How to Fix the SEC_ERROR_EXPIRED_CERTIFICATE?

1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 5.00 out of 5)
Loading...
SEC_ERROR_EXPIRED_CERTIFICATE Firefox Error

Imagine this. You are surfing the web, whether you are about to purchase an item or read a crucial article, when BAM, you get blocked. There is a big warning screen that replaces it. The background is dark, and the text is frightening and screams SEC_ERROR_EXPIRED_CERTIFICATE.

As a visitor to the website, it is most likely that you have pressed the Back button right away. As a website owner, you have lost one of your potential customers. The currency of the web is trust. Once a browser warns a user about an insecure site, that credibility is gone in a jiffy.

What is the Implication of this Error?

I’ll keep this simple. All reliable sites have an SSL/TLS Certificate with a small padlock on your URL bar. Imagine it to be a driver’s license. It demonstrates that the site is what it claims to be and codes the information between you and the server, such that hackers are unable to steal the information.

Similar to the driver’s license, the certificate of the SSL expires. The term SEC_ERROR_EXPIRED_CERTIFICATE normally refers to two things:

  • Your computer is in a state of confusion on the day of the week, and a genuine certificate will appear as a fake one.

This is the way you make it right, broken down by who you are.

How to Fix SEC_ERROR_EXPIRED_CERTIFICATE? (As a Visitor)

You do not need to panic when you encounter this error on your way to accessing a site. On your part, we may be having a problem.

These three steps should be tried before giving up on the site.

Fix Your Date and Time

Windows: Right-click on the clock in your taskbar, then choose Adjust date/time. Ensure the switches for the feature of Set time automatically are on.

Mac: Open Systems Preferences Date and Time. Select the option of setting the date and time automatically.

After you have synchronised your clock, refresh the page. This is the solution to the problem for nine out of ten.

Clear Your SSL State and Cache

Browsers save the backup information to load faster. The reason is that sometimes your browser may save an expired certificate on your computer, although the site owner has changed the certificate.

You must make your browser forget.

Firefox: Select Options, then go to Privacy and Security. In the Cookies and Site Data, click Clear Data and make sure that the option of Cached Web Content is selected.

Under Windows (system-wide): Press Win + R, enter inetcpl.cpl, switch to the Content tab, and press ClearSSL state.

The “Private Window” Trick

With Firefox, you can also discover that you cannot even click on the advanced to get through the warning.

This is normally brought about by HSTS (HTTP Strict Transport Security). The HSTS will not allow the browser to continue since it will consider any error as a serious security threat. These restrictions can be overcome by a private or incognito window.

Also Read: How To Fix the HSTS Missing from HTTPS Server Error?

Caution: This is just a warning; only jump over it when you are certain that you have trusted the site 100%. Your data is in danger if you disregard such mistakes on a site where you provide credit card details.

How to Fix It (If You Are the Website Owner)?

In case this is your location, you are losing traffic with each second that the mistake is shown. You need to act quickly.

This is your checklist to be back in the green.

Renew Your Certificate

The most typical cause of such a mistake is that you just forgot to renew your SSL. Certs have a lifespan of years, which is currently very limited in most cases to 13 months to 2 years, a very unexpected to most business owners.

Check with your hosting provider of Certificate Authority (CA) for the expiry date. Once it is passed, it must be renewed at once.

The “Ghost” Renewal (Reload Your Server)

The automation may fail even when such settings as auto-renewal are enabled with Certbot or Let’s Encrypt.

The most frequent problem is that the renewal command copies the files on disk, but leaves the old certificate in memory on a web server. They would then be advised to reload the server.

In the case of Nginx, it should be run by: 

sudo nginx -s reload

In the case of Apache, restart the service.

Check your load balancer, in case you are on AWS. You can update the certificate on the instance, although the ALB (Application Load Balancer) can be serving the old one.

Export the new cert to AWS Certificate Manager and assign it to the load balancer.

Check Your Intermediate Certificates:

In some cases, the principal certificate is in place, yet the chain of trust is absent. When these so-called middleman certificates are either missing or are out of date, browsers such as Firefox will have an error, while others may not.

To install, it is important to have the full chain, which is typically included in a file called fullchain.pem, etc.

Conclusion

I hope that by following the above process, you have resolved the expired certificate warning. If you need an SSL Certificate for your website, check out CheapSSLWEB.

Fix Not Secure Website Warning

Immediately Fix “Connection not Secure & other Browser Security Warnings with Trusted SSL Certificates.

Buy at Just $3.99/Yr
Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast having 7+ years of experience and knowledge about Encryption, Digital Certificates and Online Security, She helps online users to stay safe and protect their online presence. Explore SSL Errors, Installation Guide and Security Tutorials for Safe Browsing and Web Security Experience.