Description of the issue:
Visiting a site with an expired certificate makes the site unavailable although it may be technically up
Steps to Reproduce (add as many as necessary): 1. 2. 3.
Go to a site with an expired certificate (this one expired on March 1st (today) - yea they forgot to update their cert, but I still want to use the site (it’s a state gov GIS site)
You get NET::ERR_CERT_DATE_INVALID Error
There is no way to “visit anyway” under advanced like i’m used to. I do see this note in the error:
You cannot {site} right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.
Actual Result (gifs and screenshots are welcome!):
Expected result:
Under advanced, I should be able to load the site anyway, acknowledging security implications like “Yea, they forgot to update their cert, ok i still want to visit”
Or, there should be a setting in brave to disable date/time checking or something like that if you want to make it less accessible to mass users.
Reproduces how often:
Operating System and Brave Version(See the About Brave page in the main menu):
Windows 11 Home 24H2
Version 1.75.181 Chromium: 133.0.6943.141 (Official Build) (64-bit)
](https://brave.com/latest/)
The error [NET::ERR_CERT_DATE_INVALID] combined with the message about HSTS means the site has HTTP Strict Transport Security enabled, which blocks all manual overrides, even if you want to proceed. When HSTS is active, browsers like Brave and Chrome won’t let users bypass certificate errors to protect against man-in-the-middle attacks. Unfortunately, there’s no browser setting or flag to bypass HSTS for expired certificates.
The only workaround is to wait for the site admin to renew the certificate or use a non-HSTS-supported browser (not recommended). If it’s a trusted internal or government site, you can try accessing it using tools like curl or a proxy that doesn’t enforce HSTS, but that’s more of a developer workaround than a browser fix.