Securing your website with HyperText Transfer Protocol Secure (HTTPS) is crucial for maintaining strong cybersecurity. 

However, if your Secure Sockets Layer (SSL) certificate isn't installed correctly, you may encounter various errors, including the NET::ERR_CERT_COMMON_NAME_INVALID error.

Resolving this error can be challenging since it can occur due to various reasons. However, by identifying the root cause, you can efficiently fix this SSL issue.

In this guide, we will explain the meaning of the NET::ERR_CERT_COMMON_NAME_INVALID error and provide examples of how it appears in different browsers. Additionally, we will share nine effective methods to help you resolve this error.

Table of Contents 

  1. What Causes the NET::ERR_CERT_COMMON_NAME_INVALID Error?
  2. Variations of the NET::ERR_CERT_COMMON_NAME_INVALID Error
  3. How to Fix the NET::ERR_CERT_COMMON_NAME_INVALID Error? 

1. What Causes the NET::ERR_CERT_COMMON_NAME_INVALID Error?

The NET::ERR_CERT_COMMON_NAME_INVALID error occurs when the browser fails to verify a website's SSL certificate, resulting in an inability to establish a secure connection. This issue typically arises due to misconfiguration of the certificate on the server.

Error Code NET::ERR_CERT_COMMON_NAME_INVALID
Error Type SSL Connection Error
Error Variations Your connection is not private
Warning: Potential Security Risk Ahead
Your connection isn’t private
This site is not secure
Error Causes Invalid SSL certificate
Misconfigured redirects
Misconfigured proxy settings
Antivirus or Browser extensions issues
Operating system issues

What Causes the NET::ERR_CERT_COMMON_NAME_INVALID Error? 

Before delving into the causes of the NET::ERR_CERT_COMMON_NAME_INVALID error, let's understand the relevant terms. The "common name" in this error is the domain on which the SSL certificate is installed.

For instance, if your website is mydomain.com, the common name on your SSL certificate should be mydomain.com. Hence, the root cause of the NET::ERR_CERT_COMMON_NAME_INVALID error is a mismatch between the common name on your SSL certificate and the domain it is installed on. 

However, other scenarios may trigger this error, such as:

  • Your SSL certificate does not account for variations between www and non-www versions of your domain.
  • You attempted to switch your website to HTTPS without installing an SSL certificate.
  • Your site has a self-signed SSL certificate that your browser does not recognize as valid or secure.
  • Your antivirus software is blocking the SSL connection.
  • A browser extension is interfering with the SSL connection.
  • Your proxy settings are misconfigured.
  • Your browser cache or SSL state has become corrupted.

As evident, several factors contribute to the NET::ERR_CERT_COMMON_NAME_INVALID error, making it challenging to identify the correct solution. 

However, you can effectively fix the problem with patience and the right approach.

Variations of the NET::ERR_CERT_COMMON_NAME_INVALID Error 

Before we explore the solutions, you must recognize the NET::ERR_CERT_COMMON_NAME_INVALID error in your browser. 

Here's how it appears in popular web clients:

The NET::ERR_CERT_COMMON_NAME_INVALID error in Google Chrome

The specific error code, NET::ERR_CERT_COMMON_NAME_INVALID, is listed below the main message. 

Users can choose to proceed to the site using HTTP, but this warning may discourage visitors.

Different web browsers may display various error messages when encountering common name mismatch errors in SSL certificates. Here's how some popular browsers handle these errors:

Mozilla Firefox: Firefox presents an error message under the heading "Your connection is not secure." It notifies you that the website you're trying to access hasn't been configured correctly and recommends refraining from accessing it. You may also encounter a message that says "Warning: Potential Security Risk Ahead."

Mozilla Website Warning: Potential Security Risk Ahead

A more specific error message might appear below, indicating that the SSL certificate is invalid and only configured for specific domain names. The error code "SSL_ERROR_BAD_CERT_DOMAIN" may also be shown.

Safari: In Safari, the error message reads, "Safari can't verify the identity of the website" or "Safari can't open the page," followed by the domain you're attempting to reach. It may mention that the site's SSL certificate is invalid or that a secure connection couldn't be established.

Safari can’t open the page

Compared to other browsers, Safari's common name mismatch error message tends to be less specific, indicating there may be other SSL-related issues involved. It's important to explore various solutions in such cases.

Internet Explorer: Internet Explorer provides a direct warning message stating, "This site is not secure." It highlights an issue with the trustworthiness of the SSL certificate.

Internet Explorer error This site is not secure

The error message equivalent to the NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome typically states, "The security certificate presented by this website was issued for a different website's address." Internet Explorer may suggest solutions such as adding or removing "www" from the entered URL, but these fixes are temporary.

It's crucial to address common name mismatch errors as they have the potential to discourage prospective visitors. By resolving SSL certificate issues, you can ensure a secure browsing experience and maintain the trust and credibility of your website.

How to Fix the NET::ERR_CERT_COMMON_NAME_INVALID Error?

Understanding that the NET::ERR_CERT_COMMON_NAME_INVALID error can stem from various causes, it's important to explore multiple solutions to address this issue on your website. Here are nine methods you can try to resolve the error:

  1. Ensure the Accuracy of Your SSL Certificate
  2. Verify Redirect Configurations
  3. Ensure Consistency between WordPress Address and Site Address
  4. Verify Usage of Self-Signed SSL Certificate 
  5. Clear Your SSL State and Browser Cache 
  6. Review Your Proxy Settings 
  7. Troubleshoot Browser Extension Conflict 
  8. Adjust Your Antivirus Software Settings 
  9. Update Your Browser and Operating System (OS) 

1. Ensure the Accuracy of Your SSL Certificate 

The NET::ERR_CERT_COMMON_NAME_INVALID error often occurs when your website's domain does not match the common name listed on your SSL certificate, so it is essential to verify the configuration of your certificate.

While the examples provided focus on troubleshooting this error in Google Chrome, similar steps can be followed in other web browsers. 

To begin, click on the "Not Secure" warning in the URL bar and select "Certificate (Invalid)" from the menu:

Verify That Your SSL Certificate Is Correct

Certificate check in progress Accessing the certificate checker in Google Chrome

This will open a small window displaying the details of your SSL certificate:

Verifying Subject Alternative Names (SAN) Certificates

Ensure that the domain listed here matches the one you are attempting to reach. If it does not match, it indicates a misconfiguration of your certificate.

The recommended solution is to remove the existing certificate from your site and install a new one.

Verifying Wildcard SSL Certificates 

The NET::ERR_CERT_COMMON_NAME_INVALID error becomes more complex when a wildcard SSL certificate is involved. This type of certificate is designed to encrypt data for multiple subdomains.

Instead of having a single common name listed on the certificate, a subdomain level such as *.example.com is utilized.

Suppose you have a wildcard certificate installed and encounter the NET::ERR_CERT_COMMON_NAME_INVALID error. In that case, it may indicate that your certificate does not cover the subdomain you are trying to access.

Keep this in mind when verifying the SSL certificate in your browser. Additionally, note that wildcard SSL certificates only secure a single subdomain level. Therefore, separate certificates are required for *.example.com and *.subdomain.example.com.

Verifying Subject Alternative Names (SAN) Certificates 

A Subject Alternative Names (SAN) certificate can encrypt data for multiple domains that point to the same website. This includes variations with or without "www," subdomains, and Top-Level Domain (TLD) variations.

If the website you are trying to access uses a SAN certificate, further investigation is necessary when verifying the SSL certificate in your browser.

In Google Chrome, click on "Details" in the certificate window:

Accessing certificate details in Google Chrome

Scroll down until you locate the section labelled "Extension Subject Alternative Name." Below it, you should find a list of all the certificate-protected domains.

2 Verify Redirect Configurations 

Misconfigured redirects can cause errors if you redirect your website from one domain to another without installing an SSL certificate on the initial domain. Many SSL certificates do not automatically handle redirection between the "www" and non-"www" versions of your site.

For instance, let's consider a scenario where you set up a redirect from www.example.com to example.com. If you have installed an SSL certificate on example.com but not on www.example.com, you may encounter the NET::ERR_CERT_COMMON_NAME_INVALID error.

If you are uncertain whether your site utilizes such redirects, you can employ a tool like the Redirect Checker:

Redirect Checker

If you discover that redirects are causing conflicts with your SSL certificate, there are a couple of potential solutions. One option is to modify the common name on the certificate to match the correct domain version.

Alternatively, you can obtain a separate certificate for the domain you are redirecting or acquire a Subject Alternative Names (SAN) certificate covering both domains. 

In the case of wildcard domains, you will need to specify each subdomain that requires encryption instead of relying on redirection between them.

3. Ensure Consistency between WordPress Address and Site Address 

It is common to accidentally switch the site address to HTTPS in WordPress without installing an SSL certificate. Whether you intended to implement a security measure or were exploring your site's settings, you might have unintentionally triggered the NET::ERR_CERT_COMMON_NAME_INVALID error.

Resolving this issue is relatively straightforward.

To begin, access your WordPress dashboard and navigate to Settings > General. Verify that both the WordPress Address and Site Address are aligned:

Make Sure Your WordPress Address and Site Address Match

Furthermore, if these URLs currently utilize HTTPS but do not have an SSL certificate installed, switch them to HTTP instead. Remember to save any changes you make.

Suppose the error persists even after modifying the addresses. In that case, you may also need to update them in your database using phpMyAdmin.

Access phpMyAdmin through your hosting account. Locate your site's database by clicking on its name in the left-hand sidebar, then access the wp_options table:

change the addresses in your database via phpMyAdmin

Locate the siteurl and home rows and make the necessary address adjustments. Afterwards, check if you can successfully access your site.

4 Verify Usage of Self-Signed SSL Certificate 

When obtaining an SSL certificate from a reputable source like Let's Encrypt or another recognized Certificate Authority (CA), it is signed by the CA, ensuring its validity. However, self-signed certificates are created by users and not backed by a CA.

Self-signed certificates, although free, are less secure than CA-issued certificates. 

Let's Encrypt, for example, provides authorized SSL certificates at no cost. Unless you set up a certificate for internal server purposes or local development, there is typically no reason to use a self-signed certificate.

Browsers generally label sites using self-signed certificates as 'not secure' because they do not provide the same level of protection as authorized certificates. This labelling can sometimes trigger the NET::ERR_CERT_COMMON_NAME_INVALID error.

You can verify the Certificate Authority (CA) of your certificate using the method described earlier in this post. The CA information will be displayed in the certificate details popup:

Determine If Your Site Is Using a Self-Signed SSL Certificate

Suppose you suspect that your site is using a self-signed certificate and you are not a developer. In that case, it is recommended to contact the person or team responsible for building your site and request them to replace it with an authorized certificate.

However, if you intentionally installed a self-signed certificate, you can authenticate it with your browser to bypass the error. Please note that this process varies significantly depending on your browser and operating system and is generally more complex than installing a Let's Encrypt certificate.

5 Clear Your SSL State and Browser Cache 

Suppose you verified that your SSL certificate is correctly configured, but you continue encountering the NET::ERR_CERT_COMMON_NAME_INVALID error. 

In that case, it may be necessary to clear your SSL cache. 

Browsers often cache SSL certificates to enhance loading speed. Consequently, even after installing a new certificate, you may still see an error message despite everything being in order.

Clearing your SSL state varies depending on your browser and operating system. For the purpose of this example, we will focus on Chrome and provide instructions for both Windows and macOS.

On Windows, open the Start menu and search for "Internet Options". 

Select the corresponding option when it appears, and navigate to the Content tab within the Internet Options window. Next, click on the "Clear SSL State" button:

Clear Your SSL State and Browser Cache

You must use the keychain manager on macOS to clear your SSL state. In Chrome, access it by going to Settings > Privacy and Security> Manage certificates:

Settings > Privacy and security > Manage certificates:

Locate the certificate associated with the domain you are trying to access. Right-click on it and select "Delete":

Deleting certificate data using the macOS keychain manager

You may be prompted to enter your user password.

Deleting the certificate in this manner should clear your SSL state and resolve the NET::ERR_CERT_COMMON_NAME_INVALID error if a corrupted cache is an underlying cause.

It is also recommended to clear your browser cache. 

In Chrome, you can do this by opening the settings menu and selecting "More Tools" > "Clear Browsing Data" or using the keyboard shortcut:

  • For Windows Chrome: CTRL + Shift + Del
  • For macOS Chrome: Shift + CMD + Del

You can also access your Privacy and Security settings to specify the data you want to clear. Be sure to select "Cached images and files" from the list of options.

6. Review Your Proxy Settings 

Proxy servers route web traffic and maintain client or origin server anonymity. However, misconfigured proxy settings can lead to various issues, including SSL errors restricting web access.

To address this problem, it's essential to reset your proxy settings. The process may vary depending on whether you use a Windows or Mac computer.

You can access proxy settings through Google Chrome regardless of your operating system. Follow these steps: Go to Settings > Advanced > System > Open your computer's proxy settings:

Review Your Proxy Settings

If you're using Windows, this will open the Internet Properties window. Click on the Connections tab, then choose the LAN Settings button, and select "Automatically detect settings":

Assess Your Proxy Settings (Windows)

On macOS, this will open your Network settings window. Click on the Proxies tab and select "Automatic Proxy Configuration":

Automatic proxy configuration 

After adjusting the proxy settings, try accessing your website again to see if the error has been resolved.

7. Troubleshoot Browser Extension Conflict 

Like WordPress plugins, browser extensions can sometimes conflict with each other and cause issues, including problems with your site's HTTPS connection.

To determine if a browser extension is responsible for the NET::ERR_CERT_COMMON_NAME_INVALID error, open your site in an incognito window:

  1. On your computer, open Chrome.
  2. At the top right, click More Chrome kebab menu New Incognito Window.
  3. A new window appears. In the top corner, check for the Incognito icon:
    check if incognito .

You can also use a keyboard shortcut to open an Incognito window:

  • Windows, Linux, or Chrome OS: Press Ctrl + Shift + n.
  • Mac: Press ⌘ + Shift + n.

This will disable any installed extensions temporarily. 

If you can access your site without any issues in incognito mode, it indicates that a browser extension is causing the problem.

To fix this, you can follow these steps:

  1. Disable your extensions one at a time: Disable each extension individually and then try accessing your site. Repeat this process until you identify the extension that triggers the error.
  2. Remove the problematic extension: Once you've identified the extension causing the error, remove it from your browser. This should resolve the issue permanently.

You can eliminate the NET::ERR_CERT_COMMON_NAME_INVALID error by troubleshooting browser extension conflicts and ensuring a smooth browsing experience.

8 Adjust Your Antivirus Software Settings 

Antivirus software can sometimes interfere with proper HTTPS connections, leading to the NET::ERR_CERT_COMMON_NAME_INVALID error. 

If you have antivirus software installed on your computer, it's worth checking its settings to ensure that HTTPS scanning is enabled. 

Here's how you can proceed:

  1. Open your antivirus software and navigate to its settings.
  2. Look for an option related to HTTPS scanning or SSL/TLS protection.
  3. If HTTPS scanning is disabled, enable it and save the changes.

After enabling HTTPS scanning, try reaccessing your site to see if the error persists. 

Suppose the issue persists even after enabling HTTPS scanning. In that case, consider temporarily disabling your antivirus software to see if it resolves the error. 

However, remember that disabling antivirus software poses a security risk, so it's essential to reactivate it as soon as possible.

If disabling the antivirus software resolves the NET::ERR_CERT_COMMON_NAME_INVALID error, it's recommended to contact the support team of your antivirus program. They can provide further assistance in resolving the error while maintaining your computer's security.

Remember to re-enable your antivirus software while waiting for a response from support and follow their guidance on resolving the error effectively without compromising your computer's safety.

9. Update Your Browser and Operating System (OS) 

An outdated operating system (OS) or browser can sometimes result in errors when accessing certain websites. To avoid such issues, it's essential to ensure that you are running the latest version of your OS, whether it's Windows, macOS, or Linux.

Additionally, keeping your browser up-to-date is essential. If you are using Google Chrome, you can follow these steps to check for updates:

  1. Open the Chrome browser.
  2. Click on the menu icon (three vertical dots) in the browser window's top right corner.
  3. Select " Help " from the drop-down menu and choose "About Google Chrome."

Check your Chrome version

This will open a new tab displaying information about your browser, including its current version. Chrome will automatically check for updates and install them if available.

It's recommended to allow automatic updates for your browser to ensure you have the latest security patches and features. This helps in resolving potential issues, such as the NET::ERR_CERT_COMMON_NAME_INVALID error.

Similarly, regularly update your operating system to the latest version the respective OS vendor provides. This ensures your computer has the latest security updates and improvements, which can help prevent errors and compatibility issues when browsing websites.

Keeping your browser and operating system up-to-date can minimize the risk of encountering errors and ensure a smoother browsing experience.

Summary

Resolving the NET::ERR_CERT_COMMON_NAME_INVALID error can be challenging, but proper troubleshooting can quickly address the issue and maintain your website's credibility. 

Here are the initial steps to fix this error:

  1. Check your SSL certificate: Examine it in the browser to ensure it is valid and properly configured.
  2. Verify redirects: Look for misconfigured redirects that might be causing the error.

If these initial steps don't resolve the issue, consider exploring the other methods mentioned in this guide to troubleshoot the error comprehensively. 

Addressing each aspect systematically increases the likelihood of resolving the NET::ERR_CERT_COMMON_NAME_INVALID error and maintaining a trustworthy website for your visitors.

Was this answer helpful? 0 Users Found This Useful (0 Votes)