How to Fix the NET::ERR_CERT_COMMON_NAME_INVALID (Top 12 Ways)
- by nlqip
NET::ERR_CERT_COMMON_NAME_INVALID is an error that occurs in web browsers when there is a mismatch in the domain name and common name. A common name is the fully qualified domain name (FQDN) of the SSL Certificate.
SSL certificates are issued to initiate HTTPS protocol. The protocol is responsible for encryption functions. Through encryption, all communications and data transfers between web servers and web browsers ensure a secure connection.
The misconfiguration could raise concerns about the authenticity and security of the website. This article covers the details of NET::ERR_CERT_COMMON_NAME_INVALID SSL error, how it occurs, and top tips to solve it. Read on to know more.
The NET::ERR_CERT_COMMON_NAME_INVALID error takes place when the domain name a user is trying to access does not match the common name (CN) or any of the Subject Alternative Names (SAN) on the site’s SSL certificate. This is why the error is also called the SSL common name mismatch error.
Browsers react to this discrepancy by warning users that the connection might not be private and that users might be trying to steal their data. Let’s see how it appears in popular browsers.
The NET::ERR_CERT_COMMON_NAME_INVALID error does not only occur because of a common name mismatch.
There are many other reasons that might cause this error. Please note that the cause of the error might either be browser-based or server-based. Here are some of the causes of the error:
At this point, it is crystal clear that many factors contribute to this error. This makes it difficult to narrow down to a specific cause and align a tailored solution. There are several troubleshooting solutions you can try out to resolve this error. This section covers the 12 most effective tips to fix the NET::ERR_CERT_COMMON_NAME_INVALID error.
Verify SSL Certificate Details
There is no doubt that the most common cause of the error is the mismatch between a website’s domain and a common name. To avoid this error, you must start by ensuring you install the right SSL certificate that aligns with your domain name. You should also configure the certificate appropriately. Here is how to do that in Chrome:
Step 1: Click on the tune icon on your website.
Step 2: A dropdown menu will appear. Click on connection is secure.
Step 3: Select Certificate is valid from the menu.
From here, ascertain whether the actual domain name is in sync with the common name attached to the certificate. If they do not sync, it means there is a common name-domain name mismatch. You will need to install a fresh certificate.
For Wildcard SSL certificates, the occurrence of the error might signify the certificate does not cover the subdomain you are accessing. Wildcard certificates cover the main domain and several subdomains falling under the parent domain. It is possible to have a common name listed as a subdomain.
For multi-domain (subject alternative name) SSL certificates, you will have to dig deeper to verify the certificate. SAN certificates cover multiple domains within a website. The certificate covers top-level domain variations, www, non-www, and subdomains. You can verify the details by clicking on the certificate window and the details. Choose the extension Subject Alternative Name label. You can then see a list of all the domains the certificate covers.
Update Your Web Browser and Operating System
Updating your operating system and web browsers ensures software stability. Software and OS stability could help minimize a lot of errors including the NET::ERR_CERT_COMMON_NAME_INVALID error.
Update Web Browser
Follow the below steps to check for updates in your browser (chrome).
Step 1: Click on the three dots in the top right corner. Hover to the Help bar and Click on About Google Chrome.
Step 2: The settings panel will open. From here, you can know whether or not your browser is up to date.
Step 3: In case your browser is not up to date, you can click on Update Google Chrome to update it.
Update Operating System
For your operating system, you can follow these steps to update:
Step 1: Click on the Start bar on your computer and select Settings.
Step 2: From the settings panel, click on Windows Update. From here, you can proceed to check if your operating system is up to date. You can also proceed to download and install any available updates.
Check for Self-Signed SSL Certificates
SSL certificates are acquired from reputable certificate authorities. The certificate authority signs the certificate before issuing it to the users. That is not the case with self-signed certificates. Self-signed certificates are mere creations of users and are not issued by authorized CAs.
Self-signed certificates do not offer full encryption like that from CA-backed certificates. As such, most web browsers will flag websites using them as “insecure.” Some browsers may display the NET::ERR_CERT_COMMON_NAME_INVALID error in cases of self-signed certificates. You can rectify the error by deleting the self-signed certificate and acquiring one from a reputable CA.
Check and Rectify All Misconfigured Redirects
Redirecting your site without an SSL certificate can cause this error. Not all certificates cover www and non-www domain variations by default. So before purchasing an SSL, you must check to ensure it covers both www and non-www domains. You can also alter the certificate’s common name to solve the error.
Moreover, you can get a SAN (Subject Alternative Name) certificate that includes both domains or an extra certificate for the domain you’re rerouting from. To safeguard subdomains using wildcard domains, make sure you list them all rather than rerouting traffic between them. Another option is to use several available tools to check if your site is directing users properly.
Configure URL Settings In phpMyAdmin
URL variations between option values in home rows and siteurl could be the culprit that cause this error. In such a case, you will need to revise the URL settings of your WordPress. You can do so via phpMyAdmin. Here are the steps:
Step 1: Open phpMyAdmin application on your web hosting account.
Step 2: Select the database of your website and look for the wp_options table. Find the home and siteurl in the table and ensure they redirect to the same URL.
Align Your WordPress Address and Site Address for Consistency
It is possible to mistakenly migrate your website’s address to HTTPS without having an SSL certificate. It is a common occurrence in WordPress. Such a mistake could lead to the NET::ERR_CERT_COMMON_NAME_INVALID error.
Fixing this is simple. Open your WordPress dashboard and go to settings. Click on General. Confirm whether your WordPress address and website address are similar.
In a situation where the URLs use HTTPS in the absence of an SSL certificate, you will need to change them to HTTP.
Clear Browser Cache and SSL State
An outdated cache might load an older website version. Such might result in the NET::ERR_CERT_COMMON_NAME_INVALID error. You will need to clear up the cache to prevent this error. Here are the steps to clear the browser cache in Chrome.
Step 1: Click on the vertical dots in the top right corner of the browser.
Step 2: Select Clear browsing data, alternately, you can press Ctrl+Shift+Del.
Step 3: From the dialogue box, select the time range with which you wish to clear data. Click on clear data.
In an attempt to speed things up, browsers might cache SSL certificates. The browser ends up failing to fetch the latest certificate version. This could result in an error. To resolve this on Windows OS, you will need to clear the SSL state. Here is how to do that:
Step 1: Search for Internet Options from the search button on the taskbar. Click enter
Step 2: Click on the Contents tab and then on the Clear SSL State option.
Temporarily Disable Antivirus or Firewall
There are antivirus software that comes with an SSL scanning feature. Such software might sometimes block users from accessing HTTPS websites. This can lead to the error. You should disable the antivirus software to resolve the error. However, you should only do so if you trust the website. Antivirus software is important and disabling them could jeopardize website security.
Here is how you can disable antivirus software:
Step 1: Click on the Settings tab on the Start tab
Step 2: Go to Update & Security and then click on Windows security.
Step 3: Click on the Virus and Threat Protection tab. Navigate to Manage Settings. Find Real-time protection and turn it off.
Evaluate Your Proxy Configurations for Potential Discrepancies
Misconfigurations in the proxy settings can lead to restrictions on web access. This could cause SSL errors, including the NET::ERR_CERT_COMMON_NAME_INVALID error. You will need to reset your proxy configurations to resolve the error. This process varies depending on the operating system you use.
Follow the below steps to access proxy settings on Google Chrome.
Step 1: Open Settings by clicking on the three dots in the top right corner.
Step 2: Click on System, and click on Open your computer’s proxy settings.
For Windows users, the prompt will open the window for Proxy. You can proceed to alter the setting by clicking the option for Automatically detect settings.
Resolve Browser Extension Interference
Too many browser extensions might invite a host of issues due to extension conflicts. Such conflicts could lead to a common name mismatch. The result of a common name mismatch is NET::ERR_CERT_COMMON_NAME_INVALID error.
To check whether the error is a result of extension conflicts, try accessing it from an incognito. If the website loads, then the error may be a result of an extension conflict. To resolve this, you will need to disable extensions one after the other. If the site works in the absence of a disabled extension, then you have to delete it. The extension is the culprit.
Step 1: Go to settings and click on Extensions.
Step 2: From the dropdown menu, click on Manage Extensions.
Step 3: Find the extension you want to remove and click on Remove.
Change Your LAN Settings
The purpose of proxy settings is to route web traffic. Routing helps to protect website visitors from hackers. Any proxy misconfigurations might result in SSL errors. You might have to change LAN settings to resolve such errors. Perform the following steps to change the LAN settings.
Step 1: Search for Internet Options from the search button on the taskbar. Click enter
Step 2: Click on the Connections tab and select LAN settings.
Step 3: Ensure the Automatically detect settings box is checked. Save the changes by clicking on OK.
Check Date And Time Are Proper
An incorrect date and time on your PC could result in the NET::ERR_CERT_COMMON_NAME_INVALID error. Check to see if the date and time are proper. You can adjust the date and time by going to the Windows setting, selecting Time and Language, and the Date and Time.
You can either choose to set it up automatically or manually.
The NET::ERR_CERT_COMMON_NAME_INVALID error can be so frustrating. It can also be complex to fix, especially when you do not know what it is. You will need to narrow down and discover what is causing the problem. You should start by checking whether the common name in your certificate and the domain are the same. You can then move on to apply troubleshooting solutions covered in this article. The article has provided you with everything you need to know about the error. We hope it helps you solve the error.
Source link
lol
NET::ERR_CERT_COMMON_NAME_INVALID is an error that occurs in web browsers when there is a mismatch in the domain name and common name. A common name is the fully qualified domain name (FQDN) of the SSL Certificate. SSL certificates are issued to initiate HTTPS protocol. The protocol is responsible for encryption functions. Through encryption, all communications and…