ERR_CERT_DATE_INVALID: What It Means and How to Fix It

What ERR_CERT_DATE_INVALID actually means

TLS certificates have a Not Before and Not After date. During the TLS handshake, your browser compares these against your system clock. If the certificate appears expired (your clock is in the future) or not yet valid (your clock is in the past), this error fires. If every HTTPS site shows this error — the clock is wrong. If only one site shows it — the certificate on that server is expired.

Most likely causes (ranked)

1. System clock is wrong — most common, especially after a dead CMOS battery, VM clone, or manual clock change
2. The website's TLS certificate genuinely expired (server-side, not fixable by you)
3. Certificate is not yet valid — issued but start date is in the future
4. VM or container with a frozen or drifted clock

How to fix ERR_CERT_DATE_INVALID

Step 1: Check your system clock

Look at the date and time in your taskbar or menu bar. If it's wrong, that's the cause. Fix it:

• Windows: Right-click clock → Adjust date/time → toggle "Set time automatically" off then on → "Sync now"
• macOS: System Settings → General → Date & Time → enable "Set time and date automatically"
• Linux: sudo timedatectl set-ntp true
• iOS: Settings → General → Date & Time → enable "Set Automatically"
• Android: Settings → General Management → Date and Time → enable "Automatic date and time"

Step 2: Force NTP sync (Windows)

Open Command Prompt as admin:

w32tm /resync

If this returns an error, ensure the Windows Time service is running: net start w32tm

Step 3: Check the certificate's actual expiry

Click the warning icon → "Certificate is not valid" → Validity. If "Not After" is in the past, the server's certificate is expired — this is the website owner's problem. Wait for them to renew or contact the site administrator.

Step 4: Replace a dead CMOS battery

If your desktop PC clock resets to a wrong date every time it's powered off, the CR2032 CMOS battery on the motherboard is dead. This $2–5 battery replacement permanently fixes the clock reset. Common on PCs over 5 years old.

Frequently Asked Questions

Why does this appear on every site suddenly?

Your system clock is almost certainly wrong — possibly years off. Every certificate appears expired when your clock is far in the future. Fix the clock and all HTTPS sites will load immediately with no other changes needed.

Can I fix it if it's the server's fault?

No — only the website operator can renew an expired certificate. For Let's Encrypt sites, this is usually automated and resolved within hours. You cannot bypass an expired certificate safely.