Learn what ERR_CERT_COMMON_NAME_INVALID means for your website and how to address this mismatch error

If you’re seeing the ugly NET::ERR_CERT_COMMON_NAME_INVALID (alternatively, ERR_CERT_COMMON_NAME_INVALID) error displaying on your website, don’t panic. We’ve got the solution for the problem you are facing. In this article, we’ll discuss what the message means, what causes it, and provide practical solutions to fix this error.

An example of how the NET:ERR_CERT_COMMON_NAME error displays in Google Chrome to site visitors
Image caption: An example of how the NET::ERR_CERT_COMMON_NAME_INVALID message displays to Google Chrome users.

Want to learn about 10 common SSL/TLS security certificate errors and issues in Firefox and Chrome and what you can do to fix them? Check out our related resource.

What Is the SSL Error NET::ERR_CERT_COMMON_NAME_INVALID?

A common name mismatch error like ERR_CERT_COMMON_NAME_INVALID is a warning message that appears when the domain specified in your SSL certificate does not match the domain of a specific website. It informs website users that the domain listed in their browser’s address bar doesn’t match the information listed in your site’s SSL certificate’s Common Name (CN) field (i.e., your domain name) or the certificate subject alternative name (i.e., SAN certificate) field.

The common name on an SSL certificate is your domain name, which should match the web address in your host. For example, if you want to secure yoursite.com, with an SSL certificate, your common name should be yoursite.com. Common versions you may see both the WWW and non-WWW versions of the domain. A common name also can include a subdomain like mail.yoursite.com.

If users are unable to verify your server identity, they have no reason to trust your site. They won’t know whether you provided the wrong certificate accidentally because of a misconfiguration issue or if you’re a bad actor who is pretending a fraudulent site is the “real deal.” Either way, submitting any sensitive information to an unverified website leaves their data (and your reputation as a site owner) at risk.

What This Error Looks Like on Different Platforms

What Causes NET::ERR_CERT_COMMON_NAME_INVALID to Appear in Google Chrome

A common name mismatch error occurs when the domain the SSL certificate is installed on is not listed on the certificate (either as the common name, subject alternative name, or covered by a wildcard). Essentially, it’s like your site is wearing the wrong ID badge, so users (moreover, their browsers) can’t verify that its digital identity is legitimate.

Of course, this isn’t the only reason that the ERR_CERT_COMMON_NAME_INVALID message can appear. The same error might also display when:

  • you use a self-signed certificate,
  • you have misconfigured WordPress or cPanel settings (e.g., a misconfigured redirect), or
  • your domain isn’t listed as a subdomain (e.g., mail.yourdomain.com) on your wildcard SSL certificate.

Save up to 75% on Wildcard SSL certificates

We offer the lowest prices on Wildcard SSL Certificates from Comodo, GeoTrust, Thawte, Sectigo, Symantec, and RapidSSL. Save up to 75% by purchasing direct from us!
Buy Wildcard SSL Certificate at $49.74

How to Fix the NET::ERR_CERT_COMMON_NAME_INVALID Error

First, you need to identify what is causing the error. You can run a scan using Qualys SSL Labs’ SSL Server Test. This tool will check your website for various misconfiguration issues.

Once you determine the reason why the ERR_CERT_COMMON_NAME_INVALID error is displaying, then you can quickly implement one of these techniques as a solution:

1. Ensure the Domain Has the Correct Certificate Installed

If the domain on which a certificate is installed is not covered by the certificate, a mismatch occurs between the certificate and the domain. (This is the most common reason the NET::ERR_CERT_COMMON_NAME_INVALID error occurs.)

The easiest way to inspect the certificate and see whether its “issued to” information matches the domain the certificate is installed on.

What If You’re Using a SAN or Wildcard Certificate?

In this case, you’ll also need to check the list of SANs on the certificate (or whether the domain the certificate is installed under qualifies as covered under the wildcard).

Ensure You’re Not Using a Self-Signed Certificate

Replace the SSL/TLS self-signed certificate with a trusted one purchased from a CA or a reputable reseller such as CheapSSLsecurity.com.

2. Check for Redirects and WWW vs. Non-WWW Domains

Determine whether your browser is forcefully redirecting visitors to the other version of your website. If it is, adjust your settings to eliminate the redirect. If the redirect is necessary, you may need to acquire another certificate to cover the domain you are redirecting traffic to.

You’ll also want to check whether you’re forcing traffic through a WWW or non-WWW version of the domain. This is important because not all SSL certificates cover both the WWW and non-WWW versions of a website by default; you will need to confirm the certificate you have covers whichever version of the domain your website defaults to.

Here is the Google webmaster tool screenshot (old version)

Google search console - domain settings

Still running into issues?

3. Get a New SSL/TLS Certificate for Your Domain

If nothing else you’ve tried works so far, you may want to try installing a different certificate on your server. Pick the correct SSL/TSL certificate for your subdomain.

Additional Troubleshooting Steps for WordPress and cPanel

1. Ensure Your Website Address Is Set Correctly Appropriately in the Settings

Sometimes, people are curious about the secured version of the URL and, without purchasing and/or installing an SSL certificate, they change their site’s protocol from an unsecured HTTP to a secured HTTPS. When they click Save Changes, it will cause this NET::ERR_CERT_COMMON_NAME_INVALID message to appear. Luckily, you can easily revert the site address back to the old URL to remove this error message.

If you have a WordPress site, the next thing you can do is head back to your WordPress account general settings and then look for the URL. If you’ve entered the secured version (e.g., adding an ‘s’ to your site’s HTTP) without first purchasing or installing an SSL certificate, it would cause this error.

WP settings

2. Change Your URL Information Through phpMyAdmin in Hosting

Once you change the address in the WordPress settings area without the secured version (HTTPS), you want to get access back to your dashboard. You cannot even access the login page in most of the cases. And this is the worst scenario for beginners, and now it’s time to play with your hosting files.

Navigate to the cPanel and then click phpMyAdmin from the options you can see.

PHP settings

And then, head over to your desired database. (Be careful here: If you have multiple sites hosting in, be sure to select the right database).

PHP Database SQL settings

Now, select the WP options — this is where you can edit your themes, plugins, and settings of your WordPress website (Choose Wp_options).

PHP DB changes

You have to choose the edit site URL and home URL. If either of these two sections has a different address, then your site will cause the error message. Simply put, the web address must be identical in both locations. When you have accidentally changed the URL in the WordPress settings area, this is an alternative place through which you can access the settings indirectly and change the address.

Edit the URL correctly. If you want your site to use a secure protocol and you have a proper SSL certificate, then you can change it to HTTPS. If you don’t have SSL yet, and you have the problem of privacy error, then you must change the HTTPS to HTTP in the meantime until you get SSL implemented.

Be sure to save your changes after editing the URL. After making changes, verify the changes have been correctly implemented on your site by visiting the URL via Chrome’s Incognito window.

Check our WordPress and cPanel troubleshooting tips.

Editor’s Note: This article was originally published on May 27, 2019. It was updated and re-posted on April 2, 2025 to provide more current information.

Buy SSL Certificates and Save 89%

Get an SSL certificate of trusted SSL brands like Comodo, Sectigo, RapidSSL, Thawte, GeoTrust, and Symantec. You can save up to 89% on all types of SSL certificates like DV, OV, EV, Wildcard, and Multi-Domain SSL Certificates.
Buy SSL Certificates at Only $4.97

Related Resources

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.