I get security certificate errors

When a security certificate error occurs, you get the message:

  • “Your connection is not private”.
  • “This site threatens your computer security”.
  • “Incorrect certificate”.
  • “Error in security certificate”.
  • “This is an untrusted connection”.

Untrusted connection or invalid security certificate errors may occur due to a conflict between the browser and computer settings. These errors may also be caused by your antivirus software. To find out why you are receiving the certificate error, look for its code at the end of the message.

Error code Solution
  • ssl_error_bad_cert_domain
 Make sure that the correct address is entered in your browser's address bar — mail.yandex.com or passport.yandex.com, and that the / symbol is after com rather than a period or some other symbol.
  • err_cert_date_invalid
  • sec_error_oscp_invalid_signing_cert
  • sec_error_expired_issuer_certificate
  • sec_error_expired_certificate
  • sec_error_ocsp_future_response
 Make sure that your date and time are correctly set on your computer. If the wrong date or time is set, the system may incorrectly determine that the certificate period didn't start yet or that it is already expired.
  • err_cert_common_name_invalid
  • err_cert_authority_invalid
  • sec_error_unknown_issuer
 Make sure that your antivirus settings are not configured to check HTTPS connections. More information about how this can be done in Kaspersky Internet Security and ESET NOD32 Smart Security can be found under the table.

If you don't have an antivirus program on your computer, hackers may replace your security certificate using malware or an MITM attack. Check your computer for viruses using free antivirus programs, like CureIt! by Dr.Web or Kaspersky Virus Removal Tool.
Error code Solution
  • ssl_error_bad_cert_domain
 Make sure that the correct address is entered in your browser's address bar — mail.yandex.com or passport.yandex.com, and that the / symbol is after com rather than a period or some other symbol.
  • err_cert_date_invalid
  • sec_error_oscp_invalid_signing_cert
  • sec_error_expired_issuer_certificate
  • sec_error_expired_certificate
  • sec_error_ocsp_future_response
 Make sure that your date and time are correctly set on your computer. If the wrong date or time is set, the system may incorrectly determine that the certificate period didn't start yet or that it is already expired.
  • err_cert_common_name_invalid
  • err_cert_authority_invalid
  • sec_error_unknown_issuer
 Make sure that your antivirus settings are not configured to check HTTPS connections. More information about how this can be done in Kaspersky Internet Security and ESET NOD32 Smart Security can be found under the table.

If you don't have an antivirus program on your computer, hackers may replace your security certificate using malware or an MITM attack. Check your computer for viruses using free antivirus programs, like CureIt! by Dr.Web or Kaspersky Virus Removal Tool.
Disabling HTTPS connection checks in Kaspersky Internet Security
  1. Open the antivirus window and click the button in the bottom left corner.
  2. Go to the Advanced settings tab and choose Network.

  3. In the Check secure connections block, choose Do not check secure connections and confirm the action.
Disabling verifications of HTTPS connections in ESET NOD32 Smart Security
  1. Open the antivirus window, go to the Settings tab and click the Additional link.
  2. In the Web and Email → SSL/TLS block, disable the Enable SSL/TLS protocol filtering option.
  3. В блоке Интернет и электронная почта → Защита доступа в Интернет → Веб-протоколы → Настройка модуля сканирования HTTPS отключите опцию Включить проверку протокола HTTPS.!!!
  4. Click OK to save changes.