Exclusive Signup Offer - Get Extra 10% Discount on your first purchase
SSL2BUY
My Cart My Account
Menu
SSL2BUY Wiki
News, Information and Resources about SSL Certificates
Comodo
Sectigo
AlphaSSL
RapidSSL
GeoTrust
Thawte
GlobalSign
DigiCert
Symantec
Authorized Reseller

How To Fix NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error In Google Chrome

SSL/TLS Security Errors

A Layman’s resource manual to Fix NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error In Google Chrome

Do you see the ERR_CERT_WEAK_SIGNATURE_ALGORITHM error on your favorite website? Are you curious to know what causes it and how you can fix it? If so, you are in the right place because we shall now discuss everything there is to know about this rare SSL error. Before we get started, we must admit that this is a server-side SSL error that seldom occurs due to a glitch in the user’s system. In other words, it is one of those rare issues that internet users can only attempt to resolve. With that said, let us now figure out what this SSL error is and why it shows up.

err cert weak signature algorithm

Understanding the ERR_CERT_WEAK_SIGNATURE_ALGORITHM error

The ERR_CERT_WEAK_SIGNATURE_ALGORITHM error shows that the SSL Certificate’s signature hashing algorithm is outdated. Often, websites running on the SHA-1 algorithm show this error across most leading browsers, including Chrome. Suppose you don’t know what the signature algorithm means. In that case, you must know that SSL certificates make use of cryptography to secure client-server communication, and that’s made possible through a cryptographic suite.

This suite includes many algorithms that work together to encrypt the data and prevent sniffers from intercepting it. Even if they somehow managed to intercept it, they would not make sense of the encrypted data, as they would not have the private key. However, this security level is not available when any algorithm in the suite is weak, and so you see the warning message.

Therefore, to protect users from being exposed to various forms of cyberattacks such as packet sniffing, man-in-the-middle, etc.  Google Chrome shows this SSL error. So, don’t blame your browser for showing up the ERR_CERT_WEAK_SIGNATURE_ALGORITHM error. This is done only to protect your data, which may otherwise be intercepted by cybercriminals.

Save up to 85% + 10% OFF

Technicalities of the Weak Signature Error

The ERR_CERT_WEAK_SIGNATURE_ALGORITHM error occurs when the website owner uses the SHA-1 hashing algorithm. In 2017, two decades after it was first released, the SHA-1 was proven insecure by Google and some Dutch technologists. Since it had a 160-bit signature key, it posed numerous security threats, which those experts demonstrated.

Soon after, many leading platforms, including the Google Chrome Browser, began shooting out this SSL warning whenever a user tried to access a website with an SSL certificate that used the SHA-1 signature hashing algorithm. Although Google released the SHA-1 collision document in 2017, Chrome browser’s developers had begun phasing out using the SHA-1 since 2014. After that, the SHA-2 became the standard hashing algorithm, consisting of a 256-bit signature that offers superior security.

Steps to Fix NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error on Google Chrome (For Website Visitors)

In case the error does go away when you connect to a different network from the same device, the issue is with the network, but if the issue persists irrespective of the number of devices and networks changed, that means that the error is because of an issue on the server-side. Usually, this SSL error appears when the website uses an SSL with a weak signature algorithm — something that the website owner must fix. Occasionally, this may happen due to a misconfiguration on your system. In other cases, there may be issues with your browser or operating system, which may be causing the error to occur. In that case, you may want to try the below-mentioned fixes.

Dealing with antivirus and related services

One possible cause of the error is interference caused by antivirus software present on your computer. In this case, the best option would be to find an option that allows you to filter certain web services. Any option that deals with the internet protection aspect can be of help. In the worst case, you can also try to disable the antivirus and restart your computer and try re-accessing the website.

Fix the Date and Time

Incorrect date and time result in many SSL errors that show up in the Chrome browser. So, whenever you encounter one, start by correcting your date and time. You can do that by following the steps mentioned below.

Correcting Date and Time on Windows PC

  • Press the Windows Key and navigate to the Control Panel.
  • Select the ‘Clock and Region’ Option.
  • Now click on the ‘Set Date and Time’ option.
  • Choose the ‘Internet Time’ tab.
  • Set automatic date and time.

window date and time

Correcting Date and Time on Mac PC

  • Click on the Apple Menu.
  • Now find ‘System Preferences’ and click on it.
  • Select the ‘Date and Time’ tab.
  • You will now see ‘Set Date and Time automatically,’ click on the checkbox next to it.

The good thing about setting an automatic date and time by syncing your system’s setting with that of an internet server is that you’ll never have to bother about correcting it again.

Update your Chrome Browser.

An older version of Chrome can cause many errors, and one of those could be the ERR_CERT_WEAK_SIGNATURE_ALGORITHM error. So, update your browser and relaunch it to see if that can fix it for you.

To update your Chrome browser

  • Connect to the Internet.
  • Open your Chrome Browser.
  • In the URL box, type ‘chrome://settings/help’

chrome bar

  • hit enter.

chrome update

This works on both Windows and Mac operating systems.

Resetting Faulty network settings

If you have identified your network as the root cause of the issue, it is best to reset it. Incorrect network settings can be causing the error, so if you have an administrator account, press Windows + S to bring up the search bar, type in “cmd,” right-click on the application, and then select the option “run as administrator.”

In the command prompt that comes up, type the following:

  • ipconfig / flushdns
  • ipconfig / renew
  • ipconfig / registerdns
  • nbtstat -r
  • netsh int ip reset
  • netsh winsock reset

After which, you can reset your computer to see if your issue gets solved.

Getting rid of SSL cache

Web browsers are designed to deliver a superior user experience, which is done by speeding up website access without any compromise on security. So, most browsers cache the SSL certificates to speed things up, but this could sometimes create issues. In such cases, you can try resolving that by following these steps.

Windows Users

  • Press the Windows+R key to open the Run Command.
  • Type ‘inetcpl.cpl’ in the Run Command and hit enter.
  • Click on the ‘Content’ tab.
  • Now click on the ‘Clear SSL State’ option.
  • Press OK.

Clear SSL State

Now relaunch your Chrome Browser and access the same website, which showed the weak signature algorithm error.

Mac Users

  • Open your Chrome Browser
  • Go to chrome://settings/
  • Click on ‘privacy and security.’
  • Click on the ‘Clear browsing data’ option.
  • Set the time range to ‘All time.’
  • Check appropriate boxes. We recommend checking all three.
  • Click on ‘Clear Data’ and let the process take place.
  • Close the Chrome Browser. Reopen it and try accessing the same website.

Clear browser data

In case the issue is due to the browser, clearing browser data can resolve it. There may be faulty files acting as a root cause for the problem. Please note that clearing browser data also clears any browsing data, passwords, cache, etc., so back them up in case you wish to. Here is how you can do this for google chrome.

Go to the address bar, and type “chrome://settings” and press enter to open browser settings.

Under the “Privacy & Security” section, click on the button named “clear browsing data.”

chrome privacy security

Select items to be cleared and choose “all-time“ from the drop-down menu.
clear browsing data

End all applications using the task manager and then restart your browser to check if the issue has been resolved.

 Go ahead with caution.

This is a risky solution, so be entirely sure of the website’s credibility before going for this option as it may lead to a security breach of the computer. In case you are entirely sure, you can by-pass the warning given to proceed to visit the website. To do this, click on the website to be visited and click on the error message’s advanced button. Click on “proceed to example.com” This will redirect you to the website so that it can be accessed without any issues.

by pass error

Steps to Fix NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error on Google Chrome (For Website Owners)

The error in the discussion can easily contribute to lesser footfall on your website. Hence it is essential to know how to fix it. Let us jump right into this issue.

From a website owner or website administrator’s perspective, this issue can be caused by an incorrect or flawed web server configuration or an outdated signature on the SSL certificate that the website owns.

Whichever the case might be, the onus lies in the hands of the owner/ administrator. So, here is how you should go about resolving the situation in both cases.

In case of an issue with the SSL certificate, it is due to an outdated hashing algorithm. So, in this case, the fix is pretty straightforward. It involves a re-issue of the SSL certificate using either an SHA-2 or SHA 256 algorithm for hashing. Most of the certification authorities and services dealing with SSL provide options for the same at the time of certificate order and purchase. The certification authorities may charge an additional amount in some situations, but some may also do it without any extra cost.

In case you don’t wish to go through the hassle of reissuing, buying a new SSL certificate altogether with an SHA- 256 or SHA-2 as per your preference is also an option that can be explored.

Right after a successful re-issue or purchase of the SSL certificate, the error will cease to exist.

There is a couple of other options that can be checked to ensure they aren’t contributing to the occurrence of this issue:

  • Check the date and time of the computer and make sure it is set correctly.
  • In case you are using Ubuntu, type “sudo apt-get install libnss3-1d.”
  • Get rid of Chrome extensions. Too many extensions may also cause issues

The ERR_CERT_WEAK_SIGNATURE_ALGORITHM is not a very common error, but if you happen to face it, one of the above solutions will be able to help you. We would like to inform you that it’s not just the Chrome browser that shows up the ERR_CERT_WEAK_SIGNATURE_ALGORITHM error. You will experience it on almost all the leading browsers like Google Chrome, Internet Explorer, Microsoft Edge, and Mozilla Firefox. Even the infamous Tor Browser no longer supports the SHA-1 algorithm. Do consider both the visitor and the website owner’s side of the story and be sure to determine which side the problem lies, before getting into the solutions.

Related Articles:

About the Author

Apurva Barve

Apurva holds a master’s in Computer Science and has spent over 6 years immersing in SaaS Customer Services with a focus on SSL technologies. With a natural ability to understand customer needs, she has thrived in highly competitive markets, showcasing her adaptability and prowess in the ever-evolving SSL industry. When not decoding tech jargon, you'll find her sipping on coffee and enjoying the digital landscape.

Free SSL Testing Tools

SSL Checker
SSL
Checker
Why No Padlock?
Why
No Padlock?
SSL Certificate Decoder
SSL Certificate
Decoder
CSR Decoder
CSR
Decoder
SSL Converter
SSL
Converter

Start Securing Your Website Today!

$8.00/year
get started now
we are rated 4.8/5
Reviews Star
15079 reviews
Real customer ratings and reviews at