I receive an Error “ERR_CERT_COMMON_NAME_INVALID”
Apr 20, 2023The "ERR_CERT_COMMON_NAME_INVALID" error message typically indicates that the SSL certificate for the website you are trying to access has a common name (CN) or subject alternative name (SAN) that does not match the domain name of the website. This could happen for a few reasons:
- DNS misconfiguration: The website's SSL certificate's common name (CN) or subject alternative name (SAN) does not match the domain name of the website you are trying to access. This could be caused by a DNS misconfiguration or because you are trying to access a website that is not the one you expect.
- SSL certificate was issued for a different domain: If the certificate was issued for a different domain, you will get this error message.
- SSL interception: If you are on a corporate network, it is possible that your traffic is being intercepted by a device that is configured to examine SSL traffic, it will reissue a new certificate for the website being accessed which is not trusted by your browser, leading to the question mark icon. In this case, you would need to contact your IT administrator to check if this is the case and how to proceed.
- Check your anti-virus or firewall software: Some anti-virus or firewall software can interfere with the SSL certificate validation process. You may want to temporarily disable these programs and see if that resolves the issue.
- Update your browser: Make sure that you are using the latest version of your browser, as older browsers may not be able to access websites using the latest security protocols.
- Clear browser's cache and cookies: Clearing your browser's cache and cookies may fix issues related to SSL certificates.
- Disable VPN or proxy: If you are using a VPN or proxy, try disabling it and accessing the website again.
- Contact the website administrator: Contact the website administrator and inform them of the issue. They may be able to help you resolve the issue or provide you with an explanation of why the certificate doesn't match the domain name of the website.
- Check if the certificate is revoked: Make sure that the certificate hasn't been revoked. Use online tools such as CRL or OCSP checker to check the certificate revocation status.
- Check if the certificate is chained properly: In some cases, the chain of trust between the SSL certificate and the root CA is not established properly. Make sure that the website has all the necessary intermediate certificates installed and configured correctly.
- Alternative solutions: As a last resort, you may consider using browser extension to allow access to the website, but this is not recommended as it can compromise your security and expose you to potential malicious attacks.
Once again, please be aware that if the certificate is invalid or doesn't match the domain name of the website, it is safer not to proceed and contact the website administrator to resolve the issue.
