NET::ERR_CERT_VALIDITY_TOO_LONG - The server certificate has a validity period that is too long

Question

When accessing your https site using Chrome you may receive the following errors

NET::ERR_CERT_VALIDITY_TOO_LONG

The server certificate has a validity period that is too long

This is caused by your SSL certificate having a validity period that is longer than 39 months.

How do I allow requests to go through in chrome?

Answer 1

Do below to fix the issue

1. Go to the URL with has certificate issue
2. Click the grey/blank area
3. Type "thisisunsafe" + "enter key"
4. Chrome will now allow requests to the URL.

Answer 2

Starting on September 1st (2020), SSL/TLS certificates cannot be issued for longer than 13 months (397 days).

From a high-level, theoretical standpoint there are two primary benefits for shorter-lived certificates:

The first is the technical component – longer lifespans means it takes longer to organically roll out updates or changes. A real-world example would be the SHA1-to-SHA2 transition. Unless you’re going to revoke a whole bunch of certificates and force the customer to re-issue, it can take years before all of the old certificates are replaced. In the case of SHA1, it took three. That creates risk.

The other benefit has to do with identity – how long should the information used to validate an identity stay trusted? The longer between validation, the greater the risk. Google has said that in an ideal world domain validation would occur about every six hours.

Before 2015 you could get an SSL/TLS certificate issued for up to five years. That was reduced to three, and then again in 2018 to two. At the end of 2019, a ballot was proposed at the CA/B Forum that would have reduced it to one year – it was voted down soundly by the Certificate Authorities.

References

• https://www.ssls.com/blog/apples-new-ssl-lifetime-limitation-and-what-it-means-for-you/
• https://www.globalsign.com/en/blog/maximum-ssltls-certificate-validity-now-one-year