NET::ERR_CERT_DATE_INVALID - Certificate Expiration Errors

One of the most common yet preventable SSL errors occurs when certificates expire. Browsers check certificate validity dates and refuse connections to sites with expired certificates, displaying prominent warnings that can't be easily bypassed. The error messages vary by browser—Chrome shows "NET::ERR_CERT_DATE_INVALID," Firefox displays "SEC_ERROR_EXPIRED_CERTIFICATE," and Safari warns "This certificate is not valid." Regardless of the specific message, expired certificates completely break the trust model that SSL depends upon.

Certificate expiration happens because SSL certificates have defined validity periods, typically one year for commercial certificates or 90 days for Let's Encrypt certificates. These limited lifespans ensure regular key rotation and provide opportunities to revoke compromised certificates, but they also create ongoing maintenance requirements. When certificates expire, browsers assume the site is no longer maintained or potentially compromised, protecting users by blocking access.

Fixing expired certificate errors requires immediate certificate renewal and installation. For Let's Encrypt certificates, run your ACME client to obtain a new certificate—most clients like Certbot can renew and install automatically with a single command. For commercial certificates, log into your certificate authority's portal to renew, though this may require new validation for OV or EV certificates. After obtaining the renewed certificate, install it following your platform's standard procedures and restart your web server to load the new certificate.

Prevention is far superior to reactive fixes for certificate expiration. Implement monitoring systems that alert you well before expiration—30 days provides ample time for renewal even with manual processes. Certificate monitoring services like SSLMate's Cert Spotter or uptime monitoring tools with SSL checks provide email alerts before expiration. For critical sites, configure multiple notification methods and establish clear responsibility for certificate renewals. Automation through ACME protocols or certificate management platforms eliminates expiration risks entirely for supported certificate types.