So today while working for a new client, I was facing this issue on their Remote desktop server where opening any webpage would give me the following error in Google Chrome “NET::ERR_CERT_AUTHORITY_INVALID”
No matter what website I visited (google.com / facebook.com / yahoo.com) i would get the above error.
As usual I tried what everyone on the internet suggested.
I checked my date & time on the Remote Desktop Server, but to my surprise it was correctly configured. Then I logged on the Domain Controller and faced the same error in Chrome for any website.
Even when using Internet Explorer I would get the equivalent error ” There is a problem with this website Security Certificate”
I even tried install NetTime which would Sync the clocks on the Domain Controller & Remote Desktop Server
So scratching my head for over 3 Hours :@ I finally figured out the problem & how to fix it.
It turns out that my client had a CA (Certificate Authority) server in the past & was removed recently since then they are facing the issue. So I logged in on the DC Server launched Group Policy Management.
Under Computer Configuration > Windows Settings > Security Settings > Public Key Policies > open “Certificate Path Validation Settings” > Uncheck “Define These Policy Settings”
You can see in the image below in the section “Root Certificate Stores” “Only Enterprise Root CA’s is selected as Trusted hence no matter what website you visit with https the domain is no longer trusted.
If there isn’t a domain controller in you network & you are just using a single computer you can use “GPEDIT.MSC” to edit your Local Group Policies & modify the entry.
Hope this helps.