What this NET::ERR_CERT_COMMON_NAME_INVALID error entails and what you can do to address it

If you are a website owner and having the problem when opening your site and you follow up with the “NET::ERR_CERT_COMMON_NAME_INVALID” error, don’t panic. We’re here to help you with this error you are facing. In this article, we’ll discuss what the “NET::ERR_CERT_COMMON_NAME_INVALID” message is and why it occurs. We also will provide practical solutions to fix this error.

Fix err cert common name invalid error

What is a Common Name on an SSL Certificate and How does it trigger How to Fix NET::ERR_CERT_COMMON_NAME_INVALID?

The common name on an SSL certificate is your domain name, which should match with the web address in your host. For example, if you want to secure yoursite.com, with an SSL certificate, your common name should be yoursite.com.

Common versions you may see both the WWW and non-WWW versions of the domain. A common name also can include a subdomain like mail.yoursite.com.

What Are Subject Alternative Names or Wildcards?

  • yoursite.com,
  • www.yoursite.com
  • https://yoursite.com and https://www.yoursite.com
  • http://youtsite.com and http://www.yoursite.com

The common name might be the same as the web address you are enclosed in your web server and search console. There can be common name mismatch error occurs when the name of your SSL certificate does not match with the web address in the search/address bar.

What is an SAN certificate?

Subject alternative name, or SAN certificates, refer to certificates that cover other domains in addition to the domain that is listed as the common name. For example:

  • Common name: yoursite.com
  • SAN 1: mail.yoursite.com
  • SAN 2: www.yoursite.org
  • SAN 3: mysite.com

A wildcard is a certificate that protects all of the subdomains at a specified level in the common name domain. Common names for wildcard certificates use an asterisk to specify the unlimited level and are formatted as such — *.yoursite.com. A wildCard for *.yoursite.com would cover any subdomain at that level: blog.yoursite.com, mail.yoursite.com, live.yoursite.com, etc.

Examples of some wildcard SSL certificates include:

Save up to 75% on Wildcard SSL certificates

We offer the lowest prices on Wildcard SSL Certificates from Comodo, GeoTrust, Thawte, Sectigo, Symantec, and RapidSSL. Save up to 75% by purchasing direct from us!
Buy Wildcard SSL Certificate at $49.74

Why “NET::ERR_CERT_COMMON_NAME_INVALID” Appears in Google Chrome

A common name mismatch error occurs when the domain the SSL certificate is installed on is not listed on the certificate (either as the common name, subject alternative name, or covered by a wildcard). It’s essentially like your site is wearing the wrong hat.

In addition to these potential causes of ”NET:ERR_CERT_COMMON_NAME_INVALID” errors, there are other reasons this message can pop up, such as a misconfigured redirect.

Here are a few ways you can eliminate NET::ERR_CERT_COMMON_NAME_INVALID Error

2 Ways to Fix ERR_CERT_COMMON_NAME_INVALID in Google Chrome

First, you need to identify what is causing the error. If you find the reason, then you can quickly implement one of these techniques as a solution:

1. Ensure the Domain Has the Correct Certificate Installed

This is the most common reason the “NET:ERR_CERT_COMMON_NAME_INVALID” error occurs. If the domain a certificate is installed on is not covered by the cert, there is a mismatch between the certificate and the domain.

The easiest way to check whether this is to inspect the certificate and compare the “issued to” domain information to the domain the certificate is installed on. However, in the case of SAN and wildcard certificates, as mentioned above, you would need to also check the list of SANs on the certificate (or check to see whether the domain the certificate is installed under qualifies as covered under the wildcard).

2. Check for Redirects and WWW vs. Non-WWW

Determine whether your browser is forcefully redirecting visitors to the other version of your website. If it is, then you should adjust your settings to eliminate the redirect. If the redirect is necessary, you may need to acquire another certificate to cover the domain you are redirecting traffic to.

You’ll also want to check whether you’re forcing traffic through a WWW or non-WWW version of the domain. This is important because not all SSL certificates cover both the WWW and non-WWW versions of a website by default; you will need to confirm the certificate you have covers whichever version of the domain your website defaults to.

Here is the Google webmaster tool screenshot (old version)

Google search console - domain settings

Additional Troubleshooting Steps for WordPress and cPanel

1. Ensure Your Website Address is Set Appropriately in the Settings

Sometimes, people are curious about the secured version of the URL and, without purchasing and/or installing an SSL certificate, they change their site’s protocol from an unsecured HTTP to a secured HTTPS. When they click Save Changes, it will cause this NET::ERR_CERT_COMMON_NAME_INVALID message to appear. Luckily, you can easily revert the site address back to the old URL to remove this error message.

If you have a WordPress site, the next thing you can do is head back to your WordPress account general settings and then look for the URL. If you’ve entered the secured version (e.g., adding an ‘s’ to your site’s HTTP) without first purchasing or installing an SSL certificate, it would cause this error.

WP settings

2. Change Your URL Information Through phpMyAdmin in Hosting

Once you change the address in the WordPress settings area without the secured version (HTTPS), you want to get access back to your dashboard. You cannot even access the login page in most of the cases. And this is the worst scenario for beginners, and now it is time to play with your hosting files.

Navigate to the cPanel and then click ‘phpMyAdmin’ from the options you can see.

PHP settings

And then, head over to your desired database. (Be careful here: If you have multiple sites hosting in, be sure to select the right database).

PHP Database SQL settings

Now, select the WP options — this is the place where you can edit your themes plugins and settings of your WordPress website (Choose Wp_options).

PHP DB changes

You have to choose the edit site URL and home URL. If either of these two sections has a different address, then your site will cause the error message. Simply put, the web address must be identical in both locations. When you have accidentally changed the URL in the WordPress settings area, this is an alternative place through which you can access the settings indirectly and change the address.

Edit the URL correctly. If you want your site to use a secure protocol and you have a proper SSL certificate, then you can change it to HTTPS. If you don’t have SSL yet, and you have the problem of privacy error, then you must change the HTTPS to HTTP in the meantime until you get SSL implemented.

Be sure to save your changes after editing the URL. After making changes, verify the changes have been correctly implemented on your site by visiting the URL via Chrome’s Incognito window.

Buy SSL Certificates and Save 89%

Get an SSL certificate of trusted SSL brands like Comodo, Sectigo, RapidSSL, Thawte, GeoTrust, and Symantec. You can save up to 89% on all types of SSL certificates like DV, OV, EV, Wildcard, and Multi-Domain SSL Certificates.
Buy SSL Certificates at Only $4.97

Related Resources

Author

Welcome to Savvy Security, a blog focused on providing practical cybersecurity advice for website owners and small businesses. Our team brings you the latest news, best practices and tips you can use to protect your business...without a multi-million dollar budget or 24/7 security teams.