HTTPS errors in the browser (ERR_CERT_DATE_INVALID, Mixed Content, NET::ERR_CERT_AUTHORITY_INVALID) are related to the SSL certificate or web server configuration. Solutions for each error are below.
Applies to:
✔ VPS
✔ Dedicated servers
✔ Nginx, Apache
The certificate has expired or is not yet valid.
echo | openssl s_client -connect your-domain.com:443 2>/dev/null | openssl x509 -noout -dates
If expired, renew. For Let's Encrypt:
certbot renew
systemctl reload nginx
The browser doesn't trust the certificate issuer. Common causes:
openssl s_client -connect your-domain.com:443 -showcerts
Nginx: use fullchain.pem instead of cert.pem:
ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem;
The page loads over HTTPS but contains resources (images, scripts, styles) over HTTP.
Replace all HTTP links with HTTPS or use protocol-relative URLs:
Was: http://example.com/image.jpg
Now: https://example.com/image.jpg
Or: //example.com/image.jpg
Nginx:
server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri;
}
Apache (.htaccess):
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
nginx -t
Verify certificate and key paths are correct:
ls -la /etc/letsencrypt/live/your-domain/
curl -I https://your-domain.com
echo | openssl s_client -connect your-domain.com:443 2>/dev/null | openssl x509 -noout -subject -dates
If the error persists after updating the certificate and checking the configuration, open a support ticket. Attach the output of nginx -t and certificate information.