Google Chrome ERR_BAD_SSL_CLIENT_AUTH_CERT: How to Fix It

Medium 15-45 minutes Medium Severity Verified June 2026
Summarize with ChatGPTSummarize with ClaudeSummarize with Perplexity Add as Preferred Source on Google
Error Code
ERR_BAD_SSL_CLIENT_AUTH_CERT
Brand
Google Chrome
Product Type
browser
Severity
Medium
DIY Difficulty
Medium
Estimated Fix Time
15-45 minutes
The ERR_BAD_SSL_CLIENT_AUTH_CERT error in Google Chrome means the browser failed to authenticate using a client SSL certificate when connecting to a website or web service. This typically happens when the certificate is expired, corrupted, missing, or not trusted by the server. It is most common on corporate networks, government portals, or any site that requires a personal or device certificate to verify your identity before granting access.
Ad

Tools You'll Need

How to Fix Error Code ERR_BAD_SSL_CLIENT_AUTH_CERT

  1. Reload the Page and Check Your Internet Connection

  2. Check the Date and Time on Your Device

  3. Review and Update Your Client Certificate

    Do not delete certificates unless you are certain they are no longer needed. Removing the wrong certificate may break access to other services.

  4. Clear Chrome's SSL State and Cache

  5. Disable Chrome Extensions Temporarily

  6. Try an Incognito Window

  7. Re-import or Reinstall the Client Certificate

    Keep your certificate file and its password in a secure location. Never share your private key or certificate password with anyone.

  8. Update Google Chrome

  9. Reset Chrome Flags to Default

  10. Reset Chrome Settings or Create a New Profile

    Resetting Chrome will disable all extensions and clear customized settings. Your bookmarks and saved passwords will not be deleted, but note them down as a precaution.
Ad

When to Call a Professional

Contact your IT administrator or network security team if: the certificate is expired and needs to be reissued by your organization's certificate authority; you are on a corporate network where certificate enrollment is managed through a domain policy (such as Active Directory or MDM); the error persists after all steps above and you do not have permission to install or manage certificates on your device; or the website you are trying to reach is a government or financial portal that manages certificate issuance on their end. In these cases, you cannot resolve the error without external assistance.

Frequently Asked Questions

What causes ERR_BAD_SSL_CLIENT_AUTH_CERT in Chrome?
This error is caused by a failure in SSL client certificate authentication. Common causes include an expired or revoked client certificate, a corrupted certificate store, an incorrect system date and time, a network proxy or VPN interfering with the SSL handshake, or a mismatch between the certificate Chrome is presenting and what the server expects.
How do I know if my client certificate is expired?
On Windows, press Windows+R, type certmgr.msc, and press Enter. Go to Personal > Certificates and look at the 'Expires' column next to your certificate. On Mac, open Keychain Access, select 'My Certificates,' and double-click the certificate to see its validity period. If today's date is past the expiration date, you need a new certificate from your IT team or certificate authority.
Can ERR_BAD_SSL_CLIENT_AUTH_CERT affect all websites or just specific ones?
This error typically only affects websites that require client certificate authentication to verify your identity, such as corporate intranets, government portals, banking platforms, or VPN web gateways. Standard public websites like Google or YouTube do not use client certificates, so you will only see this error on sites that specifically request one.
Does clearing Chrome's cache fix ERR_BAD_SSL_CLIENT_AUTH_CERT?
Clearing Chrome's SSL state and cache can fix this error if it was caused by a stale or corrupted cached session. Go to Chrome Settings > Privacy and security > Clear browsing data, select all cached content, and clear it. Also clear Chrome's SSL state via Internet Options > Content > Clear SSL state on Windows. This is not always the root cause, but it is a quick and safe step to try early in troubleshooting.
Why does ERR_BAD_SSL_CLIENT_AUTH_CERT only happen on Chrome and not other browsers?
Chrome manages its own SSL state and, on Windows, can use both the Windows Certificate Store and its own internal store. If a certificate is correctly installed in one location but not recognized by Chrome, or if Chrome's SSL cache is stale, you may see this error in Chrome while other browsers like Edge or Firefox handle it differently. Edge uses the Windows Certificate Store more directly, and Firefox maintains its own separate certificate database. Clearing Chrome's SSL state or re-importing the certificate into the correct store usually resolves the discrepancy.

Related Error Codes