NET::ERR_CERT_DATE_INVALID Error on All Sites

  1. Win + r. and type “certmgr.msc”
  2. Then, delete 3 items :
    R3 Certificate and DST ROOT CA X3

To delete, just win + r “certmgr.msc” then go thru :

  1. Trusted Root Certification Authorities > Certificates
  2. Intermediate Certification Authorities > Certificates
  3. Third-party root Certification Authorities > Certificates

Right click, and press delete

To locate the right certificate :
Just use Issued By and Expiration Date, search for certificate issued by DST ROOT CA X3, and expired around 29-30 sept 2021.

  1. Install new certificate :
    Download this : https://letsencrypt.org/certs/isrgrootx1.der
    Double click it.
    Then, Choose Local Machine, Next
    Choose Place all Certificates in the following store, and then choose “Trusted Root Certification Authorities” folder
  2. Restart your PC
    Can find more ways to fix NET::ERR_CERT_DATE_INVALID error.
3 Likes

Thanks for this post. One point of clarification, in your “Right click, and press delete” I think could use some clarification that the user would ONLY be deleting the specific certs you referenced earlier – not the whole folder. Just a linguistic clarification.

That said, is the deletion even necessary? I would have thought you could just install the missing CA certs and be done with it.

Also note, this problem will repeat itself at some other time in the future, for those who are running out-of-support OSes.

That’s worked like a charm :slight_smile:
Thx !

Following @fofkla 's method, suggest you try :

  • double clic on ISRG Root X1 certificate in Keychain Access (if on Mac)
  • under Trust, choose “Always Trust” instead of “System Defaults”

Hope this helps, and thanks a lot to @fofkla !

This one worked, thanks sir.

Thank you for your post sir,

It works like a charm. I can now access brave ads and my rewards are increasing.

Thanks again!

@dokey @fofkla In Keychain Access (on my Mac) there is no ‘ISRG Root X1’ at all. Also no ‘DST Root CA X3’.
Problems are the same as before: half of the websites I cannot open anymore on BRAVE and I cannot watch films or programs anymore on CHROME.

So I really started to dislike BRAVE and CHROME for not caring at all to solve this, so that everyone can use it. Especially with CHROME. I depend on it, because programmers only use CHROME as standard for video films and video programs. Hope there will be other possibilities SOON…

1 Like

Hi @liv Did you try ? ==> Install Mozilla FireFox and Export ISGR Root X1 CA ( settings->Manage certificates->view certificates->authorities->ISGR Root X1->export ) and Install it on Brave ( brave://settings/securityManage certificatesinstall ).
The last bit will launch Keychain Access where you can import the ISRGRootX1.crt file you exported from Mozilla. Hope these precisions help. Good luck.

@liv @VaibhavVashist @Sidework

For those who still can’t find the solution here’s How I solved it: https://youtu.be/XroUD7XiEg0

1 Like

@fofkla Thanks! That is a very helpful video. Just in my case I get different result when checking out the Brave settings. The fond is also not black but white.
It might be that this is because my Brave is “Version 1.2.43 Chromium: 79.0.3945.130 (Official Build) (64-bit)”.

I can get under Privacy-Security to “Manage Security Settings: Manage HTTPS/SSL certificates and settings”. When I click on that I get to Key Chain Access. There is no ‘Import’ there, but there a ‘+’. If I click on that I get “Keychain Item Name:” and when I copy/paste the ISGR Root X1 nothing happens. I do not get the option to add this.

Maybe I should open System Roots? I did, but then I cannot use the ‘+’ to add ISGR Root X1 (that I copied from Firefox). Under ‘Certificates’ there are many already present and none of them is expired. Yet I do not see a way to add another certificate. The ‘+’ does not work.

Is there still a way to solve this?

Should I upgrade the Brave? Is this still possible for MacOs 10.10.5? Which one of these would still work with MacOs 10.10.5?

@fofkla,
Thank you for the very helpful video.
Users on macOS can also try the following solutions below which has solved the problem for other macOS users:

Thanks for the solution brother. Now it is working !!!

I don’t understand why Chrome/Brave doesn’t handle certificates like Firefox… This can save many hours for everybody… That’s why Firefox can continue to surf the internet without this kind of massive problem.

1 Like

Supposedly this is coming, with attending pros and cons (as with many things).

Hello Brave Users,
I have found a way through this error (for mac users).

  1. Open Keychain Access
  2. Click on Login under Keychains and All items under category. You need to scroll down until you see ISRG Root X1.
  3. Right click on it and click Get Info, then click on Trust and the last step change the option of **When using this certificate ** to Always Trust after you do this you will be prompted to enter your password, after you have done all this close keychain access and then restart brave.

Hope it helps :slight_smile:

1 Like

Here is a solution to your problem:

Hope it helps :slight_smile: .

1 Like

Thanks for contributing that!

You are welcome. :smiley: . If any more problems you can message me also.

Not sure if anyone is still having this issue, but all I had to do to fix it was download and install security update for whatever version of windows you have. The file will be called KB####### with the #'s being numbers. Good luck citizen.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.