Stuck with the error, Your connection is not private err_cert_authority_invalid? We can help you.
With this error websites secured by Let’s Encrypt certificates show ERR_CERT_AUTHORITY_INVALID warning after September 30, 2021.
As part of our Server Management Services, we assist our customers with several Plesk queries.
Today, let us see how we can fix this error.
Your connection is not private err_cert_authority_invalid
Most often, the symptom of this error is as following:
- After September 30, 2021, websites hosted and secured on a Plesk with Let’s Encrypt certificates, show the error, ERR_CERT_AUTHORITY_INVALID.
- We see the certificate DST Root CA X3 in the certificate chain (Padlock icon in address bar > Certificate > Certification Path).
Generally, the cause of this error is the expiration of the DST Root CA X3 root certificate on September 30, 2021, at 14:01:15 GMT.
This can affecrt outdated client operating systems, including:
- Windows < XP SP3
- Windows 7
- macOS < 10.12.1
- iOS < 10
- Android < 7.1.1
- Ubuntu < 16.04
- Debian < 8
Moving ahead, let us see how our Support Techs resolve this error.
When it is in Windows Server, we install the latest OS updates and reboot the server to refresh the root certificates cache.
On the other hand, for an outdated Linux server, we need to apply the steps below:
- Initially, we connect to the server using SSH.
- Then we open the file /etc/ca-certificates.conf for editing.
- Eventually, we comment out the line mozilla/DST_Root_CA_X3.crt by putting the symbol, ! to the beginning of the line and save the file.
- Finally, we execute the command:
In case, we receive TLS errors in the contact form or email clients, we change the hostname to server hostname instead of mail.domainname.
[Need help with the fix? We are here for you]
In short, we saw how our Support Techs fix the Plesk error for our customers.