Fix ERR_SSL_KEY_USAGE_INCOMPATIBLE in 4 Ways
Note that SSL certificates must be renewed periodically
4 min. read
Updated on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
The err_ssl_key_usage_incompatible error in Chrome indicates an issue with the SSL certificate, affecting the secure connection to a website.
This error can arise from various factors, including outdated Chrome versions, incorrect system time, or problematic extensions. No matter the cause, here’s how to fix it:
How do I fix ERR_SSL_KEY_USAGE_INCOMPATIBLE in Chrome?
1. Update Chrome
- Launch your Chrome browser and click the three vertical ellipses in the top right corner.
- Click Help, then select About Google Chrome.
- Check if there is an update available.
2. Disable extensions
- Navigate to your browser and in a new tab, enter the following address:
chrome://extensions/
- Disable extensions one by one until you find the culprit.
3. Use incognito mode
- Launch your Chrome browser and click the three vertical ellipses in the top right corner.
- Select New incognito window.
4. Try another browser
You should run your SSL certificate through its tests on another browser that supports this validation. Because Opera One is a privacy-focused browser, we suggest testing it out.
You may handle certificates under Opera One’s Advanced settings and add them as needed. We must also note that Opera is Chromium-based and supports a lot of Chrome’s features and extensions.
So if it gives you fewer headaches than Chrome and you want to make a permanent switch, know that doing it is easy and hassle-free.
Opera
Verify the integrity of your SSL certificates and browse the web in a more secure browser.Other things to try
– Create a New Self-Signed Certificate: If using a self-signed certificate, ensure it includes the DigitalSignature parameter. Use PowerShell to generate a new certificate with the correct parameters:
New-SelfSignedCertificate -Type Custom -DnsName "server", "server.domain.local", '192.168.0.1' -KeyUsage "DigitalSignature","KeyEncipherment","KeyAgreement" -KeyAlgorithm RSA -KeyLength 4096 -CertStoreLocation "cert:\\CurrentUser\\My" -FriendlyName "YourCertName" -NotAfter (Get-Date).AddMonths(36) -Subject "YourSubject"
– Export and Install the Certificate: After creating the certificate, export it and then install it to the Trusted Root Certification Authorities on your machine. This ensures that Chrome recognizes and trusts the certificate.
– Adjust System Time: Ensure your computer’s clock is accurately set, as incorrect time settings can lead to SSL certificate errors.
– Check for Chrome pduates: Always keep Chrome updated to the latest version to avoid compatibility issues with SSL certificates.
Why does Chrome say err_ssl_key_usage_incompatible?
If you see this message, your web browser has detected a problem with the certificate being used by the website. There are several reasons why this might happen:
- Expired certificate – The most common reason why Chrome says your certificate is invalid is that the certificate has expired. To fix this, simply renew your certificate.
- Your computer clock is set incorrectly – Your time will determine the validity of your SSL certificate. Chrome checks whether websites’ SSL certificates are still valid by comparing them against system time; if your computer’s clock is off by too much, then all certificates will appear invalid.
- An out-of-date version of Chrome – Ensure your computer is running the latest version. If not, install an update or upgrade your device.
- Third-party extensions – If you have any third-party extensions or programs installed on your computer that might interfere with Chrome’s ability to verify the certificate, temporarily disable them and see if it helps resolve the problem.
How do I update SSL in Chrome?
The SSL certificate is one of the most important components of any website. It provides a secure connection between your browser and the website you’re trying to reach.
Without it, your connection is not secure, and anyone who can intercept your data can see what you’re doing on the Internet.
It is why you need to update it if it is expired. Chrome’s certificate auto-update feature is enabled by default, so you shouldn’t need to change any settings. The browser will automatically download and install new certificates as they become available.
However, you can manually check for updates if you still get the error. If that still doesn’t work, uninstall and reinstall the browser and restart your PC.
You can also secure your certificate if Chrome says it’s not valid to ensure your identity is always protected.
If you have additional thoughts on this topic, feel free to leave them below in the comments section.
User forum
0 messages