3 fixes for “the certificate for this server is invalid” error

When you visit some websites on your Mac, you may notice that you get a warning that says, “the certificate for this server is invalid,” and asks you what to do next.

The certificate in question is the one used by Mac to validate the connection you are trying to make to a server. If the certificate for that connection has expired or is invalid, macOS warns you about that and asks you to choose to continue, inspect the certificate, or cancel.

If it happens once or twice, it’s not too much of a problem. If it happens on almost every website you visit, it becomes a severe inconvenience. This article aims to show you what to do when you see such a warning. So, no panic; keep calm and keep reading.

What is the certificate?

The certificate is what authenticates a website’s identity. It establishes an encrypted and secure connection between a browser and a web server, and so all data the user sends and receives is encrypted with public and private keys.

Why does Mac display an invalid certificate warning?

Certificates form part of the HTTPS protocol and are issued by a trusted certificate authority. macOS must check the certificate before it connects to any website. If the certificate is not valid or expired, your Mac will display this warning. You can either ignore the warning, inspect the certificate, or abandon the attempt to connect.

One common cause of the warning can be incorrect date & time on Mac — authenticating a certificate requires your Mac’s clock to be synced with the clock on the server.

Also, if a specific website changes the server, but your browser has cached the old server details, that can cause a warning pop-up.

How to get Mac to trust a certificate?

If you see such notices frequently, here are some ways to get your Mac to trust a certificate and fix the problem.

1. Check date & time on Mac

Time on your Mac should be in sync with the server your device is connected to. So, when you have an invalid certificate error, you need to check your date and time settings.

Within a few minutes, the issue should disappear.

  1. Click the Apple menu and choose System Settings.
  2. Select General > Date & Time.
  3. Ensure that the “Set date and time automatically” option is turned on.
  4. Quit System Settings.

2. Clear the browser cache

The most straightforward and apparent reason why the invalid certificate error appears on a website is that the site has changed its domain. As your browser downloads pages from the cache, it may cache obsolete pages. So, another thing you should do when you see that message is to clear the browser cache.

To clear cache in Safari, go to the Settings page and then the Advanced tab to enable the Develop menu/features for web developers. Then, click the Develop menu and choose Empty Caches.

There’s a quicker way to remove cache and other browsing data from all your browsers at once. CleanMyMac X can help you do that. This tool has many useful features for your Mac, and Apple notarizes it.

  1. Download CleanMyMac X for free and install it.
  2. Open the app, go to the Privacy feature, and click Scan.
  3. Check and remove the browsing data.
CleanMyMac X - Chrome in Privacy tab

The app will remove outdated cache and help erase all traces of your online activity.

3. Modify the trust settings

If fixing the date & time and removing the browser cache don’t solve the issue, the next step is to change the trust settings for certificates causing the problem. Most certificates will use default settings that will either mean they are trusted or not. Some certificates use custom settings. If these custom settings are set incorrectly, it can cause macOS to display an invalid certificate error.

Now, you have two options: set these certificates to be trusted in all circumstances or adjust custom settings. But be cautious! Only do so if you know what connections the certificate is needed for.

How do I find certificates on my Mac?

  1. Go to Utilities and open Keychain Access.
  2. Select the login keychain.
  3. Choose Certificates at the top menu bar.

If any certificates display a red “X” under its name, right-click the certificate and choose Delete. The certificate will be re-downloaded.

To edit settings for certificates with custom settings, follow these steps:

  1. Double-click the certificate to open its settings.
  2. Click the arrow next to Trust.
  3. Use the dropdown menus to make adjustments.
  4. Close the window.
  5. Quit Keychain Access when you’re done.

How to delete problematic certificates?

If you cannot adjust the settings of a certificate that’s causing a problem, you can delete it. The certificate will be downloaded again the next time it is needed. When you next see the error, take note of the certificate’s name. Then, open Keychain Access and follow the steps above.

You should only do this for certificates in your login keychain. Never delete certificates in System Root, as this could cause severe problems for your macOS.

The invalid certificate error on Mac can be very frustrating, especially if it keeps appearing repeatedly. However, there are hacks you can try from this article to fix it. Just remember to edit or delete certificates in your login keychain only and not the one in System Root. I hope this article was helpful and your problem is forever gone.

Laptop with CleanMyMac
CleanMyMac X

Your Mac. As good as new.