How to Fix the NET::ERR_CERT_AUTHORITY_INVALID Error (Step-by-Step Guide)

Key Takeaways

• This SSL error usually means the browser doesn’t trust the website’s certificate.
• Causes include invalid, expired or self-signed SSL certificates, or local device misconfigurations.
• Both website owners and visitors can troubleshoot and fix this with clear steps.
• Cloudways makes SSL setup easy through built-in Let’s Encrypt certificates and automatic renewals.

You’re trying to open a website, but your browser stops you.

Instead of loading the page, you get a warning that says your connection isn’t private. Somewhere in the message, you see the code: NET::ERR_CERT_AUTHORITY_INVALID.

Now you’re stuck. You don’t know if the website is broken, if your browser is acting up, or if it’s something on your end.

This guide is here to help. You’ll learn what this error means, what causes it, and how to fix it. Whether you’re visiting a site or managing one, you’ll find clear steps that work.

What Is the NET::ERR_CERT_AUTHORITY_INVALID Error?

This error shows up when your browser doesn’t trust the website’s SSL certificate.

SSL certificates are used to create a secure connection between your browser and a website. They prove that the site is real and that no one is trying to spy on your connection.

If the certificate is expired, self-signed, or issued by an unknown source, your browser sees it as a risk. When that happens, it blocks the site and shows the NET::ERR_CERT_AUTHORITY_INVALID message.

Why Your Browser Shows NET::ERR_CERT_AUTHORITY_INVALID

That long error code might look technical, but here’s what it actually means:

Your browser doesn’t trust the website’s security certificate.

Every secure website uses an SSL certificate. It protects your connection and proves the site is legitimate. If the certificate is broken, expired, or issued by a source your browser doesn’t recognize, the browser blocks access.

This is how your browser keeps your data safe.

It doesn’t always mean the website is unsafe. It could just be a misconfiguration or a small setup mistake. But your browser plays it safe by stopping the connection.

Example Error Messages Across Browsers (Chrome, Firefox, Edge, Safari)

Each browser uses slightly different wording, but the meaning is the same.

• Chrome: Your connection is not private
• Firefox: Warning: Potential Security Risk Ahead
• Edge: Your connection isn’t private
• Safari: This Connection Is Not Private

You may see extra technical details below the message, including the error code NET::ERR_CERT_AUTHORITY_INVALID.

What Causes the NET::ERR_CERT_AUTHORITY_INVALID Error?

This error can come from two places. Either something’s wrong with the website, or the problem is on your device. Let’s look at both.

If You Own the Website

These are the most common reasons your visitors might be seeing the error:

1. The SSL certificate is self-signed
   Browsers don’t trust certificates unless they’re issued by a recognized authority. A self-signed one might work for internal use, but public visitors will see a warning.
2. The certificate is expired
   All SSL certificates come with an expiration date. If you forget to renew it, the browser blocks the site right away.
3. The certificate chain is broken
   Your SSL certificate should be linked to a trusted root authority. If any part of that chain is missing or set up incorrectly, the browser will reject it.
4. You’re using a certificate from an unknown provider
   Not all certificate issuers are recognized by all browsers. If you’re using a lesser-known or untrusted one, visitors may see the error.

If You’re Just Visiting the Site

The problem might not be with the website. Here are some reasons you might be seeing this error on your end:

1. Your device’s date and time are wrong
   SSL relies on the system clock. If your computer’s time is off, the browser may think the certificate has expired or isn’t valid yet.
2. Your browser has cached bad data
   Old or broken SSL information stored in your browser can cause errors. Cookies or cached files might need to be cleared.
3. Security tools are interfering
   Some antivirus programs, VPNs, or firewalls scan encrypted connections. They sometimes replace the website’s certificate with their own, which the browser doesn’t trust.
4. Your browser or system is out of date
   Older systems may not recognize new certificate authorities. This can cause problems even if the certificate is perfectly valid.

How to Fix the NET::ERR_CERT_AUTHORITY_INVALID Error as a Website Owner

If you manage the site that’s showing this error, the fix is usually simple. Here’s what to check.

Step 1 – Check If Your SSL Certificate Is Valid

Start by scanning your site using a tool like SSL Labs. It will tell you:

• If the certificate is expired
• If the chain of trust is broken
• If all your domains and subdomains are covered

Here’s how the output will look like:

Step 2 – Install a Trusted SSL Certificate

If your site uses a self-signed certificate or has no certificate at all, you need to install a valid one.

• Choose a trusted provider like Let’s Encrypt (free), DigiCert, or Sectigo.
• Follow your hosting provider’s steps to install it

If you’re using Cloudways, the process is even easier:

• Log in to your Cloudways dashboard

• Go to Applications → Your app → SSL Certificate

• Choose Let’s Encrypt, enter your domain, and click Install

Step 3 – Renew Expired Certificates

Check the expiration date. You can do this by clicking the padlock icon in the browser’s address bar and viewing the certificate details.

If it’s expired, renew it through your provider.

If you’re using Let’s Encrypt on Cloudways, renewals happen automatically.

Step 4 – Fix Misconfigured Certificate Chains

Sometimes your certificate is valid, but the browser still shows the error. That usually means the chain is incomplete.

To fix it:

• Log in to your SSL provider account
• Download the full certificate bundle or chain file
• Upload and install it using your hosting control panel

If you’re not sure how to do that, reach out to your hosting support. They can usually fix it in minutes.

Step 5 – Reinstall or Reissue Your SSL Certificate

If you’ve tried everything and the error is still showing, it might help to reissue the certificate from scratch.

Here’s how:

• Reissue it from your certificate provider’s dashboard
• Remove the old one from your server
• Install the new one with the correct chain

On Cloudways, you can do this directly from the dashboard. It takes just a few clicks.

How to Fix the NET::ERR_CERT_AUTHORITY_INVALID Error as a Visitor

If you’re just trying to access a website and see this error, it can be frustrating. The good news is it’s often a simple fix. Here’s what you can try.

Step 1 – Reload the Page or Try Incognito Mode

Sometimes your browser hits a glitch. Try refreshing the page or opening it in a private or incognito window.

If the error disappears, it’s likely a cookie or cache issue.

Step 2 – Clear Your Browser Cache and Cookies

Old data can conflict with newer certificates. Clear it to force the browser to fetch fresh information.

In Chrome:

• Go to Settings → Privacy & Security → Clear browsing data
• Select “Cookies and other site data” and “Cached images and files“
• Hit Clear

• Then reload the site.

Step 3 – Check Your Date and Time Settings

Your system clock needs to be accurate for SSL to work correctly. If it’s even a little off, your browser might think the certificate is expired or not yet valid.

On Windows:

• Right-click the time in the taskbar
• Select Adjust date/time
• Click Sync now

On Mac:

• Open System Settings → General → Date & Time
• Make sure “Set time automatically” is turned on

Step 4 – Clear SSL State from Your Device

Windows sometimes stores outdated SSL data.

• Open Control Panel
• Go to Internet Options → Content tab
• Click “Clear SSL State”
• Restart your browser and try again

Doing so clears out any corrupted SSL data stored by your system.

Step 5 – Disable Antivirus, VPN, or Browser Extensions (Temporarily)

Security software can block or replace SSL certificates during scanning. This may trigger the error even on safe sites.

Try turning off:

• HTTPS scanning in your antivirus
• Your VPN
• Privacy-focused browser extensions

Then reload the site. If the error goes away, you’ve found the issue.

Step 6 – Try a Different Network or Device

Still seeing the error? Switch to a different Wi-Fi network or mobile hotspot. You can also try a different browser or device to rule out local problems.

Advanced Fixes and How to Prevent The “NET::ERR_CERT_AUTHORITY_INVALID” Error in the Future

If you’ve tried the basic steps and the error keeps coming back, there are a few deeper fixes worth checking.

Keep Your System and Browser Updated

Outdated systems may not recognize newer certificate authorities. This can cause SSL errors even on trusted websites.

What to do:

• Update your operating system to the latest version
• Update your browser (Chrome, Firefox, Safari, etc.)
• Restart your device after updating

This helps your browser stay in sync with the latest security rules.

Clear HSTS Settings in Chrome

Some sites use a security policy called HSTS. It forces the browser to always load them with strict HTTPS settings. If your browser saved bad data, it may keep showing the error even after the site is fixed.

To clear it in Chrome:

• Type chrome://net-internals/#hsts in the address bar
• Under “Delete domain security policies,” enter the domain
• Click “Delete“
• Restart Chrome and try the site again

Only do this if you’re sure the site is safe.

Let DNS Changes Finish Propagating

If you’re a site owner and recently added or changed an SSL certificate, the error might appear until DNS changes finish spreading. This can take a few hours.

You can speed things up a bit by clearing your local DNS cache and browser cache.

Use Hosting That Manages SSL For You

If you run a site and don’t want to deal with certificates manually, use a host that handles SSL automatically.

Cloudways, for example, gives you:

• Free SSL certificates
• 1-click installation
• Automatic renewals
• Staging areas to test your setup before going live

This avoids most of the problems that trigger the NET::ERR_CERT_AUTHORITY_INVALID error in the first place.

SSL Troubleshooting on Managed Hosting Platforms Like Cloudways

If your site is hosted on a managed platform like Cloudways, dealing with SSL is usually much easier. But there are still cases where errors show up due to how the server is set up or how recent changes were applied.

When the Problem Is on the Server Side

Even with a valid certificate, your site can show SSL errors if something behind the scenes isn’t working right. Here are a few examples:

• DNS changes are still propagating after switching domains or updating records
• The site is redirecting incorrectly between HTTP and HTTPS
• Your app stack doesn’t fully support HTTPS, especially if you’re using older software or frameworks

If you just installed an SSL certificate on Cloudways, give it up to 24 hours. DNS changes can take time to fully update across the internet. In the meantime, try clearing your local DNS cache and browser cache to speed things up.

How Cloudways Makes SSL Easier

Cloudways offers built-in features that save you from most SSL headaches:

• 1-click SSL installation using Let’s Encrypt
• Automatic renewals every 90 days
• Staging environments to test SSL changes before pushing them live
• 24/7 support in case something goes wrong

You don’t have to worry about manual configuration or complex command-line steps. Everything is handled from your dashboard.

How to Prevent SSL Errors Before They Happen

You can avoid most certificate-related problems by staying ahead of them. Here’s how:

Automate SSL Certificate Renewal

Always use a CA or hosting provider that offers automatic SSL renewals. Let’s Encrypt (used by Cloudways) is free and renews certificates automatically every 90 days.

Set Up Monitoring for SSL Expiry Alerts

Several tools can alert you before your SSL certificate expires:

• SSL Shopper
• UptimeRobot
• Cloudways platform notifications

• Set reminders at least two weeks in advance if you renew manually.

Use a Reputable Hosting That Manages SSL (e.g., Cloudways)

Using a host like Cloudways means you don’t have to deal with most of the SSL setup or renewal steps. Everything is built into the platform, and if something goes wrong, support is there to help.

Secure Hosting That Just Works

Tired of SSL errors? Switch to our WordPress hosting with free, auto-renewing SSL certificates, no manual setup, no surprises.

TRY NOW

Final Thoughts

The NET::ERR_CERT_AUTHORITY_INVALID error can be frustrating, but it’s almost always something you can fix.

If you manage the website, check your SSL certificate, confirm it’s valid, and make sure it’s set up correctly. Using a platform like Cloudways can save you time by handling most of it automatically.

If you’re just visiting a site, the problem might be on your device. A quick browser reset, a time sync, or turning off your VPN could be all it takes.

You don’t need to be technical to solve this. Just follow the steps, rule things out one at a time, and you’ll be back online without stress.