Skip to main content

Beta What do you think of this service? Your feedback will help us to improve it.

  5. Certificate authority invalid

Author: Government Digital Service

Certificate authority invalid

What this means

An invalid certificate authority error means that the browser does not trust the SSL certificate for the website.

This could happen if the certificate is self-signed, expired, or issued by an untrusted CA.

This error is represented by the NET::ERR_CERT_AUTHORITY_INVALID error code or a “Your connection is not private” browser message.

Why this is a problem

Browsers actively prevent users from accessing the website in order to protect themselves and generate an error message in the form of an insecure connection.

This can make the website look insecure and have reputational consequences.

How to check if the problem is there

Generally speaking, there are 3 primary causes for the invalid certificate authority error and they can be from:

  • using a self-signed SSL certificate, but browsers can’t verify its validity
  • the certificate has expired
  • the certificate comes from a non-trusted source and browsers can’t verify its validity

The error can be checked by visiting the website in various browsers.

How to fix this

To fix this error, you need to make sure that you have a valid SSL certificate from a reputable CA that is recognised by all major browsers.

You can check the list of trusted CAs from the Mozilla Included CA Certificate List.

You also need to make sure that your SSL certificate is installed correctly on your server, and that it includes all of the intermediate certificates that link your certificate to the root CA.

Sign up to UK Government Security

Subscribe to our newsletters to receive notifications when changes to strategy, policy, standards, and guidance are published on the website.

Sign up now