Description of the issue:
Multiple financially related websites return a “NET::ERR_CERT_INVALID” = “Certificate is not valid” error, e.g., websites for
discover, americanexpress, citi, usaa, experian, https://secure08ea.chase.com/web/auth/dashboard
Steps to Reproduce (add as many as necessary): 1. 2. 3.
Launch Brave browser
Type in URL of any of the aforementioned websites
I receive the “Your connection is not private” error
Actual Result (gifs and screenshots are welcome!):
These are screenshots from Brave tabs for the previously mentioned URLs, including certificate information:
@EVAyson Just out of curiosity, do you use Avast? If so, try to disable it. Or can check with whatever firewall/antivirus/vpn you’re using to see if it creates conflict. Part of where I’m asking is someone had a similar situation with a different site. They found that Avast was causing issues.
Actually, just looked closer at what your screenshot shows. And yes, your error message does say Avast. So that likely is your culprit.
I am facing exact same issue as @EVAyson with self signed certificate. Suddenly today Brave is displaying warning page without possibility to accept risk (two days ago everything was fine - certificate is installed in system, so Brave was recognizing it properly). Certificate is of course still valid.
Using Edge everything is working.
With Brave on Android everything is working too.
It indeed appears that the Avast feature “Web Shield” is the culprit. Interesting that it would start acting up like this after having no apparent problems previously. I’ll def send Avast a trouble ticket. Thanks for the fix!
Specifically, it’s the HTTPS Scanning feature of the Web Shield function that is causing the problem. One workaround is to configure any website URL(s) which trigger the error message into the Exception list on the 3rd tab in the Web Shield screen.
However if, like me, you’re unclear as to what value is added by this feature and you’re reluctant to maintain a list of URLs within an application without assurance that an external copy isn’t being maintained by the vendor, then the alternative workaround is to un-tick the HTTPS Scanning checkbox on the Web Shield screen.
I have the same problem, getting an NET::ERR_CERT_INVALID error. But it is every site I try, not just financial ones. I don’t know how to get the information that EVAyson seems to get in his error messages, which turned out to be useful. My error message just told me that brave.community for example, sent me scrambled credentials!
I use Kaspersky, and I tried turning that off, but it made no difference. I also downloaded and import the IRG certificates, X1 and X2 to no avail.
I’ve temporarily not using Brave, as Firefox works just fine, as does Edge which I do not use
I think I found fix for my issue. As I mentioned in my first post I had problems with self-signed certificates (I am using them with my self-hosted services, asus router and synology nas).
I was using certificates that wasnt signed with root CA. I have generated new certificates signed with certificate authority, installed ca in OS and certificates are now accepted by brave and chrome.
But why previous certificates suddenly stopped to be accepted - no idea. Maybe there was some security hardening in chromium/brave - if someone have some information about certificates secuity hardening around January of 2023 please let me know, Im curious about that.
In Asus router there is no option to upload my own certificate (I can only download .crt), so I have to accept red messages in brave.
Also typing “thisisunsafe” on keyboard while there is no “Proceed anyway” button is bypassing problem (but only bypassing, it is not a proper solution).