Skip to content


Learn how to fix the ERR_CERT_AUTHORITY_INVALID that causing the Connection not Private alert in the Chrome browser. Follow these steps to resolve errors.

If the site you are browsing uses an outdated version or, even worse, an expired SSL certificate, you might get ERR_CERT_AUTHORITY_INVALID in Chrome. So, to fix this error, users can try simple fixes like checking the SSL certificate expiry, disabling the firewall’s SSL check, deleting the system’s SSL-cached files, and deleting Chrome’s cache.

Fix Error: ERR_CERT_AUTHORITY_INVALID in Chrome browser

Websites must implement stringent security measures to safeguard user data and respect privacy. These include adopting the HTTPS Protocol as well as using the SSL Certificate. The latter, also known as the Secure Socket Layer, creates an encrypted pathway for data transfer between the client and the server.

However, there could still be some sites that haven’t yet incorporated SSL security on their sites. Likewise, some websites might have the certificate, but they could be using an outdated version or, even worse, an expired SSL certificate.

Your connection is not private ERR_CERT_AUTHORITY_INVALID Chrome

Sensing the danger of browsing such websites, the browser will show you the ERR_CERT_AUTHORITY_INVALID error. Along the same lines, you might also get the “Your connection is not private” error message.

In this regard, the sole responsibility lies in the hand of website owners to keep their SSL certificates up to date. Likewise, a few things could be done from our end as well. Though the webmaster has updated the certificate, we may still encounter this error due to outdated cache storage.

Check Certificate Information

One of the first things you should do is check the site certificate information. It will help us to understand why the certificate has failed, which resulted in ERR_CERT_AUTHORITY_INVALID error. If the certificate has expired, it’s obvious that the issue is from the website end, and you can’t do anything about it.

Here are the steps to view site certification information:

  1. Launch the Google Chrome browser on your computer.
  2. Open the Website to check the certification information.
  3. Click on the Padlock padlock icon within the URL bar.
    View Site Certificate Information in Chrome ComputerCheck if the site connection is secure or not.
  4. Click on the Certificate to open for more information on validation.
    Site Certificate Details in Chrome Computer

Here, you can check the certificate expiry and other important information like organization, issued to, issuer name, etc., which help in understanding the certificate’s authenticity.

Disable Firewall’s SSL Check

Most antivirus programs come embedded with the Firewall app as well. The primary function is to prevent users from accessing sites that don’t follow the SSL protocol. At the same time, they also give users the flexibility to disable this setting temporarily.

Regarding the error, it might be the case that the Firewall isn’t letting you access the non-SSL websites. To bypass this restriction, you might need to disable this functionality of your Firewall/Antivirus app. Here’s how it could be done:

  • BitDefender: Settings > Privacy Control > Antiphishing > Set Scan SLL to Off.
  • Kaspersky: Settings > Extend >  Network Settings > Disable SSL Settings.
  • Avast: Settings > Active Protection > Web Shield > Customize > Untick the Enable HTTPS Scanning option.

Disable HTTPS scanning in anti-virus program

On the other hand, there isn’t any option to disable SSL on Windows Firewall. You could instead temporarily disable the Firewall while you are browsing the site.

  1. Open the Start menu and search for Windows Defender Firewall.
  2. Click on Turn Windows Defender Firewall On or Off from the left menu bar.
  3. Enable the checkbox Turn off Windows Defender Firewall under both the Public and Private networks.
    Turn off Windows Defender Security

Do keep in mind that browsing the web while keeping the Firewall disabled might prove to be quite risky. So only do so if visiting that website is paramount and there are no alternatives.

Delete Chrome’s Cache

Sometimes, the website might have already updated its SSL certificate, but your browser would still show the ERR_CERT_AUTHORITY_INVALID error. The reason could be attributed to the fact that rather than loading that website from scratch, the browser is still showing the cached copy of the site.

To fix this issue, you must delete the browser’s cache files. Here are the steps to do so:

  1. Launch the Chrome browser and head over to its Settings page.
  2. Then scroll to the Privacy and Security section and click Clear Browsing Data.
  3. Select Cookies and other related data and Cached images and files.
  4. Likewise, also change the Time Range to All Time.
  5. Finally, hit the Clear Data button.
    Clear Data in Chrome Browser

Once the temporary files have been deleted, relaunch Chrome and check whether the error has been rectified.

Deleting the cache might slow down the website’s starting when it loads for the first time. However, it is worth the wait if it manages to fix the underlying issue.

Delete the System’s SSL Cached Files (Windows)

Verifying each time the Secure Socket Layer is implemented in the websites might slow down the entire load time of the concerned sites. In this regard, the system saves the SSL state for each website you visit. So rather than performing the SSL check repeatedly, the browser picks up this information from the system’s cached SSL files.

However, if the concerned site has just added or updated its SSL, it wouldn’t be reflected in your browser (since it is still picking up the older cached files). So to rectify this issue, you should consider deleting the system’s preserved SSL states.

Here are the steps to delete cached SSL certificate:

  1. Launch Control Panel via the Start menu.
  2. Change its View by menu to Large Icons and select Internet Options.
    Windows Internet Options SettingsThe Internet Properties window will open.
  3. Switch to the Content tab and hit on the Clear SSL State command.
    Clear SSL State from Internet Options in Windows
  4. Once that is done, click Apply and then OK.

Now reopen Chrome and see if the ERR_CERT_AUTHORITY_INVALID error has been fixed.

The biggest drawback with this method is that it deletes the stored SSL state of all the websites (rather than giving us the option to do so for our chosen site). As a result, the next time you browse any site via Chrome, it will first perform the SSL check from scratch, which might consume your valuable seconds.

But again, I would like to reiterate the same statement — if this waiting time gives fruitful results, then it’s worth the wait.

Bottom Line

So these were the various methods to fix Chrome’s ERR_CERT_AUTHORITY_INVALID error. With online privacy risks at an all-time high, it is always a safe idea to only browse sites that provide a safe and secure environment.

In this regard, the HTTPS protocol and the SSL Certificate are among the most important prerequisites. Any issues with its authentication might lead to an error. Fortunately, you are now aware of the methods to rectify it.

With that said, the second method, in my case, gave out desirable results. The website I was browsing had just renewed its SSL certificate, but the browser was still loading the cached data of that site. The issue was rectified after deleting those cache files and reloading the site.

Please let us know which method managed to spell success for you to fix the error on your Chrome browser.

Lastly, if you've any thoughts or feedback on How to Fix: ERR_CERT_AUTHORITY_INVALID in Chrome, then feel free to drop in below comment box. You can also report the outdated information.

Please share the article if you find it helpful:

Disclosure: This page may contain affiliate links, which means we may receive compensation for your purchases using our links; of course at no extra cost to you (indeed, you may get special discounts).

Sadique Hassan

Sadique is a Bachelor of Computer Application in Computer Science and an MBA professional. He became a tech writer by choice and has continued pursuing it for the last 7+ years. He is keenly interested in open-source technology like Android and also loves troubleshooting the tech. Connect with him on LinkedIn.

Share us your thoughts and feedback

Your email address will not be published. Required fields are marked *