WeWP
ComparePricingFeaturesContact UsLoginTry For Free
  • Knowledge Base
  • How to Fix "Not Secure" or "Not Private" Connection Errors
  • How to Add Cron Jobs
  • Connect to Your Server via SSH on Windows
  • Keeping Servers and Sites Secure
  • Troubleshooting Cloudflare Issues
  • Install WordPress Themes and Plugins with Composer
  • How To Fix Mixed Content Issue For WordPress
  • What Is a DDoS Attack and How to Prevent It?
  • How to Enable WordPress Debug Mode
  • How to Fix the “MySQL server has gone away” Error
  • How to Configure WP Mail SMTP Plugin to Send Emails
  • How To Fix the “HSTS Missing From HTTPS Server” Error
  • How to Check Your Domain's Expiration Date
  • How to Use and Serve WebP Images in WordPress
  • Email security best practices for using SPF, DKIM, and DMARC
  • What is a LEMP (Linux, Nginx, MySql, PHP) Stack?
  • Deploying Web Applications with NGINX HTTP Server
  • How to Configure WP Rocket Plugin for WordPress
  • How to Check SPF and DKIM Records with WeWP
  • Understanding FTP vs SFTP: Which Should You Use for Secure File Transfers?
  • What is a DMARC record and How to Set it Up?
  • How to Set Up Cloudflare’s Free CDN for WordPress
  • How to check your Ubuntu version (Using the command line and GUI)
  • How to Download Backups from WeWP panel
  • How to Change the PHP Version of Your Hosting Plan
  • Troubleshooting Cloudflare Universal SSL
  • How to Fix “Your Domain Is Not Pointing” Error
  • SSH vs SSL: What’s the Difference?
  • WordPress Search and Replace
  • How to Force HTTPS on WordPress Websites
  • How to Fix a Failed Lifetime SSL Installation
  • How to Redirect HTTP to HTTPS
  • How to Monitor System Processes Using htop Command
  • Varnish vs Nginx FastCGI Cache: Which is Best for WordPress?
  • What Is the Database information_schema on phpMyAdmin?
  • How to Disable WP-Cron for Faster Performance
  • How to fix the ERR_SSL_PROTOCOL_ERROR
  • How to fix the NET::ERR_CERT_AUTHORITY_INVALID error
  • How to Add Expires Headers in WordPress
  • How to fix the “There has been a critical error on your website” error
  • How to Fix ERR_QUIC_PROTOCOL_ERROR in Chrome Browser
  • What Is Localhost? And How Does It Apply to WordPress?
  • How to Fix a Mixed Content Warning on Your Website
  • How to Fix the "Connection Timed Out" Error in WordPress
Powered by GitBook
On this page
  • What is NET::ERR_CERT_AUTHORITY_INVALID error?
  • What are the NET::ERR_CERT_AUTHORITY_INVALID error variations?
  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge
  • Safari
  • Fixing the Error: 9 Methods
  • 1. Run an SSL Server Test
  • 2. Get a Certificate from a Valid Authority
  • 3. Renew Your SSL Certificate
  • 4. Reload the Page or Use Incognito Mode
  • 5. Clear Your Browser’s Cache and Cookies
  • 6. Sync Your Computer’s Clock
  • 7. Try Using a Different Network
  • 8. Disable Your VPN or Antivirus Software
  • 9. Wipe Your Computer’s SSL State
  • Conclusion:

Was this helpful?

How to fix the NET::ERR_CERT_AUTHORITY_INVALID error

What is NET::ERR_CERT_AUTHORITY_INVALID error?

As the name of the error implies, this problem pops up when your browser can’t verify the validity of your website’s SSL certificate. If you haven’t set up a certificate or are using HTTP for your website, which isn’t recommended, you shouldn’t run into this error.

Generally speaking, there are three primary causes for the invalid certificate authority error. Let’s break down each one in turn:

You’re using a self-signed SSL certificate — Using a self-signed certificate can save you money, but since browsers can’t verify its validity, your visitors may run into the error in question. Browser warnings can scare a lot of users away, so we recommend against this approach.

Your certificate has expired — SSL certificates expire as a security precaution. How long your certificate lasts can vary, but at some point, you need to renew it or automate the renewal process (some authorities and web hosts enable you to do this easily).

The certificate comes from a non-trusted source — Just as with self-signed certificates, if browsers can’t verify the authority that generated your certificate, you’ll see an error.

Remember that every time a user visits a website with an SSL certificate, their browser needs to validate and decrypt it. If there are any errors during that process, they’ll see a warning.

In a lot of cases, browsers actively prevent users from accessing the website in order to protect them. This often comes in the form of the “Your Connection is Not Private” error. As you might imagine, that’s a huge problem if it occurs on your own site.

Sometimes, you may run into the NET::ERR_CERT_AUTHORITY_INVALID error due to local configuration settings. Throughout the next sections, we’ll show you the many faces this error can take and then we’ll talk about how to troubleshoot it.

What are the NET::ERR_CERT_AUTHORITY_INVALID error variations?

The way an error appears can vary a bit, depending on what browser you’re using. Your operating system and your certificate’s configuration can also play a role in the different error messages that appear.

With that in mind, let’s take a look at the most common variations of the NET::ERR_CERT_AUTHORITY_INVALID error, browser by browser.

  • Your connection is not private

  • Warning: Potential Security Risk Ahead

  • Your connection isn’t private

  • This Connection Is Not Private

Google Chrome

When you run into this error in Chrome, the browser will tell you right away that your connection isn’t private. Since the browser doesn’t recognize your certificate’s validity, it can’t encrypt your data.

That means if you proceed, you do so at your own risk. Here’s what the error message looks like:

Attackers might be trying to steal your information from domain.com (for example, passwords, messages, or credit cards).

Common variations of this error in Chrome include the following codes:

  • NET::ERR_CERT_AUTHORITY_INVALID

  • NET::ERR_CERT_COMMON_NAME_INVALID (This occurs when the certificate does not match the domain)

  • NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM

  • NET::ERR_CERTIFICATE_TRANSPARENCY_REQUIRED

  • NET::ERR_CERT_DATE_INVALID

  • SSL CERTIFICATE ERROR

In every case, Chrome pinpoints the source of the error within the certificate. The browser lets you proceed to the website if you choose, but it warns you against doing so.

Mozilla Firefox

Firefox doesn’t waste any time in telling you that you may have run into a potential security risk. What’s more, this browser does a better job than Chrome when it comes to explaining the potential causes and telling you not to panic.

That variation of the error doesn’t include a specific code, though. In most cases, the screen includes one of the following codes as well:

  • SEC_ERROR_UNKNOWN_ISSUER

  • SSL_ERROR_RX_MALFORMED_HANDSHAKE

  • MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE

  • SEC_ERROR_REUSED_ISSUER_AND_SERIAL

If you see an error code like one of the above, make sure to copy it down somewhere. That is the browser’s way of telling you where things went wrong. In our experience, a simple search for a specific error code is often enough to help you find a quick solution.

Microsoft Edge

The Microsoft Edge error message you see below should look familiar. It’s almost identical to the message Chrome displays, right down to the included code:

The error can also come in different flavors, including the following:

  • DLG_FLAGS_SEC_CERTDATE_INVALID

  • DLG_FLAGS_INVALID_CA

  • DLG_FLAGS_SEC_CERT_CN_INVALID

  • NET::ERR_CERT_COMMON_NAME_INVALID

  • ERROR CODE: O

Just as with Chrome, these error messages give you some insight into what’s at the root of your NET::ERR_CERT_AUTHORITY_INVALID error.

Safari

If you’re a Safari user, you run into a variation of the ‘this connection is not private’ error, which lets you know there’s a problem with the website’s certificate and encryption. Here’s what the message says:

Fixing the Error: 9 Methods

1. Run an SSL Server Test

Use tools like Qualys SSL Labs SSL Test to check your SSL certificate’s installation and configuration. Enter your domain and submit it to see detailed results, including trustworthiness.

2. Get a Certificate from a Valid Authority

3. Renew Your SSL Certificate

Ensure your SSL certificate is up to date. Many hosting providers offer automated renewal. If you need to renew manually, use tools like Certbot for installation and renewal.

4. Reload the Page or Use Incognito Mode

Sometimes, simply reloading the page or using your browser’s incognito mode can bypass the error if it’s caused by cached data.

5. Clear Your Browser’s Cache and Cookies

Clear your browser’s cache and cookies to ensure you’re loading the most recent version of your site. Instructions for clearing cache vary by browser:

  • Google Chrome

6. Sync Your Computer’s Clock

Incorrect date and time settings can cause SSL errors. Sync your computer’s clock to the correct time.

  • Windows: Right-click the time in the system tray, select "Adjust date/time," and click "Sync now."

  • macOS: Go to System Preferences > Date & Time, and select "Set date & time automatically."

7. Try Using a Different Network

Public networks can cause SSL errors due to insecure routing. Try accessing your website from a different network or mobile data to see if the error persists.

8. Disable Your VPN or Antivirus Software

VPNs and antivirus software can sometimes trigger SSL errors. Temporarily disable these services to check if they are the cause. If so, consider updating or reconfiguring them.

9. Wipe Your Computer’s SSL State

Clear your computer’s SSL state to remove any cached certificates.

  • Windows: Go to Control Panel > Internet Options > Content tab, and click "Clear SSL state."

  • macOS: Open Keychain Access (Finder > Go > Utilities > Keychain Access), select Certificates, and delete any untrusted certificates.

Conclusion:

The NET::ERR_CERT_AUTHORITY_INVALID error, while potentially alarming, is a common issue that website owners can resolve with a few straightforward steps. By understanding the causes—whether it’s an expired certificate, a self-signed certificate, or a certificate from a non-trusted source—you can take targeted actions to fix the problem. Ensuring your SSL certificate is valid and from a recognized authority is crucial for maintaining user trust and securing your website. Regularly updating your SSL certificates, keeping your system’s time settings accurate, and performing routine checks on your SSL configuration will help prevent this error from occurring in the future. By following the methods outlined, you can quickly address the NET::ERR_CERT_AUTHORITY_INVALID error and provide a secure browsing experience for your visitors.

PreviousHow to fix the ERR_SSL_PROTOCOL_ERRORNextHow to Add Expires Headers in WordPress

Last updated 8 months ago

Was this helpful?

Avoid self-signed certificates. Use free options like or obtain certificates from recognized authorities. If using a hosting provider like Kinsta, take advantage of their free SSL certificates through Cloudflare.

Let’s Encrypt
Mozilla Firefox
Safari
Microsoft Edge