Google Chrome ERR_CERT_WEAK_SIGNATURE_ALGORITHM: How to Fix It

Medium 10-30 minutes Medium Severity Verified June 2026
Summarize with ChatGPTSummarize with ClaudeSummarize with Perplexity Add as Preferred Source on Google
Error Code
ERR_CERT_WEAK_SIGNATURE_ALGORITHM
Brand
Google Chrome
Product Type
browser
Severity
Medium
DIY Difficulty
Medium
Estimated Fix Time
10-30 minutes
The ERR_CERT_WEAK_SIGNATURE_ALGORITHM error in Google Chrome means the website you are trying to visit is using an SSL/TLS certificate signed with an outdated or insecure hashing algorithm, most commonly MD5 or SHA-1. Chrome blocks access to these sites to protect you from potential security vulnerabilities. This error is usually caused by the website's server configuration, but there are several steps you can take on your end to troubleshoot or, in some cases, safely bypass the warning.
Ad

Tools You'll Need

How to Fix Error Code ERR_CERT_WEAK_SIGNATURE_ALGORITHM

  1. Update Google Chrome to the Latest Version

  2. Check Your System Date and Time

  3. Clear Chrome's SSL State and Browser Cache

  4. Disable Chrome Extensions Temporarily

  5. Try the Site in Incognito Mode

  6. Check for Antivirus or Firewall SSL Inspection

    Only disable antivirus SSL scanning temporarily for testing. Re-enable it once you have identified the cause to maintain your system's protection.

  7. Use the Chrome Flag to Temporarily Allow Weak Algorithms (Advanced/Testing Only)

    Never use the '--ignore-certificate-errors' flag for general browsing. This disables ALL certificate validation and exposes you to serious security risks including man-in-the-middle attacks. Use only on isolated, trusted internal networks.

  8. Contact the Website Administrator

  9. Reissue the SSL Certificate (Website Owners Only)

    Back up your existing certificate and private key before revoking or replacing them. Downtime may occur during certificate installation if not planned carefully.
Ad

When to Call a Professional

If you are a regular user and the error persists on multiple sites or across multiple browsers, consult your IT department or internet service provider, as your network may have a misconfigured proxy or firewall performing SSL inspection. If you are a website owner and are unable to reissue the certificate through your hosting provider, contact a professional web developer or your certificate authority's support team. Organizations running internal infrastructure with legacy certificates should engage a qualified network or security engineer to plan a certificate migration to modern standards.

Frequently Asked Questions

Is it safe to ignore ERR_CERT_WEAK_SIGNATURE_ALGORITHM and proceed to the website?
Generally, no. This error means the site's certificate uses an outdated algorithm like MD5 or SHA-1 that is vulnerable to cryptographic attacks. Proceeding could expose your connection to interception. Only bypass this warning if you are a developer accessing a known, trusted internal site on a secured network.
Does ERR_CERT_WEAK_SIGNATURE_ALGORITHM mean the website has been hacked?
Not necessarily. It usually means the website owner has not updated their SSL certificate to use a modern signature algorithm. It is a configuration issue rather than a direct sign of a hack, but the outdated algorithm does make the site more vulnerable to certain attacks.
Why does this error appear on some websites but not others?
Each website uses its own SSL certificate, and different websites update their certificates on different schedules. Sites that have not renewed or updated their certificate since SHA-1 and MD5 were deprecated will trigger this error in Chrome, while sites using modern SHA-256 certificates will not.
Can this error be caused by my antivirus software?
Yes. Antivirus programs that perform HTTPS or SSL inspection replace website certificates with their own. If the antivirus software's certificate uses an older signature algorithm, Chrome will flag it with this error. Try disabling HTTPS scanning in your antivirus settings to see if that resolves the issue.
How do I fix ERR_CERT_WEAK_SIGNATURE_ALGORITHM on my own website?
You need to reissue your SSL certificate through your certificate authority (CA), ensuring the new certificate is signed using SHA-256. Log into your hosting control panel or CA account, revoke the old certificate, generate a new CSR, and install the newly issued SHA-256 certificate. Most modern CAs issue SHA-256 by default. Free options like Let's Encrypt are a quick and cost-free way to obtain a modern, trusted certificate.

Related Error Codes