What is err_cert_common_name_invalid and how to fix it?

List of content you will read in this article:

Using the HTTPS extension to encrypt your website is a crucial security practice. However, an incorrect Secure Sockets Layer (SSL) certificate or browser setup may cause an error message like NET::ERR_CERT_COMMON_NAME_INVALID to appear.

This error does not hinder access to a website. Although the browser will have a warning that the site may steal visitors' personal information, the error message will produce an initial negative impression.

This article will explore the reasons for err_cert_common_name_invalid and guide you through 10 ways to fix it.

What is NET::ERR_CERT_COMMON_NAME_INVALID error?

To create a secure connection when viewing a website, the browser typically has to confirm the SSL certificate of the website.

The request will be forwarded via the secure HTTPS protocol by a website that has a valid certificate.

The NET::ERR_CERT_COMMON_NAME_INVALID error indicates that the browser did not check the SSL certificate successfully. The majority of the time, this occurs because the common name in the SSL certificate does not match the real domain name.

For instance, the common name must also be example.com if you want to install an SSL certificate on the example.com website.

Not all causes of this error include domain mismatch. In some cases, the problem might be brought on by the site's actual address, antivirus protection options, browser add-ons, caching, and more.

Even though there are numerous potential explanations for this problem, it is easy to resolve it rapidly.

10 practical ways to fix err_cert_common_name_invalid error

As mentioned before, the reasons for the err_cert_common_name_invalid error are different. As a result, there are many different possible solutions.

Here are 10 approaches you can use to fix this problem on your website.

Check to see if your SSL Certificate is correct.

A frequent reason for this error is a discrepancy between the common name on your SSL certificate and the legitimate domain name. Ensure the relevant certificate has been installed, and the SSL has been set up properly to resolve the issue.

The configuration of the SSL certificate can be checked as follows:

Click on the padlock icon in the address bar of your website.
Selecting the Connection is a secure option from the dropdown menu.
Select Certificate is valid.
The SSL certificate information for the website will appear in a new window.

The common name mentioned in the SSL certificates issued to domain information should match the real domain name. If that isn't the case, there is an SSL mismatch issue between the two.

The only fix is to remove the SSL certificate and replace it with a new one.

Check the configuration of your wildcard SSL server as well. Wildcard Data on numerous subdomains can be encrypted via SSL certificates. As a result, the common name in an SSL certificate may occasionally be listed as a subdomain like domain.example.com.

The err_cert_common_name_invalid error indicates that your SSL certificate does not cover the subdomain you are attempting to visit if you use a wildcard certificate on your subdomain.

Don’t forget to check the Subject Alternative Names (SAN) Configuration. An SSL certificate with Subject Alternative Names (SAN) support enables data encryption on numerous domains that refer to the same website address.

It covers top-level domain (TLD) variations, subdomains, and www and non-www versions of a website. If the website you're trying to visit uses a SAN certificate, check the certificate details to see which domains it protects. The certificate is not valid if a web address is missing.

Check misconfigured redirects

Since not all SSL certificates support www and non-www site versions, it's critical to understand whether your browser directs users to a different version of your website.

If there is only one SSL setup for the "www" version, the problem can be if your domain is mydomain.com and the server directs website visitors to www.mydomain.com.

There are two different ways to fix the err_cert_common_name_invalid error in this situation. The first step is to modify the common name that appears by default on the certificate for your domain.

The second option is to get an additional SSL certificate to cover the domain from which you redirect traffic.

Make sure the addresses for your site and WordPress are identical

Without installing an SSL, the HTTP web protocol may occasionally have been manually changed to HTTPS. This is one of the common reasons for err_cert_common_name_invalid error.

If so, you ought to modify your WordPress URL by following these steps:

Select General by clicking Settings on the WordPress dashboard. Verify that the site address (URL) and the WordPress address (URL) are identical.
If they don't line up, make the necessary adjustments.

Check for conflicts between browser extensions.

Too many browser extensions may conflict with one another, which can be one of the reasons for the err_cert_common_name_invalid error. Check if the website is accessible by opening it in a private window. If so, a browser extension might be to blame for the issue.

Disable the extensions one at a time while investigating your website to find the root of the problem to fix. Remove the conflicting extension after you've identified it to fix the err_cert_common_name_invalid error.

To delete extensions from Google Chrome, follow these steps:

In the top-right corner, click the three dots.
Navigate to More tools and choose Extensions.
Select the extension you want to remove and click Remove when the new window appears.

Make sure to constantly audit and update existing extensions to avoid this problem in the future.

Disable your firewall and antivirus software

Some antivirus programs provide an HTTPS scanning option to provide additional security. Nevertheless, it can prevent you from accessing HTTPS websites. Try deactivating HTTPS scanning on your antivirus software if you trust the website. You might have to deactivate the antivirus program if this option is unavailable.

To stop Windows antivirus software, follow these steps:

Look for Settings by clicking the Start button.
Select Windows Security under Update & Security.
To manage settings, click Virus & threat protection and then open. Then, turn Real-time protection off.

Here is how to use ESET Endpoint Security on macOS:

Find the ESET Endpoint Security program by opening Finder.
Launch the program, then select Setup. Turn off Real-time file system protection.

Naturally, you shouldn't disable your antivirus program for long because doing so puts your security at risk.

Therefore, it is advised to turn it back on while awaiting assistance from the antivirus support team and to adhere to their instructions for fixing the mistake while keeping your computer secure.

Delete your Browser's cache

Browser caching is a fantastic feature that keeps track of your visited websites. So, the next time you visit that particular website, the browser will load it more quickly. Unfortunately, a website's previous version may load when an outdated cache is present.

Clear the browser cache frequently to avoid this problem. Doing this will ensure that your browser loads the most recent website version and avoid getting the err_cert_common_name_invalid error.

Update your operating system and browser

When attempting to access specific websites, an outdated OS may result, among the reasons err_cert_common_name_invalid. Because of this, you should ensure you're using the most recent Linux, macOS, or Windows version.

Additionally, you should make sure your browser is current. Open the Settings menu in Chrome and choose Help > About Google Chrome to do so. You can examine your browser's version and enable automatic updates. Opening this screen should launch an automated upgrade if Chrome is outdated.

Clear the SSL state

When you visit a website, your browser will save the SSL certificate from speeding up the subsequent load. Later on, this can result in the err_cert_common_name_invalid error.

Clearing the SSL status in the browser and operating system is a way to fix the err_cert_common_name_invalid error.

Depending on your operating system and browser, the procedure can be different. Here's how to reset Windows' SSL state:

To access Internet Options, go to Control Panel > Network & Internet.
It will display the Internet Properties window. Select Clear SSL status under the Content tab.

Additionally, your browser's SSL status can be cleared. On Google Chrome, follow these instructions:

From the three dots menu in the top-right corner, go to Settings.
Click the Security option after choosing Security and Privacy.
To view the list of SSL certificates that Google Chrome has cached, scroll down and select Manage certificates.
Finally, to remove the SSL status, click Remove.

Modify your LAN settings

Web traffic is routed through proxies to shield users from harmful outsiders. Any setting problem could prevent you from visiting websites or result in SSL failures.

Here's how to modify Windows' LAN settings:

To access Internet Options, go to Control Panel > Network & Internet.
Select LAN Settings under the Connections tab.
Select the option for "Automatically detect settings."
By selecting OK, the changes are saved.

On macOS, follow these instructions:

Select Network under System Preferences in the Apple menu
Click Advanced after choosing a network service from the list
Select the Proxies tab
Select Automatic proxy configuration
Finally, click OK to save your settings

Configure URL settings in phpMyAdmin

You wish to regain access to your dashboard after changing the address in the WordPress settings section without using the secure version (HTTPS).

Most of the time, you can't even access the login page. This is the worst-case situation for newbies; thus, it's time to mess around with your hosting files.

The URL discrepancy between the option value in siteurl and home rows of your website's database may be one of the reasons for the err_cert_common_name_invalid error.

Through phpMyAdmin, you can modify the WordPress URL settings. For hPanel, follow these instructions:

Open the phpMyAdmin program by logging into your hosting account.
Locate the wp_options table in the database for your website.
Look for the siteurl and home rows in wp_options. Make sure they both lead to the same URL.

Your site will generate the error notice if either of these two sections has a different address. Simply put, both locations' web addresses must match exactly. This is a different location where you can access the settings indirectly and modify the address if you mistakenly alter the URL in the WordPress settings area.

You can switch to HTTPS if you want your website to use a secure protocol and have a valid SSL certificate. In the meantime, until SSL is installed, you must switch from HTTPS to HTTP if you don't currently have SSL and are seeing privacy errors.

Once you've modified the URL, remember to save your modifications. After making changes to fix the err_cert_common_name_invalid error, check that your site has appropriately reflected them by accessing the URL in Chrome's Incognito window.

Conclusion

Even if your website has a wealth of information, it is useless if it cannot be accessed. Additionally, a bad website might damage the standing of your business and alienate customers. The err_cert_common_name_invalid error can be challenging to resolve. However, if you can pinpoint the issue's root cause, you can rapidly fix it and keep visitors' trust in your site.

We advise checking the SSL certificate in your browser and scanning for any incorrect redirects as the very first steps to fix the err_cert_common_name_invalid error. If these are ineffective, start looking at all the other factors we stated in this guide.

People also read:

Category: Tutorials SSL