NET::ERR_CERT_DATE_INVALID

1 minute read

Why this happens

This one is a pretty easy one to solve. SSL Security Certificates have expiration dates after which they’re no longer considered valid. This is to allow for things like security standards and domain name ownership to change.

If you’re seeing this error, it typically means that the certificate you use on your server has expired.

The process to fix this and how much it costs depends on your certificate provider.

But what if the certificate isn’t actually expired?

OK, so the NET::ERR_CERT_DATE_INVALID doesn’t actually always meant that the certificate itself is the problem.

It can also mean that the computer that is visiting the site doesn’t have the right time and date.

Here’s the thing. Chrome on the users/customers browser has no idea how to tell the difference. There’s no way for it to know who is right. For example if the certificate is set expire July 4th, 2022 and your clock is set to July 4th, 2023. Who’s right? You can’t say. But if I tell you the year is actually 2021, then you know. But since Chrome doesn’t know what year actually is, it just has to say “Hey, there’s some sort of mismatch in the dates here”.

So to avoid this for yourself on the client/browser side, you should probably sync your time.

How to prevent this from happening again in the future

Other than just setting a calendar reminder for yourself when you renew your cert, there are a variety of services that exist that can do this sort of monitoring for you.

Each day they’ll visit your site and look at the expiration date and as it approaches alert you in some manner.

Here are a list of a few:

  1. https://websitewatchdog.app/
  2. https://pingping.io/
  3. https://github.com/Matty9191/ssl-cert-check
  4. https://www.statuscake.com/
  5. https://certificatemonitor.org/

Note that none of these are mine, just some places that I’m aware of.

Also you can use LetsEncrypt to get a new certificate when needed automatically and for free.

Updated: