If, when going to the pages of Examus or testing systems, you encounter this error: "Connection is not secure" with the code NET::ERR_CERT_DATE_INVALID and you are using Windows 7, then the reason is the use of an outdated DST Root CA X3 certificate, which expired on 09/30/2021. A similar error can also be caused by a disabled TLS 1.2 setting.

This affects the availability of many sites on the Internet. To fix the problem, it is recommended to check and install updates in Windows 7.




An alternative way is to download the new ISRG Root X1 certificate and install it manually.

Follow these steps:

  1. Download a fresh certificate from the website of its publisher (Let's Encrypt) using this link. When you try to download, you can see the same window with an error, click Additional in it - go to letsencrypt.org (insecure).

  2. Open the Run window with the WIN + R combination and write the command certmgr.msc


  3.  After launching the Certificate Manager, go along the path: Trusted Root Certification Authorities, right-click on Certificates, All tasks, Import


  4.  In the opened window of the Certificate Import Wizard, click Next:


  5. Click Browse, go to the folder with the downloaded isrgrootx1.pem file (by default, the Downloads folder). To display the file, select All Files. After selecting the certificate, click Open and in the previous window - Next.


  6.  Be sure to select the Place all certificates in the following store item, the field should indicate Trusted Root Certification Authorities and click Next. Otherwise, use the Browse button.


  7. Click Finish.


  8. When a warning window appears, click "Yes":

  9. After successfully adding the certificate - restart your computer and try again to access the required web pages.


  10. If after adding a certificate a similar error appears - check if the use of the TLS 1.2 protocol is enabled in the system.

Follow these steps:

  1. Go to Start - Control Panel


  2. Select View - Small Icons. Open Internet Options (or Internet Options)


  3. Click the Advanced tab. Check the Use TLS 1.2 box and click OK.



  4. Restart your browser and try accessing the web pages you want.