Google-chrome – Chrome complains about HSTS


As of April 13, navigating to Facebook returns a giant red padlock with a NET::ERR_CERT_DATE_INVALID response. Like, a really big padlock.

The error message seemed descriptive enough, so I pulled up Facebook in Mozilla, only to hit a similar problem. There are a lot of sites that suddenly seem to violate Mozilla's security standards.

Some users have resolved the issue (Mozilla-specific) by deleting a specific file and restarting Firefox. That didn't solve anything for me, and Chrome is still my overarching goal here.

Visited a couple fishy sites over the past week, so I checked my processes and scanned with my favorite antivirus. Oddly enough, my computer is running at 40% memory usage. Then again, memory leaks and W8 have been close friends since the caveman's fire. I doubt that's the issue, but memory usage does spike significantly when I have Chrome open.

The bottom of the Chrome error message says:

You cannot visit right now because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

What's the likely explanation? Does the problem lie with Facebook servers or my machine? I'm inclined to think this is a temporary miscommunication and not a planned attack.

Chrome version 41.0.2
Windows 8, 64-bit

Best Answer

returns a giant red padlock with a NET::ERR_CERT_DATE_INVALID response

TLS (HTTPS) certificates are valid for a specific time, usually for 1-3 years starting with the moment they were issued. The error message is saying that the website's certificate is not valid for the current date according to your computer's clock.

When that happens for many websites at once & across two different browsers, it's usually because your computer's clock has no clue about what the current date is. E.g. it's possible that it was accidentally set to year 2014, or an old CMOS battery caused it to reset to year 2001.

Check for the current time. (Chrome used to detect such clock misadjustments and show a much clearer error message, but apparently that doesn't always work.)

Related Question