How to Fix ‘NET ERR_CERT_WEAK_SIGNATURE_ALGORITHM’ in Google Chrome & Firefox

1 Star2 Stars3 Stars4 Stars5 Stars (46 votes, average: 3.30 out of 5)
Loading...

Your step-by-step guide to getting rid of the pesky ‘NET::ERR_CERT_WEAK_SIGNATURE ALGORITHM’ warning message

If you’re seeing the “NET ERR_CERT_WEAK_SIGNATURE_ALGORITHM” error, you’re either a website visitor trying to access a website or a website owner whose site is displaying this error. Either way, it means your data isn’t securely transmitting.

In this post, we’ll talk about both cases and help you resolve this error that says “your connection is not private.” Most of the time, the “NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM” (or “ERR_CERT_WEAK_SIGNATURE_ALGORITHM”) occurs in Google Chrome because a website has an SSL certificate with an outdated algorithm.

What ‘NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM’ Means for Your Business

This error can be quite frustrating, as it’s likely to drive away website visitors. It could result in decreasing traffic (and nobody wants that). The reason behind this error is an outdated hashing algorithm. This type of algorithm compresses data to a fixed length in terms of bytes.

What This Algorithm-Related Error Looks Like on Different Platforms

  • Chrome: NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM or ERR_CERT_WEAK_SIGNATURE_ALGORITHM (-208)
  • Firefox: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED
  • OpenSSL: X509_V_ERR_CA_MD_TOO_WEAK

Here’s a quick peek at how this error displays in Chrome to your website visitors:

Screenshot of the net::err_cert_weak_signature_algorithm error in Google Chrome

Image caption: An example of how the error message ERR_CERT_WEAK_SIGNATURE_ALGORITHM displays in Google Chrome to website visitors.

Let’s not waste much time and jump straight to the solution.

How to Fix the ‘NET ERR_CERT_WEAK_SIGNATURE_ALGORITHM’ Error in Chrome & Firefox (For Website Owners)

  • Buy a new SSL/TLS certificate. You’ll need to get this from a publicly trusted third-party entity (i.e., a certification authority or CA).
  • Verify both the certificate and your server are set to support secure algorithms. For your server, this means ensuring that it’s set to support TLS 1.2 as a minimum.

Are you still getting the same error even after replacing the certificate? Ask your administrator to check your server. Either your server isn’t configured for SHA-256, or it’s so old (i.e., a legacy system) that it simply doesn’t support it.

Purchase an SSL Certificate & Save Up to 86%!

We offer the best discount on all types of SSL Certificates that support the SHA-2 SSL hashing algorithm! We offer certificates from the leading CAs, including Comodo CA, Sectigo, Thawte, GeoTrust, and RapidSSL with DV certificates starting as low as $5.45 per year.

Buy SSL Certificate at $5.45

Fix the NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM Error in Google Chrome (For Website Visitors)

Most of the time, this error displays due to a problematic SSL certificate and/or the web server’s configuration settings. In both of these cases, the responsibility and ability to fix the issue is always in the hands of the website administrator. However, there are rare instances where your browser may responsible for causing the error. Let’s explore what you can do as a website visitor. Try the outlined solutions one-by-one. If one doesn’t work, try the next one.

Update Google Chrome

  • First, open Google Chrome.
  • Now, type chrome://settings/help in the address bar.
  • Let Google Chrome update by itself.

Clear Google Chrome’s Cache Memory

  • Open Google Chrome.
  • Click on the three vertical dots you see in the top-right corner.
  • Go to Settings.
  • Move to the end of the page and click Advanced–> Privacy and security –> clear browsing data.
  • Choose all three options (Note: This will clear all of your browsing data) and select on Clear Data.
  • Close Chrome and launch it again.

Reset Google Chrome to Default Settings

  • Open Google Chrome.
  • Click on the three vertical dots you see in the top right corner.
  • Go to Settings.
  • Click on
  • Now, click on Reset settings to their original defaults and reset the settings.

Clear Google Chrome’s DNS Cache

  • Open Google Chrome.
  • Type chrome://net-internals/#dns in the address bar.
  • Click the Clear host cache button

Disable Google Chrome’s Extensions

First, try to open the website in the incognito mode of Google Chrome. If you don’t encounter this error, the problem is likely to be in Chrome’s extensions.

  • Click on the three vertical dots you see in the top right corner.
  • Now, click on More tools option
  • Go to Extensions
  • Turn all extensions off and check whether the error persists.

What Not to Do

You’re going to read suggestions on other websites that tell you to disable your antivirus and/or firewall. Please don’t do that, as you’ll leave your systems vulnerable to a world of cyber threats.

Basically, the issue lies with the website. The most you could do is contact the website administrator/owner and inform them about the same. However, to keep your private and sensitive data secure, it’s best to avoid using the site in the meantime until the situation has been rectified.

Editor’s Note: This article was originally published Jan. 20, 2020. It was updated March 31, 2025 to provide the most current information.