SSL certificate error is a common error when using a browser. Why does it occur and how to fix it on Windows 10/11? Follow the suggestions in this post on MiniTool Website, you can resolve it easily.
SSL Certificate Error on PC
The SSL certificate enables a browser to verify the identity of a website. It helps you protect sensitive information like account names, passwords and more by encrypting the data between the server and the client.
When the browser fails to verify the SSL certificates returned by the server, an SSL certificate error will occur. Then the browser will warn you that this website cannot be trusted and block it. Common SSL certificate errors include client server error, SSL certificate not trusted, invalid server certificate error and SSL certificate mismatch error. The causes of SSL certificate errors are various, we will introduce you to corresponding solutions according to different causes.
How to Fix SSL Certificate Error in Chrome /Firefox?
Fix 1: Update SSL Certificates
The expired certificate is the most common cause of SSL Certificate errors because every certificate has a validity period and the client will refuse certificates that are not within their validity period. When your SSL certificate is expired or the time of browser machine is incorrect, it is a good option to update the SSL certificates of your web server with new valid certificates.
Fix 2: Check If SSL Certificates Contain All Website Domain Names
To avoid unexpected attacks, the browser will examine if it is talking to the right server. If the hostname of the website is missing from the website, the client will suppose it is talking to the wrong server and then block the connection & reject the certificate.
When the SSL certificate error appears under this condition, you should make sure the certificate contains the domain names of all websites and utilize a wildcards certificate to cover all your subdomains or a SAN certificate to cover multiple hostnames.
Fix 3: Close SSL Warning
This method is very risky because once you do so, you will no longer receive any warnings or error messages even when you are visiting any untrusted websites. If you are very sure about your operation, you can do the following instructions.
For Google Chrome:
Step 1. Open your Google Chrome and type chrome://flags into the address bar and hit Enter.
Step 2. Find Allow invalid certificates for resources loaded from localhost and enable this option.
For Mozilla Firefox:
Step 1. Open your browser and type about:config in the address bar and hit Enter to open the advanced configuration.
Step 2. Hit Accept the Risk and Continue.
Step 3. In the next screen, find browser.ssl_override_behavior and change its value from default 2 to 1.
Fix 4: Add the Certificate to the Browser’s Trusted Store
You should always make sure that you buy certificates from a reliable certificate authority. If you use an untrusted certificate, your browser cannot find the root certificate in the local trusted certificate store.
Fix 5: Get a New Certificate
The certificate authority will revoke certificates before they are expired, so you should avoid any of the leaf or intermediate certificates of your browser being revoked. It is a good habit to check for the certificate status by using OCSP (Online Certificate Status Protocol).