NET::ERR_CERT_DATE_INVALID error on installation and after renewal

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. ), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

My web server is (include version): Apache server

The operating system my web server runs on is (include version): Ubuntu 0.4

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I am using a CMS to control my account.

When we install the let's encrypt certificate on our website, it shows us ERR_CERT_DATE_INVALID error and goes of after refresh. This issue is increasing day by day and is happening for most of our clients.
Example domains:-

Please can you help me figure out what may be the possible issue and how do we fix it. Seems like cert not being installed correctly.

1 Like

Please check the time and date of your computer.

For every hostname there is just a single and valid certificate issued:

Therefore, there is no possibility an older, expired certificate is send to the browser. The only think I can think of resulting in such an error is if the clients computer has the incorrect time and/or date configured.


Its not just showing in our clients device but also to us. This gets very unusual as the error does not follow any pattern. sometime it shows up and sometime it does not. But almost its shows up everytime we install the certificate for the first time or renew the certificate.

1 Like

So you mean it happens to more sites? Because the certificate for site you've mentioned now has never been renewed.

Also it would be helpful to see the certificate info from the browser if you get such an error again. Because I can't find anything wrong with

1 Like

Are you using a load balancer?


Probably not able to give you a better example. Can you please try this:

1 Like

Nothing weird there too. Just one IP address, both www as the apex domain having a perfectly valid Let's Encrypt certificate.

We'd need more info (i.e., screenshots and certificate information) from the error itself, as I can't reproduce it from here.


Sure, will help you with screenshot once it is reproduced again

1 Like

Hi Griffin, We dont use any load balancer as of now

1 Like

Adding to Prashant's question. On SSL Labs we ran a scan of one of our domains that is showing this weird behavior. We got this report. Can someone please help me understand what certificate number 1, 2 and 3 might be. I was under the impression that there is only one certificate.

1 Like

Also, we are getting this error in our sever,
Hotel Id :- 5372, Hotel Name :- Hotel Mint Riva, Hotel URL :-, Status :- HTTPSConnectionPool(host='', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, u'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:727)'),))

Can you help us in figuring out the error. Hotel ID just refers to a shell in our CMS under which we have website for mint hotels .

1 Like

Welcome to the Let's Encrypt Community, Prashant and Tarun :slightly_smiling_face:

I just took a look at your report. You're not just serving multiple certificates. You're serving multiple chains of certificates. This is based on which clients (browsers) that SSL Labs uses to test your server. Some of the clients support SNI while some do not. Similarly, the handshake protocols allowed for certain clients are weak (with no forward secrecy), so that hurts your score.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.