Website security is of utmost priority for any online business, so most websites have been loading over HTTPS, a best cybersecurity practice.
Even though most search engines like Google consider it as one of their ranking signals, they rank and prioritize websites that are safe and secure for the users.
However, implementing this on a website, especially installing an SSL certificate, requires proper guidance.
If the SSL certificate is not properly installed, you may encounter several error messages, one of which is ‘net::ERR_CERT_COMMON_NAME_INVALID’.
Although this error doesn’t prevent visitors from accessing the website, it creates a sense of mistrust and gives a bad first impression. The red warning sign with the message ‘the site may steal user’s private data or information’ further exacerbates this negative perception.”
Apart from all these, resolving this issue is very tricky and can trigger due to a variety of reasons. The best approach would be to narrow down the causes and then work on it.
In this article, we will explain everything about net::err_cert_common_name_invalid error, which includes its meaning, causes, and methods to fix it.
What is net::err_cert_common_name_invalid error?
The net::err_cert_common_name_invalid error means the browser is unable to verify the website’s SSL certificate and hence to able to establish a secure connection. This mostly happens when the common name that is written in the SSL certificate mismatches with the actual domain name.
Error code | NET::ERR_CERT_COMMON_NAME_INVALID |
Error type | SSL Connection Error |
Error variations | Your connection isn’t private Your connection is not private This site is not secure Warning: Potential Security Risk Ahead |
Error causes | Invalid SSL certificate Misconfigured redirects Browser extension incompatibility issues Antivirus issues Poorly configured proxy Settings Operating system issues |
What causes net::err_cert_common_name_invalid error?
Before we directly address the causes of the net::err_cert_common_name_invalid error, there are certain things we need to clarify for beginners.
In the error ‘net::err_cert_common_name_invalid,’ you might be wondering what the ‘common name’ means. It is a reference used in SSL certificates to represent domain names.
For example, if the domain name is WPOven.com, the common name used in the SSL certificate would be ‘WPOven.com.’
So, the error message ‘net::err_cert_common_name_invalid’ indicates that there is something wrong with the common name on the SSL certificate, it might be invalid or misconfigured, whatever the case.
However, this is not always the same cause. There might also be other reasons that can display the ‘net::err_cert_common_name_invalid’ error, which we are going to share down below:
1. Mismatched Domain Name: The common name (or subject alternative name) in the SSL certificate does not match the domain name you are trying to access. For example, if the certificate is issued for www.example.com
but you are accessing example.com
, this error can occur.
2. Self-Signed Certificates: If the SSL certificate is self-signed and not issued by a trusted Certificate Authority (CA), browsers will not trust the certificate, leading to this error.
3. Expired Certificates: If the SSL certificate has expired, the browser will not trust it and display this error.
4. Antivirus Issue: If you have an antivirus program running in your system, it might be blocking the SSL connection.
5. Missing Intermediate Certificates: SSL certificates are often part of a chain of trust. If the server fails to provide the intermediate certificates necessary to complete the chain, the browser may not trust the certificate, resulting in this error.
6. Old or Unsupported Browsers: Some older browsers or devices may not support newer SSL certificates or certain types of encryption, leading to compatibility issues and this error.
7. Browser extension conflict: It might be also possible that your Browser Extension might be interrupting the SSL connection.
8. Domain Aliases and Wildcard Certificates: If you are using wildcard certificates (e.g., *.example.com
) or certificates for multiple domain names, there might be configuration issues leading to this error.
9. Corrupt Browser Cache or SSL State: There are higher chances that either your browser cache or SSL state has been outdated or Corrupted.
10. Misconfigured Proxy Settings: Some proxies intercept SSL/TLS connections and re-encrypt the traffic with their certificates. If the proxy’s certificate is not properly configured or trusted by your browser, it can cause this error.
How to fix the net::err_cert_common_name_invalid error? (Best 10 methods)
As you can see, there can be various reasons that can cause net::err_cert_common_name_invalid error. At first, it looks very tricky to solve but a little patience and the right approach can get you through this. Here are some of the best methods you can try.
- Check your SSL Certificate is set correctly
- Check if your website is using a self-signed SSL Certificate
- Check for incorrect Redirects
- Verify WordPress address matches with Site Address
- Check for Browser Extension Conflicts
- Clear Browser Cache
- Clear your SSL State
- Try Disabling Antivirus and Firewalls
- Check your proxy settings
- Update your Browser and Antivirus versions
1. Check your SSL Certificate is set correctly
One of the most common and general reasons for the net::err_cert_common_name_invalid error is the domain name doesn’t match the common name on your SSL certificate.
Hence the first thing you need to do is check your SSL certificate for any mismatch between common name and domain name.
To check this, Go to your website, and simply click on the “View Site information” icon in the Chrome browser, as shown below:
Now from the drop-down menu click on the “Conenction is secure” option.
Now click on the Certificate is a valid option.
A popup window will appear showing all the details about the SSL certificate.
The domain registered in the SSL certificate should match your website’s domain. If this does not match, it can lead to an SSL mismatch error, which can be fixed by simply deleting the SSL certificate and installing a new one.
Check Wildcard SSL certifications
Things can get even worse and messy if Wildcard SSL certifications are involved. This type of SSL certificate is best suitable for organizations that have multiple subdomains.
Sometimes, an SSL certificate lists a subdomain (like domain.example.com) as its common name. If you use a wildcard certificate for a subdomain and see the NET::ERR_CERT_COMMON_NAME_INVALID error, There are higher chances that the SSL certificate doesn’t include the subdomain you’re trying to visit.
So, while checking the SSL certificate, always keep in mind that wildcard SSL certificates only protect one level of subdomains. For instance, you are required to have a different certificated or example.com and subdomain.example.com.
Check SAN (Subject Alternative Names) certificates
A SAN (Subject Alternative Name) certificate is a type of SSL/TLS certificate that is used to secure multiple domain names and/or IP addresses with a single certificate. This is useful for organizations that manage multiple domains and variations of TLD, as it simplifies certificate management and reduces costs.
If your organization uses a SAN certificate for the website, check the list of domains it protects in the certificate details. If a web address is not there, the certificate doesn’t cover it.
2. Check if your website is using a self-signed SSL Certificate
However, self-signed SSL certificates are best suited for testing purposes and are typically generated by users for use in local environments or private internal networks.
They are not traditionally issued by a trusted Certificate Authority (CA), hence they do not possess the full protection guaranteed by trusted certificates. Therefore, they are not trusted or fully recognized by browsers for secure access to public websites.
Therefore, websites that use Self-signed SSL certificates generally have to face net::err_cert_common_name_invalid error, because browsers cannot verify the certificate’s authenticity.
To check this,
- Open the website in Google Chrome and click on “view site information”.
- Followed by selecting the “Now Secure” warning msg > “Certificate (Invalid)” from the drop-down menu.
- A popup window will open showing all the SSL certificate details.
- If you found that the certificate issuer is not a recognized Certificate Authority but your company or from an unspecified source, means it is a self-signed certificate.
To fix this you can either contact your Web hosting provider or directly issue a new SSL certificate from LetsEncrypt Free SSL.
Note: Websites hosted on WPOven, automatically get a Free SSL certificate within a single click. However, you have also the option to use your own custom SSL certificate as well.
3. Check for incorrect redirects
If you have implemented redirection of your site from one domain to another but have not installed an SSL certificate in the primary domain, it can trigger errors.
No matter if the domain name is the same but the URL is different, the SSL certificate may not account for that. Not all SSL certificates provide the feature to cover both www and non-www versions of the website.
For example, if you have redirected domain.com to www.domain.com but installed the SSL certificate on www.domain.com, a net::err_cert_common_name_invalid error might be displayed on your screen.
To fix this issue, you can follow any of the either ways:
- You can change the common name on the certificate to match your main domain.
- Or, you can buy another SSL certificate for the domain you’re redirecting from.
4. Verify WordPress address matches with Site Address
There is a high chance that while configuring your WordPress setup, you might have accidentally changed your site address to HTTPS without an SSL certificate in WordPress. You might have been trying to follow best security practices or just exploring settings, but this can cause the NET::ERR_CERT_COMMON_NAME_INVALID error.
But solving this issue is not a big deal.
- Go to your WordPress dashboard.
- Navigate to Settings > General.
- Ensure your WordPress Address and Site Address are the same.
Even after following the above steps, if the error persists, you might need to change your database address via phpMyAdmin or Adminer.
First, open your website’s phpMyAdmin dashboard and open the database by clicking on its name in the left-hand sidebar. Then, find and open the “wp_options” table:
- In phpMyAdmin, look for the “siteurl” and “home” rows.
- Edit these rows to change the addresses as needed.
- After editing, check if you can now access your site.
5. Check for Browser Extension Conflicts
Sometimes, a browser extension you’ve installed can cause a net::err_cert_common_name_invalid error. It can be hard to figure out which one is causing the problem unless you check each one individually.
Here’s how you can do it:
- To see all your installed Chrome extensions, type “chrome://extensions/” in the address bar and press Enter.
- Disable all active Chrome extensions.
- After disabling them, check if the error is fixed. If it is, it means one of the extensions caused the issue.
- To find out which one, enable each extension one by one and try accessing the website after enabling each one. This helps identify the extension causing the problem.
6. Clear Browser Cache
A browser cache is like a temporary storage on your computer where web pages, images, and other stuff from websites are saved. This mechanism makes it faster for webpages to load when the next time you visit them again.
Sometimes, the data in the cache memory either gets corrupted or outdated resulting in errors. So clearing the browser cache pushes the browser to fetch the updated/fresh information of the website and hence there are high chance it can also all the issues related to your browse, including SSL errors.
Here’s how you can do it:
Step 1: Depending on your browser, go to the settings menu.
For example, in Google Chrome, click on the three dots in the top right corner.
Step 2: Choose “More tools” and then click on “Clear browsing data”.
Step 3: A window will pop up. Under “Basic,” select “Browsing history,” “Cookies and other site data,” and “Cached images and files”.
Step 4: Click “Clear data” to start.
If clearing the cache doesn’t solve the issue, you can also try clearing your SSL state.
7. Clear your SSL State
Just like the browser cache, your browser also stores a website’s SSL certificate information to make the site load faster the next time you visit. However, sometimes this can lead to the NET::ERR_CERT_COMMON_NAME_INVALID error.
To fix this, you can clear the SSL state in your browser and operating system. How you do this depends on which operating system and browser you’re using.
For Windows users:
Step 1: Click on the Start menu button at the bottom left of your screen and choose Control Panel.
Step 2: In the Control Panel window, click on “Network and Internet”.
Step 3: Then click on “Network and Sharing Center”. From there, in the left-hand menu, click on “Internet Options”.
Step 4: In the Internet Properties panel that opens, go to the “Content” tab.
Step 5: Under the “Certificates” section, click on the “Clear SSL State” button.
Step 6: You’ll see a confirmation message. Click “OK” to continue.
Step 7: Wait for the cache to clear. You’ll see a success message when it’s done.
Step 8: Finally, restart your web browser, like Google Chrome, to check if the SSL error is fixed.
8. Try Disabling Antivirus and Firewalls
No doubt, Antivirus, and firewall software are designed to protect your computer from viruses and unauthorized access. But sometimes they can mistakenly block or interfere with secure connections (SSL/TLS) that websites use to keep your data safe.
Due to this fact, sometimes it can display the net::err_cert_common_name_invalid error, which might happen due to antivirus or firewall interfering in the SSL connection. To check if this is the case, you can temporarily turn off (disable) your antivirus or firewall software.
After disabling your antivirus or firewall, try to access the website or service again. If the error disappears and everything works fine, then it confirms that the antivirus or firewall was indeed causing the issue.
Once you’ve identified that the antivirus or firewall is the problem, you need to make certain adjustments and disable certain functions of the antivirus to fix the issue.
Here is how you can do it.
- Go to your antivirus settings or configuration section.
- Look for the HTTPS/SSL scanning option > Search Settings related to web browsing, SSL scanning, or secure connection interception.
- Now Disable the HTTPS/SSL scanning option temporarily to check if it fixes the issue.
- If it does, contact your Antivirus Program support team for further support.
9. Check your proxy settings
A proxy setting helps to route web traffic and retain anonymity for the clients and web servers. Helping to protect users from hackers or malicious third parties.
But sometimes, it can also malfunction and interfere with the secure SSL connection resulting in triggering SSL errors.
To check proxy settings in Windows, you have to follow the steps given below:
- Go to your Windows control panel and search “Internet options“.
- Click on the “Internet options” and a pop-up window will appear with all the Internet properties.
- Now click on the connections tab > LAN settings
- Make sure the “Automatically detect Settings” is marked check and unmarked the box ” Use a proxy server for your LAN“.
For MacOS users,
- Open the Apple menu and go to System Preferences.
- Then click on Network. From the list, pick the network service you want and click on Advanced.
- Go to the Proxies tab.
- Check the box for Automatic proxy configuration and click OK to save your changes.
10. Update your Browser and Antivirus versions
Outdated browsers or operating systems may lack necessary security updates, be infested with errors and bugs, and miss root certificate updates. Ensure that you are using the latest version of your browser and operating system to avoid compatibility and software instability issues.
Check out the steps for updating Chrome Browser:
- Click the three dots in the top-right corner of the Chrome browser.
- Go to “Help” and select “About Google Chrome.”
- The settings will open and show if an update is available.
- If there is, click “Update Google Chrome.” If you don’t see this button, you already have the latest version.
Follow the given below steps to Update Windows:
- Open the Windows “Settings” and click on Update & Security.
- Click on Windows Update. The system will automatically scan for the updates and let you know whether an update is available.
- You can also check manually by clicking on the Check for Updates button.
For macOS users follow these steps:
- Open the Apple menu and select System Settings.
- Go to General > Software Update. Click the Update Now button if a new version of macOS is available.
Variations of net::err_cert_common_name_invalid error appear on different browsers
The net::err_cert_common_name_invalid error might appear differently in various browsers, but it has the same meaning in all of them. Let’s help you recognize it, no matter which browser you use.
Google Chrome
Most internet users prefer to use the Chrome browser to visit their favorite sites. If an SSL error occurs on a website, they will likely see a message saying ‘Your connection is not private‘ with the error code NET::ERR_CERT_COMMON_NAME_INVALID below it.
This means there might be a security issue, and someone could try to steal your information.
Chrome will suggest going ‘Back to safety.’ But if you still want to visit the site, you can click ‘Advanced’ and then choose ‘Proceed to the website.
Mozilla Firefox
Mozilla follows a different approach to display the ‘NET::ERR_CERT_COMMON_NAME_INVALID’ error message. It shows “Warning: Potential Security Risk Ahead” with an additional message warning visitors that the browser has encountered a potential security flaw and suggests not continuing to the website.
It also provides more information about the error, mentioning that the issue likely occurred because the certificate is not valid or is configured to work only with specific domain names.
Opera
Opera also displays the ‘NET::ERR_CERT_COMMON_NAME_INVALID’ error differently. The Opera browser warns visitors with a message stating ‘Your connection is not private’ and alerts you that attackers may try to steal your personal information or data.
Safari
For Apple users, the Safari browser will display the ‘NET::ERR_CERT_COMMON_NAME_INVALID’ error with a message stating ‘Safari can’t open the page.’ Sometimes, it may also show ‘Safari can’t verify the identity of the website.’
However, Safari doesn’t provide more specific details about the error, which can sometimes lead to confusion with other SSL errors. Therefore, it’s better to explore various solutions available.
Summary
As mentioned earlier, fixing the net::err_cert_common_name_invalid error isn’t easy. The best approach is to identify possible causes of the error and then use appropriate methods to fix it. This approach saves time and effort and also preserves your website’s credibility with visitors.
Follow the ten methods listed above carefully, and please let us know in the comments which method worked for you.
Rahul Kumar is a web enthusiast, and content strategist specializing in WordPress & web hosting. With years of experience and a commitment to staying up-to-date with industry trends, he creates effective online strategies that drive traffic, boosts engagement, and increase conversions. Rahul’s attention to detail and ability to craft compelling content makes him a valuable asset to any brand looking to improve its online presence.