If you receive the following errors you may need to clear your browser's HSTS cache:
- Privacy Error: You connection is not private (NET::ERR_CERT_AUTHORITY_INVALID)
Chrome
- Navigate to chrome://net-internals/#hsts
- First, to confirm the domain’s HSTS settings are recorded by Chrome, type the hostname into the Query Domain section at the bottom of the page. Click Query.If the Query box returns Found with settings information below, the domain’s HSTS settings are saved in your browser.
Note that this is a very sensitive search. Only enter the hostname, such as www.example.com or example.com without a protocol or path. - Type the same hostname into the Delete domain section and click
Firefox
This should work in most cases.
- Close all open tabs in Firefox.
- Open the full History window with the keyboard shortcut Ctrl + Shift + H (Cmd + Shift + H on Mac). You must use this window or the sidebar for the below options to be available.
- Find the site you want to delete the HSTS settings for – you can search for the site at the upper right if needed.
- Right-click the site from the list of items and click Forget About This Site.This should clear the HSTS settings (and other cache data) for that domain.
- Restart Firefox and visit the site. You should now be able to visit the site over HTTP/broken HTTPS.If these instructions did not work, you can try the following manual method:
Related articles