NET::ERR_CERT_DATE_INVALID Error on All Sites

All of sudden all sites showing NET::ERR_CERT_DATE_INVALID error. All though clock is properly set and other browser (FireFox) running without any issue.

Here’s some screenshots


Expected result: Site should load

Brave Version( check About Brave):
Version 1.30.86 Chromium: 94.0.4606.61 (Official Build) (64-bit)

Additional Information:

“All of sudden all sites showing NET::ERR_CERT_DATE_INVALID error. All though clock is properly set and other browser (FireFox) running without any issue.”

I have the exact same problem. I tried cleaning caches/cookies but that did not help. I was trying to update the Brave Browser, but that does not function. I have Brave 1.2.43, but the update cannot complete because I cannot relaunch. For help I then have to get to a Brave webpage and I get the same problem that I cannot get on it because of the security risk.

Super frustrating. I cannot open any Brave webpage, but also I cannot open lots of official and government webpages anymore. And IMPORTANT I also have problems with opening websites in CHROME. Especially with websites for watching programmes or films to which I am subscribed. I cannot see any program or film anymore in CHROME. So not just Brave.

All the time I get this:

Your clock is ahead

A private connection to community.brave.com can’t be established because your computer’s date and time (Thursday, September 30, 2021 at 11:21:17 PM) are incorrect.
NET::ERR_CERT_DATE_INVALID

Here the texts when I try to update the Brave version:

Updating Brave
Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)

Nearly up to date! Relaunch Brave to finish updating.
[Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)]
Relaunch

Update failed (error: 12)
Error details:
An error occurred while extracting the archive. Please try again later.
Learn more
[Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)]

1 Like

I also tried everything. Clear Cookies & Cache to Install New Brave. But nothing help.

Hope Brave Dev will fixed it soon.

I found that its because of DST Root CA X3 Certificate Expiration On September 30 2021. So website that are using Let’s Encrypt certificate are not working.

Temporary Fix: Change Date to before 30-09-2021

1 Like

Thank you! But do you know how to solve this…? I do not even know where to find Let’s Encrypt certificate or DST Root CA X3 Certificate Expiration

How can one update ‘Let’s Encrypt certificate’ from ‘DST Root CA X3’ to ‘ISRG Root X1’? That is what must be done, right…?

I found this information online, but I cannot find out how to update to ISRG Root X1.

"If you have any questions about whether you need to do anything special for the upcoming DST Root CA X3 expiration in September 2021, please post them here. A staff member may split out some conversations into their own threads.

Update 30 September 2021, 17:34 UTC

Yesterday, the R3 signed by DST Root CA X3 intermediate expired as planned. If you experience problems related to certificate chaining you should first review your configuration and make sure your server/website/device is sending the correct chain with the updated R3 intermediate signed by ISRG Root X1 . It is unlikely that you need to force renewal to resolve issues related to R3 signed by DST Root CA X3 expiring. This thread and many more on the community offer advice to review and resolve this problem.

Earlier today, the DST Root CA X3 expired as planned. Most problems related to DST Root CA X3 expiring will not be solved by force renewal. Please search the forum and this this thread for help to resolve the problems you are experiencing before opening a new thread."

Two ways:

  1. Check if automated root certificate update is turned off, if it is then turn it on. It will auto update the certificate. (In my case can’t find the automatic option)

  2. Export the ISGR Root X1 certificate from some other machine and install it in yours. (Export CA from Mozila FireFox and Import it to Brave)

In my case can’t find automatic update certificate option. So I go with second option.

Video Solution: https://youtu.be/XroUD7XiEg0

Install Mozila FireFox and Export ISGR Root X1 CA (settings->Manage certificates->view certificates->authorities->ISGR Root X1->export) and Install it on Brave (brave://settings/securityManage certificatesinstall).

Problem Solved.

Thanks for your reply. I cannot find this though. I can find Certificates and there are many, but none of them expires 30/9/2021 (all of the certificates are still valid) and none of them is called anything with ISGR Root X1 or DST Root CA X3. I cannot find these in Brave Settings/Security/Certificates…
I also cannot find any possibility for ‘automated root certificate update’ in Brave, or anywhere else (Macbook itself or Firefox).

There may be two reasons:

  • My problem is perhaps different than the update to ISGR Root X1 as solution
  • I do not know how to do this. The ‘automated root certificate update’ may be the best (if I can find out how) so that it does not happen again…

It is frustrating though, because there are so many sites that I cannot open anymore, not only on Brave, but also on CHROME I have problems opening websites. All of them because this:

A private connection to community.brave.com can’t be established because your computer’s date and time (Thursday, September 30, 2021 at 11:21:17 PM) are incorrect.
NET::ERR_CERT_DATE_INVALID

Having the same problem as you listed above. Couldn’t find the automated root certificate update so I followed your instructions with method 2. Didn’t work for me. Also tried adjusting the clock as a temp fix like you said, didn’t work either.

Couldn’t find the settings to fix this. Where do you find this “automated root cert update?”
Still can’t access even Brave.com via Brave.
What is BRAVE doing about this?

I want to inform u that my brave certificate is showing “invalid” and connection is not private.And unable to browse brave related sites and ads.I am using windows 7 professional (64 bit) operating system. That is why, I think my brave browser not updated my balance after viewing ads.My brave balance is not updated at all. Please take a look at this problem arises due to invalid certificate!!!

@sampson @Mattches @steeven @tmancey @brendan

I AM SHARING U THE SCREENSHOT AND RECORDED VIDEO ALSO WITH THAT:

Screenshot_2021-10-02-08-29-44-59|455x500

I think the problem of Vaibhav Vashist may be a different one than what I experience. With me (and others) it is specifically about “computer’s date and time setting are incorrect” even though the date and time setting ARE correct. AND I cannot find any certificate that is not valid either.

I have the problem since 30th September 2021 with Brave. Many website have become inaccesible via Brave. But I also have problems with Chrome. Subscriptions for film/tv do not play anymore. I do not get the message about “computer’s date and time are incorrect”, but the films/programs do not start anymore.

Brave and Chrome are connected, so I think the source of the problem is the same. Hope someone from BRAVE / CHROME can look into this problem soon. It is superfrustrating!!

Following this: (Applicable to Chrome/Brave)
https://kinsta.com/knowledgebase/err_ssl_version_or_cipher_mismatch/#clear-ssl-state

I tried nearly everything on my Windows 7, updated brave to latest version (1.30), installed three certificates (ISRG Root X1, ISRG Root X2, Identrust Commercial Root CA 1), cleared certificates cache, delete the old X3 cert. Rebooted computer. Nothing, absolutely nothing works. I think it isn’t my fault.

I am having the same general problem. However, it also seems to be spreading. While it began around 9/30 with just Protonmail’s login page, I now get this error for roughly half of all pages I try to load. On some, thankfully, Brave at least gives the option, under “Advanced”, to proceed to the page despite it being “unsafe”. But some, like Protonmail (and most frustratingly, Wikipedia), it tells me the problem has to do with “HSTS” instead:

You cannot visit en.wikipedia.org right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

…and then there is no option to proceed anyway.

As some others here have noticed, the problem does not actually seem to be localized to Brave. I have tried Safari and Ungoogled Chromium so far, and both have the same issue on generally the same sites as Brave.

Even odder, in the last day or two this problem has also appeared on my iPhone: I can no longer get Wikipedia and instead am told:

Safari cannot open the page because it could not establish a secure connection to the server.

So if this is happening to so many sites on so many browsers and BOTH my laptop and iphone, it seems like this must be some deep systemic bug that has nothing to do with anything we’ve done.

I have no idea what the “Let’s Encrypt” or “DST Root CA X3” certificate is, but I hope it gets fixed mighty soon!

I’m getting the same NET::ERR_CERT_DATE_INVALID message, certain sites not loading or some resources inaccessible. I’m running Windows 7 as well, with brave up to date.

Damn! I thought I was the only one who had received the strange notice “Your connection is not secure or NET::ERR CERT DATE INVALID.” The protonmail ads aren’t working or not accessible, yet bybits ads are working fine, and my bat rewards aren’t increasing despite viewing ads.

This might be relevant, and the dates seem to line up.

Thanks! Fofkla already suggested this (on 30/9) in the beginning of this thread, but there is no solution how to solve it next. I do not find any certificate that is outdated at all. I also do not find ‘DST Root CA X3’ or ‘ISRG Root X1’. Also I do not find any possibility for auto update the certificate…

So I still have these same problems. Brave cannot open half of the websites because of ‘NET::ERR_CERT_DATE_INVALID’. Chrome does not play any video or program anymore… I really hope somebody from BRAVE / CHROME will look into this. It is super frustrating!

Fofkla’s solution:

1 Check if automated root certificate update is turned off, if it is then turn it on. It will auto update the certificate. (In my case can’t find the automatic option)

2 Export the ISGR Root X1 certificate from some other machine and install it in yours. (Export CA from Mozila FireFox and Import it to Brave)

Are you running Windows 7?

If so, this article might help. Not sure but check it out. https://support.microsoft.com/en-us/topic/support-for-urgent-trusted-root-updates-for-windows-root-certificate-program-in-windows-a4ac4d6c-7c62-3b6e-dfd2-377982bf3ea5

Being blunt, and this isn’t necessarily to you specifically but more for anyone who is on Win7: at some point people should (and will need to) upgrade out of Windows 7; it’s not even supported by MS anymore and it’s not reasonable to assume all software vendors will have to work around underlying issues caused by lack of operating system support. And there are many other reasons to upgrade as well, not just forward compatibility; there are security benefits as well. In many cases you can get a free upgrade from MS.

I realize there are some who can’t due to lack of a license, or performance issues, etc. but again there isn’t any easy solution to push onto s/w vendors for this kind of problem.

Hi JimB1,

I have a Macbook. No Windows 7…

I really hope someone from BRAVE itself and/or CHROME will pick this up. They must have changed something or something has changed on internet, but they would be the one’s who can look into it and find a solution to keep BRAVE and CHROME functioning for all. Meanwhile I have so many limitations on my computer now, that I can hardly work with it. And all this just since last Thursday. Before there was no issue…

Perhaps there is anyone who knows how to contact BRAVE/CHROME directly…? Do they read all this…?

1 Like