← Back to Home (Checker) View All Guides
Security

How to Fix an Expired SSL Certificate

If you try to visit a site (or your own site) and are blocked by a huge browser warning that says "Your connection is not private" or "NET::ERR_CERT_DATE_INVALID," this is almost always due to an expired SSL certificate. Your site is still "UP," but browsers are actively blocking users from it for security reasons.

What Is an SSL Certificate?

An SSL certificate is a tiny data file that enables an encrypted connection between a web server and a browser. It's what puts the "S" in "HTTPS" and displays the padlock icon in your browser's address bar. These certificates don't last forever. They must be renewed to remain valid.

How to Fix an Expired SSL (For Site Owners)

1. Check Your Host's SSL/TLS Settings

Most modern web hosts provide free, automatic SSL certificates through Let's Encrypt. Sometimes, this automatic renewal process can fail.

  • Log in to your hosting control panel.
  • Navigate to the "SSL/TLS" or "Security" section.
  • Find your domain in the list. Click "Renew," "Re-issue," or "Run AutoSSL."

2. Check Cloudflare or CDN Settings

If you use a proxy service like Cloudflare, you have two SSL certificates: Client-to-Cloudflare and Cloudflare-to-Server. If the certificate on your host expires, Cloudflare can't connect. Renew the certificate on your host first.

What to Do as a Visitor

There is nothing you can do to fix an expired certificate. **Do not click "Proceed anyway."** This bypasses the security warning and means any data you send to that site could be intercepted. Wait for the site owner to renew it.