Certificate management in Brave

Troubleshooting technical issues is much easier when both the user and support agent practice clear communication. For this reason, we have provided the template below for you to fill out with information about your issue. Please provide as much detail as possible so we can most efficiently resolve your problem.

Delete the any text above the line separator below before posting

Description of the issue:
Certificate management and cache are not clear for me. I explain my disappointing about something I find strange : I have a website using the Let’s Encrypt certificates full chain for HTTPS as following =


The last end user certificate is hidden for anonymity. It corresponds to the last certificate in the chain. In the Certificates management in Brave settings, I have the “ISRG Root X1” CA certificate stored (the root certificate) but the intermediate “R3” certificate is missing. I think it is normal as it is not a root self signed certificate.

For tests purposes, I intentionally configure my web server to send only the end user certificate and not the full chain. The end user certificate corresponds to the black line in the image above.

With a wget command in my OS (or curl) : wget https://website.com → I got a SSL error because the system is not able to validate the end user certificate, I don’t have the R3 issuer in my OS. It is a normal behavior. However, when I try a connection to this same website on Brave, everything works fine and I can connect to the website without any warning or error. Brave is able to validate the R3 certificate but I don’t know how ?

I though it was linked to the browser’s cache at the beginning, but finally after clear it, the behavior is the same. I can access without any issue to the misconfigured website.

Is someone is able to explain me how Brave can validate these kind of website ?

Thank you.

Exact URL of the website in question: Not necessary in this case.

Did the issue present with default Shields settings? (yes/no) no

Does the site function as expected when Shields are turned off? N/A

Is there a specific Shields configuration that causes the site to break? If so, tell us that configuration. (yes/no): No

Does the site work as expected when using Chrome? Yes but it works also in Brave when it shouldn’t

Brave version (check About Brave):
Version 1.52.129 Chromium: 114.0.5735.198 (Official Build) (64-bit)

Changes like this will come from Chromium upstream @hidigoudi


I don’t ask for a change, I just wondering what is the exact behavior of the web browser to validate the certificates chain. Maybe there are hidden embedded intermediate certificates that they aren’t visible from the GUI.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.