not yet valid, triggering the NET::ERR_CERT_DATE_INVALID error. This can happen if your computer hasn’t synchronized its clock correctly or if you’ve recently traveled across time zones.

To fix this, ensure your date and time settings are accurate. On Windows, go to Settings > Time & Language. On macOS, go to System Preferences > Date & Time. Enable the automatic time setting to keep your clock synchronized with internet time servers.

After correcting your date and time, reopen your browser and try accessing the website again.

6. Clear your cache and cookies

Browser cache and cookies store website data to improve loading times and user experience. However, outdated or corrupted cache and cookies can cause SSL/TLS certificate errors. Clearing your browser’s cache and cookies can resolve these conflicts and fix the NET::ERR_CERT_DATE_INVALID error.

To clear your cache and cookies, go to your browser’s settings. In Chrome, navigate to Settings > Privacy and security > Clear browsing data. Select the options for cache and cookies and confirm the action.

Clear browsing data in Chrome.
Clear browsing data in Chrome.

After clearing your cache and cookies, restart your browser and try accessing the website again.

7. Clear your SSL cache

Your computer’s SSL cache stores information about previously visited websites with SSL/TLS certificates. If an SSL certificate is updated, the outdated information in the SSL cache can cause errors like NET::ERR_CERT_DATE_INVALID. Clearing the SSL cache can help your browser recognize the updated certificate.

On Windows, navigate to Control Panel > Network and Internet > Internet Options. Under the Content tab, click the Clear SSL state button. On macOS, go to Finder > Go > Utilities > Keychain Access. Locate and delete any untrusted certificates.

After clearing the SSL cache, restart your browser and check if the error is resolved.

8. Disable your antivirus software

Antivirus software is essential for protecting your computer from malware, but sometimes it can interfere with SSL/TLS certificate verification. Certain settings or features, like HTTPS scanning, might trigger the NET::ERR_CERT_DATE_INVALID error. To test if this is the case, temporarily disable your antivirus software and try accessing the website again.

If disabling the antivirus resolves the error, you might need to adjust its settings. Look for options related to HTTPS scanning or SSL/TLS verification and disable them. Ensure your antivirus software is up to date, as newer versions might have fixed these issues. If problems persist, contact the software’s support team for further assistance.

9. Update your operating system and browser

Running outdated software can lead to various security issues, including SSL/TLS certificate errors. Older versions of operating systems and browsers might not support the latest SSL protocols or might have known vulnerabilities that interfere with secure connections. Keeping your software up to date ensures compatibility and security.

To update your operating system, use the built-in update tools (Windows Update on Windows, Software Update on macOS). Similarly, update your browser to the latest version through its settings or preferences menu. If your software is up to date and the error persists, consider uninstalling and reinstalling your browser to eliminate any residual issues.

10. Check your browser extensions

Browser extensions can enhance your browsing experience, but they can also cause conflicts with SSL/TLS certificates. Some extensions, particularly those related to security and privacy, might interfere with certificate verification, leading to the NET::ERR_CERT_DATE_INVALID error.

Disable all your extensions and try accessing the website. If the error disappears, re-enable the extensions one by one to identify the culprit. Once you find the problematic extension, you can either update it, adjust its settings, or remove it altogether. Keeping your extensions updated can prevent such conflicts in the future.

11. Change your Domain Name System (DNS) server

Your DNS server translates domain names into IP addresses, directing your browser to the correct website. Using a slow or unreliable DNS server can cause SSL/TLS certificate errors. Changing your DNS server to a more reliable one, like Google’s Public DNS or Cloudflare’s DNS, can improve connection reliability and security.

To change your DNS server on Windows:

  1. Go to Control Panel > Network and Internet > Network and Sharing Center > Change adapter settings.
  2. Right-click your connection and select Properties.
  3. Choose Internet Protocol Version 4 or 6, then click Properties.
  4. Enter 8.8.8.8 and 8.8.4.4 for Google’s DNS, or 1.1.1.1 and 1.0.0.1 for Cloudflare’s DNS.

To change your DNS server on macOS:

  1. Go to System Preferences > Network > Advanced > DNS.
  2. Enter 8.8.8.8 and 8.8.4.4 for Google’s DNS, or 1.1.1.1 and 1.0.0.1 for Cloudflare’s DNS.

Restart your browser to apply the changes.

Troubleshooting steps for website owners

If you’re encountering the NET::ERR_CERT_DATE_INVALID error on your website, there are several steps you can take to resolve it:

Contact your hosting provider

If your hosting provider installed your SSL certificate, reach out to their support team. They can verify if the certificate is correctly installed and if it has expired.

Hosting providers often handle SSL/TLS certificates for their clients, so they might be able to quickly renew or reinstall the certificate for you. This can save you time and ensure the certificate is configured correctly.

Reinstall the certificate (if you installed it yourself)

If you installed the SSL certificate yourself, there might have been an error during the installation process. Reinstalling the certificate can resolve any configuration issues. To do this, log in to your hosting control panel and follow the instructions for SSL certificate installation. Make sure to include all necessary intermediate certificates to complete the certificate chain. After reinstalling, test your website to ensure the error is resolved.

Ensure HTTPS is enabled and URLs are updated

For a secure connection, ensure that HTTPS is enabled on your WordPress site. Check your website’s settings and configuration files to confirm that all URLs use HTTPS instead of HTTP. If you’re using a plugin like Really Simple SSL, it can help automatically update your URLs to use HTTPS. Additionally, ensure that your WordPress settings (found in the General Settings) have the WordPress Address (URL) and Site Address (URL) set to HTTPS.

Updating your URLs ensures that all links and resources on your site are served securely. This helps prevent mixed content issues and ensures your visitors have a consistent, secure experience.

NET::ERR_CERT_DATE_INVALID and Let’s Encrypt

Let’s Encrypt provides free SSL/TLS certificates, but these certificates expire every 90 days. If you’re using these certificates, you’ll need to ensure timely renewal to prevent the NET::ERR_CERT_DATE_INVALID error.

Renew through your host

Many hosting providers offer Let’s Encrypt certificates as part of their services. Check with your hosting provider to see if they support automatic renewal of Let’s Encrypt certificates. If they do, ensure this feature is enabled. Automatic renewal can save you from having to manually renew the certificate every three months, reducing the risk of expiration-related errors.

Use Certbot for automatic renewals

If your hosting provider does not support automatic renewal, or if you prefer to handle it yourself, you can use Certbot. Certbot is a free, open-source tool that automates the process of obtaining and renewing Let’s Encrypt certificates.

To use Certbot, install it on your server and follow the instructions to set up automatic certificate renewal.

Here’s a basic outline of how to set up Certbot:

  1. Install Certbot: Depending on your server’s operating system, you can install Certbot using package managers like apt, yum, or brew. You can use the installation instructions for your system found at https://certbot.eff.org/instructions.
  2. Obtain a certificate: Use Certbot to request a certificate for your domain.
    bash:
sudo certbot --apache   # For Apache server

sudo certbot --nginx    # For Nginx server
  1. Set up automatic renewal: Certbot installs a cron job or systemd timer to handle automatic renewals. Ensure this is configured correctly:
sudo certbot renew --dry-run

Using Certbot ensures your Let’s Encrypt certificates are always up to date, reducing the risk of encountering the NET::ERR_CERT_DATE_INVALID error.

Regularly check your SSL/TLS certificates to ensure they are valid and correctly configured. Whether you rely on your hosting provider or use tools like Certbot, staying proactive about certificate management will help maintain your website’s security (and trustworthiness).

Rianna MacLeod is Sucuri’s Marketing Manager who joined the company in 2017. Her main responsibilities include ghost-writing technical content, SEO, email, and experimentation. Rianna’s professional experience spans over 10 years of technical writing and marketing. When Rianna isn’t writing words, you might encounter her hiking in the forest or at the beach. You can find her on Twitter and LinkedIn.

Related Tags
Related Categories
You May Also Like