If Chrome is showing a "Not Secure" warning on a site that has a valid SSL certificate, it may be because Chrome previously allowed content with certificate errors to load and stored that permission. This is a Chrome-specific issue — other browsers like Edge will not be affected.
The fix requires three steps done in the correct order.
Step 1 — Clear Browser Data
- In Chrome, go to chrome://settings/clearBrowserData
- Set the time range to All time
- Check Cached images and files and Cookies and other site data
- Click Clear data
Step 2 — Close Chrome Completely
Fully close all Chrome windows. Do not just close the tab — make sure Chrome is not running in the system tray either.
Step 3 — Delete the Domain Security Policy
- Reopen Chrome and go to chrome://net-internals/#hsts
- Scroll down to Delete domain security policies
- Enter the domain name (e.g. example.com)
- Click Delete
Reload the site. Chrome should now recognize the valid SSL certificate and show the secure padlock.
Why This Happens
When you visit a site that has a certificate error and click through the warning, Chrome stores that exception. Even after the certificate is fixed, Chrome continues to flag the site based on that stored permission. Clearing browser data alone does not remove it — the HSTS domain policy must be explicitly deleted, and that step only works reliably after the browser data has been cleared and Chrome has been fully restarted.
Bonus: Also Clear the DNS Cache
If you are also testing a nameserver or IP change and the site is not resolving correctly in Chrome, do this after the steps above:
- Go to chrome://net-internals/#dns and click Clear host cache
- Go to the Sockets tab and click Flush socket pools
Note: If Chrome is still ignoring your local hosts file, go to chrome://settings/security and turn off Use secure DNS. When enabled, Chrome bypasses your system DNS resolver entirely, including your hosts file.
