How to Fix the NET ERR_CERT_AUTHORITY

HomepageSecurityHow do I fix the NET::ERR_CERT_AUTHORITY_INVALID error?

The NET::ERR_CERT_AUTHORITY_INVALID error is caused by an SSL certificate that is not verified by a certified authority (CA). This compromises the website’s service and the profit obtained from it.

On a user’s front, running into this error means that the website is unsafe to visit. This can negatively impact website traffic and search engine optimization (SEO) rankings of the website.

This blog will help you understand how to fix your connection that is not private or the NET::ERR_CERT_AUTHORITY_INVALID error.

What is the NET::ERR_CERT_AUTHORITY_INVALID error?

NET::ERR_CERT_AUTHORITY_INVALID is an error caused by not having an SSL certificate installed that is verified by a certified authority (CA). This compromises the website’s image, as Google does not consider it safe.

Common causes for this error to occur include the following:

Expired certificates: An SSL certificate from the website cannot establish a secure connection with the user’s browser and the website’s server over a computer network. Thus, it is counted as invalid by the user’s SSL certificate.
Self-signed certificates: The browser can only trust a website if it is verified by a third party, i.e., a certified authority (CA). The website’s owner often uses a self-signed SSL certificate to save money as it lacks a third-party paid verification.
Untrusted certificate authorities: The user’s browser has a list of trusted certified authorities (CA).

If a website’s SSL certificate does not fall under that list, it can lead to a NET::ERR_CERT_AUTHORITY_INVALID error.

Due to this error, a user’s browser may also restrict access to the website. This error is a ‘your connection is not private’ message, which is a warning message from your browser indicating that it cannot securely connect to the website you’re trying to visit. Both ‘your connection is not private’ and ‘NET::ERR_CERT_AUTHORITY_INVALID’ errors flag website security issues. ‘Your connection is not private’ is general, while the latter details a problem with the website’s certificate itself.

Why is it important to fix this error?

Facing a NET::ERR_CERT_AUTHORITY_INVALID or ‘your connection is not private’ error affects a user’s trust and the website’s credibility. This indicates that it is not secure to visit the website as it may cause loss of personal and credential information if ignored. It may also lead to a loss in traffic to the website and search engine optimization (SEO) rankings.

A user must fix this error so that the website owner can profit from it; otherwise, it may compromise the website’s trust and credibility.

How to Fix the NET::ERR_CERT_AUTHORITY_INVALID Error?

Step 1: Check the Date and Time on Your Device

The wrong date and time on your computer can cause the NET::ERR_CERT_AUTHORITY_INVALID or ‘your connection is not private’ error. It may cause the browser to consider your SSL certificate expired, making it invalid. A user must update the date and time to their default time zone.

A user can do this by following these steps:

For Windows:

1. Press the Windows key and type ‘date and time.’

2. Check whether the date and time are accurate.

3. If not, select your time zone by clicking on the banner on the right side of the time zone panel.

Source

For macOS:

1. From the upper-left corner, click on the Apple icon.

2. Select a date and time from the menu.

3. Click on the correct time zone that you are in if your date and time are wrong.

Source

For mobile devices:

1. Open the clock app on your phone.

2. Go to Settings.

3. Search for your home time zone, and then select the time zone you live in.

4. Select your location in the change time and zone settings to make it easier for you to change the time.

Source

Step 2: Clear Browser Cache and Cookies

Browsers use caches and cookies to store data for faster and more efficient web surfing. They are responsible for storing images, web page content, etc., so that the site can be loaded quickly if a user visits it again. These files eventually become outdated and expired, which may cause the NET::ERR_CERT_AUTHORITY_INVALID or ‘your connection is not private’ error. Therefore, clearing them periodically from your browser’s interface is safe.

A user can clear this cache and cookies by following these steps:

For Chrome:

1. Open three vertical dots on the upper right side.

2. Click on the option to clear browsing data.

3. By default, a banner will open. Select options for website cookies, cache, and images.

Source

Firefox:

1. Open three horizontal dots on the upper right side.

2. Go to Settings.

3. Click on privacy and security.

4. Select the option clearing cache and data.

Source

Edge:

1. Click on the three dots on the upper right side.

2. I went to settings.

3. Click on the option for cookies and site permissions after clicking on the three horizontal bars on the left side.

4. Slick on manage and delete cookies and select the options for clearing them.

Source

Safari:

1. Find preferences and settings in the Safari browser.

2. Go to the privacy tab.

3. Click on the Manage Privacy and Data option.

4. Click on Manage website data, and then select all or clear sites individually.

Source

Step 3: Update Your Browser

The latest browser version offers the best security clearance for the SSL certificate verifying the SSL certificate of the website a user attempts to connect with. Therefore, it is a must to keep your web browser updated.

To check your browser version, follow these steps:

For Windows:

1. Open settings.

2. Go to About My Browser under the Help tab.

3. It will show you which version of the browser is currently in use and if there’s an update or not.

Source

For macOS:

1. Open settings by clicking on the Apple icon on the upper left side.

2. Go to About My Browser under the Help tab.

3. Look for the version and update if required.

Source

Step 4: Disable the antivirus or firewall temporarily

Antiviruses or firewalls can sometimes interfere with a user’s access to a particular website. It may be considered a potential threat to a safe website. Thus, to solve this, one can disable their antivirus firewall temporarily as follows:

For Windows:

1. Go to settings and click on privacy and security.

2. Click on Windows security and then on virus and threat protection.

3. Click on manage settings, and then click on the toggle to turn it off.

4. Allow the administrator panel to show up and click yes.

Source

For macOS:

1. Go to system preferences.

2. Toggle to the firewall option.

3. Disable the firewall or disable the external VPN service that is currently in use.

Source

Step 5: Check and Update Your SSL Certificate

Outdated SSL certificates lose some of their validity as their domain’s identity cannot be verified without an updated SSL certificate. Therefore, to maintain the best security, you must keep your SSL certificate current.

A user can update their SSL certificate by following these steps:

1. Click the padlock to view information about the website.

2. Click on the connection is a secure option.

3. Click on the certificate as a valid option.

4. Check the details about the certificate; contact the issuer if the certificate has expired to get further instructions for its renewal.

Source

Step 6: Import the Certificate Manually

A user can import an SSL certificate from a valid certified authority (CA) by following these steps as follows:

For Windows:

1. Press the Windows key.

2. Open the MmC and run it as an administrator.

3. Go to the file > add/remove snap-in, then click the certificates option.

4. Select the computer account, then select the local computer.

5. Click the add/install option next to certificates, then right-click.

6. Select all tasks, then import.

7. Click next and browse.

8. Select the type of file you’d like to import, then click open.

9. Click on Next, then click the option for Automatically Selecting the Certificate Store Based on the Type of Certificate.

10. Then click on finish and okay.

Source

For macOS:

1. Open the keychain access manager.

2. Open the file banner and then click on import items.

3. Select the system from the keychain option and click add.

4. Enter the admin login and password you created, and then click Modify Keychain.

5. Open the server admins, and then click on the web option.

6. Click on security to enable the secure socket layer (SSL).

7. Select the certificate for the website, and then restart it to complete the process.

Source

Step 7: Reset Your Network Settings

Using a public network, such as a café or a public place, can cause the NET::ERR_CERT_AUTHORITY_INVALID Error, as these networks often poorly regulate traffic securely. This means that the network may be using an SSL certificate that is not properly verified.

Even if you use a private network, resetting your network settings could be another option. A user can do this by following these steps:

For Windows:

1. Go to WiFi settings.

2. Select the network your WiFi is connected to and disconnect it.

3. Then reconnect it again.

4. You can turn your router off and then wait 2 minutes to turn it on again.

Source

For macOS:

1. Click the Apple icon on the upper left side.

2. Go to system settings and then click on network in the sidebar.

3. Select the service, Ethernet, or WiFi.

4. Click on the details, and then change settings to reset.

Source

Advanced Solutions for Persistent Issues:

1. Check for mixed content

An HTTPS (with an SSL certificate) site contains a few elements loaded in the plain format of HTTP (without an SSL certificate). This means that the SSL certificate-protected site may include unencrypted elements, such as images, JavaScript files, etc., and thus pose a risk to the website user.

A user can identify this issue by encountering a warning presented by a user’s browser that says the website is not fully secure, meaning it can have mixed content within its web page.

One can fix mixed-content issues by following these steps:

1. Go to your browser’s tools by clicking on the three dots available on the upper right side.

2. Then click on the console option and identify all the risky elements running over HTTP on that server.

3. Check if they can run over HTTPS by changing their URL to HTTPS from HTTP and then loading the website.

4. Use a ‘change and replace’ SSL tool to check if this method works.

2. Update the operating system and software

Using an operating system and software that are not updated can compromise the security clearance of an SSL certificate, as it may not support the updated version. Therefore, users must keep their operating system and software updated to have a properly verified SSL certificate.

One can do this by following these steps:

For Windows:

1. Click the Windows tab, and then go to settings.

2. Go to the updates and security option.

3. Click on Windows Update and then check updates.

For macOS:

1. Click on the Apple icon in the top left corner.

2. Go to the About this Mac tab and click on Software Update.

3. You’ll know if it is up to date; if not, then click on update now.

3. Contact your web host

If the problem persists after following all of the methods given above, one must contact their web hosts. The information that a user can share with their web host includes the exact error they are witnessing, the domain name and URL of the website, the type of SSL certificate a user is using, any SSL configuration changes, and the browser, along with its version.

Preventing NET::ERR_CERT_AUTHORITY_INVALID Error in the Future

Regular SSL certificate renewal

Users must keep their SSL certificate up-to-date to match the security clearance expected by various websites while surfing as time changes. Otherwise, it can lead to connection failures like the NET::ERR_CERT_AUTHORITY_INVALID Error. This can be ensured by regularly renewing the SSL certificate that the user’s browser has.

An easy way to do it is by setting up automatic renewals for your SSL certificate. Go to the control panel of your SSL certificate or contact your web host to enable the automatic renewal of your SSL certificate. If your host does not provide this service, look for a host to manage it.

Use trusted certificate authorities

Using a trusted certificate authority ensures the validity of a user’s SSL certificate. The services provided by such authorities are non-questionable, as they are known for their evident success in providing their services. Therefore, a user can benefit from the services of a trusted certificate authority.

A user can obtain the list of trusted certificate authorities by accessing the database that is usually provided in the computer interface, the browser used by the user, the open SSL of a popular certificate authority, or the popular certificate authorities themselves.

Regular website and security audits

Regular website and security audits reveal vulnerabilities and weaknesses in our website’s interface, potential threats that could harm its security, and the effectiveness of the security measures users are currently using.

Tools used to make security audits include:

• Security information and event management systems (SIEM)

• Vulnerability scanners

• Penetration testing tools

• Managed security services, etc.

Conclusion

How to fix your connection is not private or the NET::ERR_CERT_AUTHORITY_INVALID error is straightforward. Users can correct the date and time in their browser. They can also proceed with clearing browser cache and cookies, updating their browser, and temporarily disabling antivirus or firewall. Moreover, they can update the SSL certificate, import it manually, and reset the network settings._

Users must take action to keep their services and software up-to-date to ensure secure internet usage. It is important to consider the security of your website as an owner and ensure that you’re not visiting unsafe websites as a user.

A user can learn and explore more such resources on SSL and web hosting on Vodien’s website.