Your Connection Is Not Private: What It Means and How to Fix It

What the sub-error codes mean

Chrome always shows a specific NET:: code. Match yours to identify the cause:

• NET::ERR_CERT_DATE_INVALID — Certificate is expired, or your system clock is wrong
• NET::ERR_CERT_AUTHORITY_INVALID — Certificate is from an untrusted CA (self-signed, or antivirus interception)
• NET::ERR_CERT_COMMON_NAME_INVALID — Certificate hostname doesn't match the site URL
• NET::ERR_CERT_REVOKED — Certificate was revoked by the CA — do not proceed
• NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM — Certificate uses outdated SHA-1 signing

Most likely causes (ranked)

1. Wrong system clock — causes NET::ERR_CERT_DATE_INVALID on every HTTPS site
2. Antivirus HTTPS/SSL inspection intercepting with an untrusted intermediate certificate
3. Captive portal (hotel/airport Wi-Fi) intercepting HTTPS before you've authenticated
4. Site certificate expired — site operator hasn't renewed
5. Self-signed certificate on a router admin page or internal tool

How to fix Your Connection Is Not Private

Step 1: Read the sub-error code

Below "Your connection is not private", Chrome shows a code like NET::ERR_CERT_DATE_INVALID. Note this before doing anything — it tells you whether the problem is local (your clock, your antivirus) or server-side (their certificate).

Step 2: Check your system clock

If every HTTPS site shows this warning, your clock is almost certainly wrong.
Windows: Settings → Time & Language → Date & time → toggle "Set time automatically" off and on → Sync now.
macOS: System Settings → General → Date & Time → toggle "Set automatically" off and on.

Step 3: Try a different network

Captive portals (hotel, airport, coffee shop Wi-Fi) inject a login page into HTTPS connections, triggering this warning until you authenticate. Try switching to mobile hotspot — if the site loads, connect to the captive portal's login page first (usually by visiting any HTTP URL), then retry.

Step 4: Disable antivirus HTTPS scanning

Antivirus products that inspect encrypted traffic insert their own certificate. If their root certificate isn't trusted by Chrome, every HTTPS site shows this warning. Disable "HTTPS scanning", "Web Shield", or "SSL inspection" in your antivirus settings temporarily — if the warning clears, the antivirus is the cause. Update your antivirus or add the site to its exclusion list.

Step 5: Clear browser cache and HSTS state

Press Ctrl+Shift+Delete → Advanced → check Cookies and site data + Cached images → Clear data.
Also clear HSTS for the domain: go to chrome://net-internals/#hsts → Delete domain security policies → enter the domain → Delete.

Frequently Asked Questions

Is it safe to click "Proceed anyway"?

Depends on the error. If your own clock was wrong and you've now fixed it, proceeding temporarily is safe. For NET::ERR_CERT_REVOKED, never proceed — the certificate was explicitly revoked. For self-signed certificates on your own router admin page, proceeding is generally safe. For unfamiliar public sites with NET::ERR_CERT_AUTHORITY_INVALID, do not proceed — your data could be intercepted.

Why does this appear on every site suddenly?

When every HTTPS site triggers this simultaneously, the cause is almost always local: your system clock is wrong, your antivirus updated its SSL inspection certificate, or a corporate proxy changed its intercepting certificate. Fix your system clock first — that resolves the majority of sudden all-sites cases.