Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

How to Fix NET::ERR_CERT_REVOKED Error in Chrome, Firefox and IE?

Servers and users communicate their messages securely if the website owner has protected the website using an SSL/TLS Certificate. A genuine SSL/TLS certificate ensures that the communication done between a server and a website will remain secure and protected. Hence, whoever tries to intercept packages in the network will fail to do so.

Nonetheless, certain scenarios occur where a connection may become unsecured even if an SSL/TLS certificate is installed. Thus, the error message ERR_CERT_REVOKED or ERROR_INTERNET_SEC_CERT_REVOKED is displayed.

Here’s How the Same Error Is Displayed Differently on Different Web Browsers

Though the error is the same, the message displayed is different.

Google Chrome displays NET::ERR_CERT_REVOKED

your-connection-is-not-private-browsers

Mozilla Firefox displays SEC_ERROR_REVOKED_CERTIFICATE

secure-connection-failed-mozilla

Internet Explorer displays ERROR_INTERNET_SEC_CERT_REVOKED

site-is-not-secure-ie

What Causes the Error Message NET::ERR_CERT_REVOKED?

Whenever an SSL installed website is opened in a browser, it checks whether the certificate is valid or not. Usually, the validation of an SSL/TLS Certificate is checked in two different ways.

1. Through CRLs (Certificate Revocation Lists)

First, the list of all the certificates revoked is downloaded by the browser. If the website the user is trying to visit is on the list, this net err_cert_revoked error message will be displayed.

2. Querying QCSP (Query by Using Online Certificate Status Protocol)

Here, the certificate of the website the user is visiting is queried by the browser. It’s faster and quite popular. Many web browsers, including popular ones like Google Chrome and Mozilla Firefox give priority to this method.
Hence, the browser displays the error message ERR_CERT_REVOKED or ERROR_INTERNET_SEC_CERT_REVOKED if the certificate of the website appears in a CRL or QCSP query gives an “invalid” message.

Some other reasons for seeing this revocation error message are:

  • Revocation of the certificate requested by the site
  • The CA might have discovered misissuance of a certificate
  • The private key might have been compromised
  • Network or DNS issue might be stopping the user’s computer from accessing the providers of a CRL list
If you’re a website visitor who’s seeing this net err_cert_revoked error message, then there’s no permanent solution. But you can follow certain steps that can help you temporarily. It’s advised not to do this unless you’re very sure about the website and its owner, also revert the mentioned steps once you leave the site.

How to Fix NET::ERR_CERT_REVOKED in Google Chrome

In Google Chrome, once you get to the page that displays the NET::ERR_CERT_REVOKED error, click anywhere on that page and type ‘thisisunsafe.’ It will instantly bypass this warning message.

For Example:

https://revoked.grc.com/ is displaying the net err_cert_revoked error message in Google Chrome.

your-connection-is-not-private-chrome
After typing: thisisunsafe:
this-is-unsafe
To restore the error message, click on Not Secure in the address bar, click Re-enable warnings and refresh the page.
re-enable-warning

How to Fix SEC_ERROR_REVOKED_CERTIFICATE in Mozilla Firefox

If you’re using Mozilla Firefox, you will have an option to force OCSP to check the certificate revocation list.

For Example:

https://revoked.badssl.com/ displays the error message SEC_ERROR_REVOKED_CERTIFICATE in Mozilla Firefox.

secure-connection-failed-error-mozilla
To solve this error message on a temporary basis on client-side,

Click on three line icon (the hamburger icon) at the top right corner and then Options.

firefox-options
Click on Privacy & Security from the left side and scroll to the bottom of the page. Now, uncheck the ‘Query OCSP responder servers to confirm the current validity of certificates’ option.
mozilla-options
Once you change the OCSP setting in Mozilla Firefox, go to command prompt and run the below commands to remove the CRL and OCSP cache.

certutil -urlcache CRL delete
certutil -urlcache OCSP delete

It will help bypass the error message and show you the web page.

mozilla-options
To restore the error message, check the ‘Query OCSP responder servers to confirm the current validity of certificates’ option in Privacy Security under the Options page and reload the page.

How to Fix ERROR_INTERNET_SEC_CERT_REVOKED in Internet Explorer

To disable certificate revocation check and bypass this error message ERROR_INTERNET_SEC_CERT_REVOKED in Internet Explorer
  • Open Internet Explorer
  • Select Internet Options from the Tools menu
  • In Internet Options, select the Advanced tab and go to the Security section
  • Now, uncheck the option, “Check for server certificate revocation*
  • Click Apply and then OK.
For Example:
By default, it will show the error message like below:
site-is-not-secure-ie
Once you follow the steps, you will be able to bypass the error like:
clear-browser-data
To restore it, check the Check for server certificate revocation* and click Apply and OK and refresh the page.

How to Fix ERROR_INTERNET_SEC_CERT_REVOKED in Internet Explorer

Unfortunately, it’s a server-side error, which means the owner is responsible for solving this error on a permanent basis. Though you’re limited with options, you can solve this error by:

  • Contacting your SSL/TLS certificate provider and know what’s the cause behind it (Only if you haven’t requested certificate revocation).
  • Buy a new SSL/TLS certificate and install it onto your website.

Related Articles:

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More