The NET_CERT_SYMANTEC_LEGACY error occurs when the affected users try to visit a website that has an issue with the security certificate. This error code is evidence that Chrome considers the certificate unsafe due to the cipher.
What’s causing the NET_CERT_SYMANTEC_LEGACY error?
- Incorrect Time & Date – As it turns out, one of the most common reasons that will cause this problem for certain web-users is due to incorrect time & date. In case the date & time is way off, the security certificate will not be validated. In this case, you can fix the issue by ensuring that the date, time and timezone are set to the appropriate values so that the security certificate is accepted.
- The browser version doesn’t accept legacy security certificates – Keep in mind that Chrome versions newer than version 66 no longer accept legacy Symantec certificates. If you are keen on using Chrome, you will need to uninstall your current version of Chrome and downgrade to an older version that will not reject Symantec legacy security certificates.
Fixing the NET CERT SYMANTEC LEGACY Error
1. Changing the date & time
As it’s been documented by several affected users, one of the most end-user causes that might end up causing the NET_CERT_SYMANTEC_LEGACY error is an incorrect time & date. If the time & date is way off, the security certificate will not be validated and you will be prevented from accessing the website, even if the Symantec certificate is actually valid.
In most cases, the browser requests will fail due to a bad timestamp and the connection will be prevented from being established. If this happens, the only viable fix is to change the date, time and timezone to the appropriate values so that the Symantec security certificate is accepted.
Here’s what you need to do:
- Press Windows key + R to open up a Run dialog box. Next, type ‘timedate.cpl’ inside the run box and press Enter to open up the Date and Time window.
- After you manage to get inside the Date & Time window, go to the Date and time tab from the menu at the top. Next, click on Change date and time to open the next menu.
- Inside the Date & Time menu, access the calendar and select the correct date. After you do this, move over to the Time box and set the appropriate time according to the timezone that you live in.
- To make sure that your clock doesn’t change again, make sure to modify the time zone to the correct value by clicking on Change Timezone.
- Once every modification is enforced, restart your computer and see if the issue is resolved at the next startup.
In case you’re still encountering the NET_CERT_SYMANTEC_LEGACY error even after changing the date & time to the appropriate values (or this method wasn’t applicable), move down to the next potential fix below.
2. Downgrade to an older Chrome version
Another potential fix that will allow you to visit websites validated by outdated Symantec security certificates is to downgrade to an earlier version of Chrome – one that does not include the same changes that make the certificate invalid.
This might leave your system vulnerable to certain browser explored, but it will help you resolve the issue if you are keen on using Google Chrome.
Keep in mind that this change was only enforced with build version 66. So, if you manage to downgrade your version to version 66 or older, Chrome will no longer consider this legacy Symantec certificates are unsafe due to the cipher.
Here’ a quick guide on how to downgrade to an older Chrome version in order to resolve the Neterr_Cert_Symantec_Legacy error:
- Ensure that Google Chrome and every associated instance is closed.
- Press Windows key + R to open up a Run dialog box. Next, type ‘appwiz.cpl’ and press Enter to open up the Programs and Features window.
- Once you’re inside the Programs and Features menu, scroll down through the list of installed applications and locate your Chrome installation. Once you see it, right-click on it and choose Uninstall from the newly appeared context menu.
- From the uninstallation menu, follow the on-screen prompts to complete the procedure of uninstalling your current Chrome version.
- Once the operation is complete, restart your computer and wait for the next startup to complete.
- After the next startup sequence, visit this link (here) with your default browser to download Chrome Version 65.0.3325.181.
- Open the installation executable, then follow the on-screen prompts to complete the installation of the older Chrome Version.
- Once the installation is complete, launch the website that was previously failing with the NET_CERT_SYMANTEC_LEGACY error to see if the problem is fixed.
In case the same error message is persisting, move down to the next potential fix below.
3. Using a different browser
Keep in mind that Chrome is the main initiator of this error. This happens because starting with Chrome version 66, the browser is configured to automatically distrust Legacy Symantec certificates.
If you weren’t comfortable with downgrading Chrome o an older version that is not configured to reject legacy Symantec certificates automatically, the end-point fix you have available is to migrate to a browser that doesn’t have the same security settings.
Here are several alternatives that you should consider. When put against Chrome, there aren’t that strict with legacy Symantec certificates and will allow you to visit the same websites without encountering the NET_CERT_SYMANTEC_LEGACY error:
4. Contacting the Webmaster
Since the issue originates from a certificate inconsistency, there is a limited number that you can do to circumvent the issue from the end-user point of view.
If your date/time isn’t off and you’re not willing to use an older Chrome version (or migrate to a more lenient browser), the only chance of ever accessing that webpage using your current browser is to contact the website administrator and ask him/her to update the security certificate.