The “Your connection is not private” error throws up a full-screen red warning and refuses to load the page you wanted. It looks alarming, but it almost always means your browser spotted a mismatch with the site’s SSL/TLS certificate — and the cause usually sits on your own device, not the website. The single most common trigger I run into is a system clock that drifted by a few hours.
I have cleared this error on dozens of laptops and phones, and the same short checklist fixes nearly all of them. The steps below work in Chrome, Edge, Firefox, and Safari across Windows, Mac, Android, and iPhone, ranked from quickest to most involved.
Quick Answer
Check your device’s date and time first, because a wrong clock causes this error more than anything else. If the clock is correct, clear your browser’s cache and cookies, then load the site in incognito mode. Still blocked? Disable your VPN or antivirus HTTPS scanning and retry. Most cases clear within two minutes.
What do the error codes actually mean?
Chrome and Edge print a sub-code beneath the main warning, and reading it points you straight to the right fix instead of guessing.
| Error Code | What It Means | Best Starting Fix |
|---|---|---|
| NET::ERR_CERT_DATE_INVALID | Device clock is wrong, or the site’s cert expired | Fix 1 — correct date/time |
| NET::ERR_CERT_AUTHORITY_INVALID | Certificate issuer not trusted by your browser | Fix 4 — check antivirus HTTPS scanning |
| NET::ERR_CERT_COMMON_NAME_INVALID | Domain name doesn’t match the certificate | Try the www. or non-www. version of the URL |
| NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM | Site uses outdated encryption | Fix 6 — update your browser |
Reading the sub-code first tells you which fix to try before you touch anything.
How do I fix the error step by step?
Work through these six fixes in order. I almost always solve it by Fix 3, but the later steps catch the stubborn cases.
Fix 1: Correct your device’s date and time
SSL certificates have a strict validity window. If your clock is wrong, even by a few hours, browsers reject perfectly valid certificates because they look expired or “not yet valid.”
- Windows: Right-click the taskbar clock → Adjust date/time → toggle Set time automatically off, then back on.
- Mac: Apple menu → System Settings → General → Date & Time → enable Set date and time automatically.
- iPhone: Settings → General → Date & Time → enable Set Automatically.
- Android: Settings → General Management → Date and Time → enable Automatic date and time.
- Reload the page after the clock syncs.
Pro tip: If your Windows PC keeps resetting to the wrong time after every reboot, the CMOS battery on the motherboard is likely dead — a common failure on machines more than five or six years old. I have swapped a couple of these myself, and the part costs only a few dollars.
Fix 2: Clear your browser’s cache and cookies
Stale cached certificate data can clash with an updated cert on the server. Clearing it forces a fresh TLS handshake.
- Press Ctrl+Shift+Del on Windows or Cmd+Shift+Del on Mac (works in Chrome, Edge, and Firefox).
- Set the time range to All time.
- Check Cached images and files and Cookies and other site data.
- Click Clear data, then reload the page.
Fix 3: Open an incognito or private window
Browser extensions — especially ad blockers, VPN add-ons, and security tools — can interfere with certificate validation. Incognito mode disables most extensions by default.
- Press Ctrl+Shift+N in Chrome or Edge, or Ctrl+Shift+P in Firefox.
- Navigate to the same URL.
- If the page loads, an extension is the culprit. Disable them one at a time at chrome://extensions or Firefox’s about:addons to find which one.
Fix 4: Disable your VPN or antivirus HTTPS scanning
Antivirus programs — including Avast, Kaspersky, ESET, and Bitdefender — intercept HTTPS connections and substitute their own certificate. If their certificate store is outdated, browsers flag every substituted cert as untrusted.
- Temporarily disable your VPN and reload the page.
- If it still fails, open your antivirus settings and find HTTPS scanning, Web Shield, or SSL filtering, then turn it off.
- If the page loads, update your antivirus to the latest version before re-enabling HTTPS scanning.
Troubleshooting tip: On corporate or school networks, a firewall or proxy may perform the same SSL interception. If you are on managed Wi-Fi and the error appears on every HTTPS site, contact your IT department — this is expected behavior and only they can resolve it.
Fix 5: Flush your DNS cache
A stale DNS record can route your browser to an outdated server IP, where the certificate no longer matches the domain. Flushing DNS forces a fresh lookup.
- Windows: Open Command Prompt as Administrator and run:
ipconfig /flushdns - Mac: Open Terminal and run:
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder - Reload the page after the command completes.
Fix 6: Update your browser
Browser updates ship with new root certificates. An outdated browser may not recognize certificates signed by newer or recently added certificate authorities.
- Chrome: Three-dot menu → Help → About Google Chrome — it checks and installs updates automatically.
- Edge: Three-dot menu → Help and feedback → About Microsoft Edge.
- Firefox: Hamburger menu → Help → About Firefox.
- Restart the browser after updating, then retry the page.
Run the fixes top to bottom and you will clear the error before reaching the end in nearly every case.
Why does this error mean my device, not the site?
The certificate check happens locally, so a wrong clock, stale cache, or intercepting antivirus on your machine breaks the validation before the site is ever to blame. That is why the same page often loads fine on a phone right next to a laptop showing the error.
If your pages still misbehave after the certificate clears, a deeper cleanup helps. My guide on how to clear browser cache and cookies walks through every browser, and if the browser itself feels unstable, see how to stop Chrome from crashing. For the underlying mechanics, Let’s Encrypt’s documentation explains how TLS certificates are issued and validated.
The validation runs on your hardware, which is why local fixes resolve it far more often than anything on the server.
Common Mistakes to Avoid
- Clicking “Advanced” and proceeding on unfamiliar sites. The bypass is meant for developers testing local servers. On a login, banking, or shopping page it exposes your credentials to interception. Fix: only proceed on sites you personally manage.
- Clearing the cache with a short time range. Choosing “Last hour” or “Last 7 days” often leaves old cached certificates in place. Fix: always select All time.
- Assuming the website is broken before checking your device. The common triggers — wrong clock, cached data, antivirus interference — are all local. Fix: rule them out before blaming the site.
- Permanently disabling antivirus HTTPS scanning. Leaving it off removes real protection. Fix: turn it off only long enough to confirm the cause, then re-enable it or update the antivirus.
- Dismissing the warning on public Wi-Fi. On open networks a persistent warning can signal a genuine man-in-the-middle attack. Fix: do not proceed on public Wi-Fi without a trusted VPN active.
Frequently Asked Questions
Is this error the same in Chrome, Firefox, and Edge?
Yes, it is the same underlying TLS certificate problem in all of them. Chrome and Edge say “Your connection is not private,” while Firefox says “Your connection is not secure.” Last week I hit the identical issue on the same site in both Chrome and Firefox after my laptop clock drifted, and one date fix cleared both.
Does this error mean I have been hacked?
Almost never — the vast majority of cases trace back to a local issue like a wrong clock, stale cache, or antivirus interference. A real man-in-the-middle attack would typically show NET::ERR_CERT_AUTHORITY_INVALID on a site that normally loads cleanly, which is rare on home Wi-Fi.
Can the website owner cause this error for all visitors?
Yes, an expired, misconfigured, or revoked certificate blocks every visitor until the owner renews or corrects it. I once watched a small store’s site go dark for an afternoon when its certificate lapsed, and nothing on my end could load it until they renewed.
Is it ever safe to click “Proceed to site (unsafe)”?
Only on sites you personally manage for local development or testing. For example, I bypass it on my own localhost dev server, but never on any page asking for a password, payment details, or personal information.
Why does the error appear in Firefox but not Chrome?
Firefox keeps its own certificate store, while Chrome and Edge use the Windows or macOS system store. An antivirus certificate injected into the OS store may not be trusted by Firefox, so I have seen the warning show up only in Firefox on the same machine.
Conclusion
This error is fixable in minutes without specialist knowledge: start with the clock, clear the cache, test in incognito, then work through the rest in order. If all six fixes fail, the problem is server-side and only the site owner can correct it. Next, tame your browser’s resource use with my guide to cutting Chrome’s RAM usage.
Last updated: June 25, 2026