In this tutorial, we’ll show you how to fix a rare but critical SSL connection error that could jeopardize users’ security if browsers turned a blind eye to it. Thankfully, the likes of Chrome and Firefox block the website access immediately and leave you with the NET:: ERR_CERT_WEAK_SIGNATURE_ALGORITHM error message on your screen.
As this is a server-side error, the most probable cause is, as the name implies, a weak signature algorithm, specifically, the SHA-1 signature hashing algorithm. Even if it’s been phased out by all the major browsers, old servers, and systems that aren’t regularly maintained and updated may still support it, posing a security risk to visitors.
For website owners
Hackers can exploit the weaker protocols and intercept sensitive data in transit between users’ browsers and the website’s server. That’s why, if you see this error on your website, you should rectify it as soon as possible.
Nowadays, all SSL certificates follow the latest cryptographic protocols and security standards, so the certificate itself isn’t the issue. The current SSL validity is set to just one year, but even if your SSL cert was three years old, it still wouldn’t support the outdated SHA-1 algorithm.
The problem is on the server-side, and the solution is to either configure your server or move to a new hosting account. If your SSL certificate is issued by a commercial Certificate Authority and is still valid, you don’t need to buy another one, as all paid certs come with unlimited server licensing.
For website users
If the NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM error occurs just on your network, but the website loads fine from another location or device, we have a couple of quick fixes for you that will eradicate the error in no time. Try one of our solutions below, and see which one works for you.
Adjust the Date and Time
When the date and time on your device are out of sync with the date and time on your server, Chrome and other browsers will display all sorts of connection errors, including the very one we’re discussing in this article.
You can correct the date and time with just a few clicks on your Windows PC:
- Hit the Windows Key and go to the Control Panel
- Select Clock and Region
- Under Date and Time select Set the time and date
- Open the Internet Time tab
- If your computer isn’t set to automatically synchronize on a scheduled basis, click Change settings, and check the Synchronize with an Internet time server checkbox.
If you’re using Mac:
- Select Apple menu > System Preferences, then click Date & Time.
- Click the lock icon in the corner of the window, then enter your administrator password to unlock the settings.
- In the Date & Time tab, ensure that Set date and time automatically is selected and your Mac is connected to the internet.
Clear the SSL Slate
To save time from checking your digital certificate every time during a connection, the SSL slate stores a cache of SSL certificates on your device, and you can empty it just like you would clear your browser’s cache. Follow the steps below:
- Click Windows + R, and type inetcpl.cpl in the dialogue box and click Enter.
- Select the Content tab and click on Clear SSL state under the Certificates subheading
- Click Apply and exit.
To clear the SSL slate on Mac, you just need to clear your browser’s cache. By clearing your browser’s cache you can also get rid of this problem on a Windows machine.
Clear your browser’s cache
It’s never a bad idea to clear your browsing data from time to time, just to keep things tidy and avoid the off-putting SSL connection errors. You may even get rid of the NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM error in the process.
- Open your Chrome Browser and press Ctrl + Shift + Delete.
- Set the time range to “All Time”.
- Click the Cookies and other site data checkbox.
- Click the Cached images and files checkbox.
- Hit the Clear Data button.
Reset your network settings
Sometimes, the problem may come from your network settings. A quick fix is to reset them to the default value. Please note, you’ll need an administrator account to perform this task:
- Click R+Windows and type cmd, then hit Ctrl+Shift+Enter to open it as administrator
- Type in cmd netsh int ip reset c:\resetlog.txt
- Again, type ipconfig /flushdns. Click Enter
- Then type ipconfig /registerdns. Click Enter
- Then type ipconfig /release. Click Enter
- Then type ipconfig /renew. Click Enter
- Now restart your computer
Updated your Browser
An old browser may still support the now-deprecated SHA-1 algorithm, so if you haven’t updated your system or browser for a good while, now it’s the perfect time to do it. Here’s how you can update Chrome, but the process is similar to other browsers.
- Open your Chrome browser
- In the URL box, type chrome://settings/help and hit enter.
- Chrome will check for updates and install them
Check your antivirus and firewall settings
Your antivirus protects you around the clock, but sometimes it may interfere where it shouldn’t. Ensure that the website you’re trying to access isn’t blocked by the firewall or other filters. You may need to disable the antivirus to see if it causes the error, but make sure to enable it back after you troubleshoot the issue.
We’ve exhausted our list of potential solutions for the NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM error. Hopefully, you’ve found a fix by now. If the issue is on the server-side, upgrade your server configuration or get a new hosting account. If you can’t access the website as a user, try one of our quick fixes.
If you find any inaccuracies or have details to add to this SSL tutorial, please send us your feedback at [email protected] Your input would be greatly appreciated! Thank you.
Computer vector created by jcomp – www.freepik.com