SEC_ERROR_EXPIRED_CERTIFICATE is a Firefox browser error that appears when a website's SSL/TLS certificate has passed its expiration date, breaking the encrypted connection between your browser and the server. To fix it, start by refreshing the page and clearing your browser cache. If that doesn't work, check that your device's date and time are set correctly - a wrong system clock is one of the most common causes of this error appearing even on sites with valid certificates. This guide covers every fix for both users and website owners.
What Is SEC_ERROR_EXPIRED_CERTIFICATE?
SEC_ERROR_EXPIRED_CERTIFICATE is a security error code used primarily by Mozilla Firefox to signal that the SSL/TLS certificate presented by a website is no longer within its validity period. Every SSL/TLS certificate carries a hard expiration date set at the time of issuance. Once that date passes, Firefox refuses the connection rather than allow unencrypted or unverified communication.
This error is specific to Firefox. Chrome and Edge display similar warnings under different error codes, but the underlying cause is identical: the certificate has expired and the browser cannot establish a trusted encrypted session.
What Causes the SEC_ERROR_EXPIRED_CERTIFICATE Error?
Four distinct issues trigger this error, and identifying the right one saves you time.
- Expired SSL/TLS certificate on the server: The most direct cause. The website's SSL/TLS certificate passed its expiration date without being renewed. Since March 2026, public certificates max out at 200 days of validity - down from 398 days - following the CA/Browser Forum's approval of Ballot SC-081v3 on certificate validity reduction (April 2025). Renewal windows are narrowing, and missed renewals are increasingly common.
- Incorrect system date and time: If your device's clock is set to a date outside the certificate's validity window, Firefox treats the certificate as expired even when it is perfectly current. This is a client-side problem entirely independent of the website.
- Stale browser cache: Firefox can cache an older, expired version of a certificate. Even after the website owner installs a renewed certificate, your browser may still serve the cached expired one.
- Expired intermediate certificate in the chain: SSL/TLS certificates rely on a chain of trust running from the site certificate up through intermediate certificates to a trusted root. If any intermediate certificate in that chain has expired, the entire chain breaks - triggering this error even when the site's own certificate is valid.
How to Fix SEC_ERROR_EXPIRED_CERTIFICATE (Step-by-Step)
Work through these fixes in order. Most users resolve this within the first two steps.
Fix 1: Refresh the Page
A temporary server hiccup or a mid-renewal moment can produce this error. Before doing anything else, press F5 (Windows/Linux) or Cmd+R (Mac). If the error disappears, no further action is needed.
Fix 2: Clear browser cache to Fix Certificate Error
Clearing your Firefox cache eliminates stale certificate data that Firefox may have stored from a previous visit.
- Click the hamburger menu (three lines) in the top-right corner
- Go to Settings → Privacy & Security
- Under Cookies and Site Data, click Clear Data
- Check both Cookies and Site Data and Cached Web Content
- Click Clear, then restart Firefox and revisit the site
For Chrome users seeing a similar error: go to More Tools → Clear Browsing Data, select Cached images and files and Cookies, then click Clear data.
Fix 3: System time causing SSL error - Correct Your Device Clock
A wrong system clock is the most overlooked cause of certificate errors. Firefox validates certificates against the current date - if your clock is even a day off, a valid certificate may appear expired.
On Windows:
- Right-click the clock in the taskbar → Adjust date/time
- Toggle Set time automatically off, then back on
- Click Sync now under Synchronize your clock
On macOS:
- Apple menu → System Settings → General → Date & Time
- Enable Set time and date automatically
On Linux (Ubuntu):
- Settings → Details → Date & Time
- Toggle Automatic Date & Time off, then on
After correcting the clock, close and reopen Firefox, then revisit the site.
Fix 4: Browser update fix SSL error - Update Firefox
Outdated versions of Firefox can mishandle certificate chains or use outdated root certificate stores. Keeping Firefox current ensures it recognizes the latest trusted certificate authorities.
- Click the hamburger menu → Help → About Firefox
- Firefox checks for updates automatically and installs them
- Restart Firefox when prompted
Fix 5: SEC_ERROR_EXPIRED_CERTIFICATE bypass - Temporarily Proceed (Use With Caution)
Firefox allows you to bypass the warning and proceed to the site, but this should only be used when you are certain the site is trustworthy and you understand the risk: the connection is not fully verified.
- On the error page, click Advanced
- Click Accept the Risk and Continue
Never use this bypass on banking sites, e-commerce checkouts, or any page where you enter passwords or personal data.
What Should Website Owners Do When Website SSL Certificate Expired?
If visitors are reporting SEC_ERROR_EXPIRED_CERTIFICATE on your site, the problem is on your server. Here is how to resolve it and prevent recurrence.
Renew Your Certificate Immediately
Check the expiration date of your current certificate using the free SSL Checker tool. If it has expired, contact your certificate authority and renew your SSL certificate - ideally at least 30 days before the expiry date. After renewal, verify that you install the full certificate chain, including all intermediate certificates. An incomplete chain triggers the same error even with a valid leaf certificate.
Automate Certificate Renewal
Manual certificate management is increasingly unsustainable. According to DigiCert's State of PKI Automation report, two in three enterprises have experienced outages caused by expiring certificates. Tools like Let's Encrypt with Certbot handle issuance and renewal automatically, eliminating the risk of a missed deadline.
Understand How Certificate Error Affects SEO
An expired certificate does more than trigger browser warnings. Search engines treat HTTPS as a ranking signal - sites serving expired certificate errors can see rankings drop as crawlers register the insecure state. With Google's Transparency Report showing 95% of web traffic on its platforms now encrypted (as of mid-2025), any break in HTTPS coverage puts a site at a measurable disadvantage.
How to Check SSL Certificate Expiry
Use an SSL monitoring tool that sends renewal alerts at 30, 14, and 7 days before expiry. Many hosting panels (cPanel, Plesk) include built-in certificate monitoring. For sites with multiple subdomains, a dedicated certificate lifecycle management platform is worth the investment, particularly as certificate validity periods continue to shorten.
SEC_ERROR_EXPIRED_CERTIFICATE vs. Similar Errors
| Error Code | Browser | Root Cause | Primary Fix |
| SEC_ERROR_EXPIRED_CERTIFICATE | Firefox | Certificate past expiry date | Renew certificate or fix system clock |
| NET::ERR_CERT_DATE_INVALID | Chrome | Certificate date mismatch | Correct system time or renew cert |
| NET::ERR_CERT_AUTHORITY_INVALID | Chrome | Untrusted certificate authority | Install correct root/intermediate cert |
| SSL_ERROR_BAD_CERT_DOMAIN | Firefox | Cert domain doesn't match URL | Reissue cert for correct domain |
| SEC_ERROR_UNKNOWN_ISSUER | Firefox | Missing intermediate certificate | Install full certificate chain |
Frequently Asked Questions about SEC_ERROR_EXPIRED_CERTIFICATE Error
Can I bypass the SEC_ERROR_EXPIRED_CERTIFICATE error in Firefox?
Yes - click Advanced on the error page, then Accept the Risk and Continue. This gives you temporary access but does not fix the underlying problem. Avoid using this workaround on sites that handle passwords, payments, or personal information, as the connection's integrity cannot be guaranteed.
What is the SEC_ERROR_EXPIRED_CERTIFICATE error on a self-signed certificate?
Self-signed certificates also carry expiration dates and trigger the same error when they lapse. Because they are not issued by a trusted certificate authority, Firefox will show an additional warning about the untrusted issuer alongside the expiry error. Renewing or regenerating the self-signed certificate resolves it.
Why is SEC_ERROR_EXPIRED_CERTIFICATE still showing after renewal?
The most common cause is a cached copy of the old certificate stored in your browser. Clear Firefox's cache and cookies, restart the browser, and revisit the site. If the error persists for the website owner, confirm that the renewed certificate was installed correctly on the server and that the full intermediate chain is included.
How long is an SSL certificate valid?
As of March 15, 2026, new public SSL/TLS certificates are capped at 200 days of validity - reduced from the previous 398-day maximum under the CA/B Forum's phased schedule. Validity periods will continue shortening to 100 days by March 2027 and 47 days by March 2029.
What happens if I don’t fix an expired SSL certificate on my website?
Firefox and other browsers will block visitors with a full-page warning, effectively taking your site offline for most users. Search engines may also flag the site as insecure, which can suppress search rankings. If your site processes any user data or payments, operating with an expired certificate may create legal liability under data protection regulations.
Is SEC_ERROR_EXPIRED_CERTIFICATE only a Firefox error?
The specific error code is Firefox-only - it is part of Mozilla's Network Security Services (NSS) library. Chrome shows the equivalent as NET::ERR_CERT_DATE_INVALID, and Edge displays a similar "Your connection isn't private" page. The underlying cause - an expired SSL/TLS certificate or a mismatched system clock - is the same across all browsers.
Priya Mervana
Verified Web Security Experts
Priya Mervana is working at SSLInsights.com as a web security expert with over 10 years of experience writing about encryption, SSL certificates, and online privacy. She aims to make complex security topics easily understandable for everyday internet users.
