Home
/
Website Help
/
NET::ERR_CERT_COMMON_NAME_INVALID Error - 9 Ways to Fix it

NET::ERR_CERT_COMMON_NAME_INVALID Error - 9 Ways to Fix it

Table of Contents

The NET::ERR_CERT_COMMON_NAME_INVALID error occurs when there is a mismatch between the browser’s URL and the domain listed on the website’s SSL certificate.

This error message can be frustrating, but the good news is that SSL errors are usually easy to fix with some straightforward steps.

With this guide, we’ll explain the causes of this error and provide nine proven methods to resolve it.

What is the NET::ERR_CERT_COMMON_NAME_INVALID Error?

The NET::ERR_CERT_COMMON_NAME_INVALID error is a security warning shown by browsers like Chrome or Firefox when they can’t validate the SSL certificate of a website.

That is, if the certificate’s “Common Name” does not match the website’s URL, the browser fails to access the page.

A screenshot of the SSL warning message in Chrome, displaying the ERR_CERT_COMMON_NAME_INVALID.

Browsers display this error to protect users from potentially insecure connections or malicious sites. However, this error can also occur due to SSL misconfigurations or issues with the website’s setup.

We’ll explore the most common reasons in more detail below.

What Causes the NET::ERR_CERT_COMMON_NAME_INVALID Error?

Several factors can trigger the NET::ERR_CERT_COMMON_NAME_INVALID error. These include:

  1. Domain Name Mismatches – The domain name on the SSL certificate doesn’t match the URL in the browser.
  2. Incorrect SAN fields – Subject Alternative Name (SAN) fields aren’t configured properly for multi-domain certificates.
  3. Redirect Issues – Improper redirects can point to non-secure URLs, causing certificate errors.
  4. Outdated Browser or OS – Old browsers or operating systems may not recognize new SSL configurations.

Let’s dive into specific troubleshooting steps.

How to Fix the NET::ERR_CERT_COMMON_NAME_INVALID Error

1. Verify the SSL Certificate

Use an online SSL Checker to confirm the certificate’s details, including its common name and expiration date.

Results from SSLshopper.com's SSL checker.

If the results show errors with the name or expiration date, reinstall the SSL on your web server or contact the CA (certificate authority) for assistance.

2. Verify SAN (Subject Alternative Name)

The Subject Alternative Name (SAN) field allows a single SSL certificate to cover multiple domains or subdomains. For multi-domain websites, make sure the SAN fields on your certificate cover all intended domains or subdomains.

If the domain or subdomain is not listed correctly in the SAN field, it may trigger the error. To verify SAN fields:

Click the padlock icon in your browser’s address bar > Select Certificate/Connection is secure > Check the Certificate Subject Alternative Name section in the certificate details.

Screenshot of the certificate details in Google Chrome, showing a list of the SSL fields and more details about the Certificate Subject Alternative Name field.

Update the SSL certificate if any domain is missing.

3. Check Redirects

If you are redirecting the non-www version of your website to www, and your SSL certificate only covers yourdomain.com, you would trigger the ERR_CERT_COMMON_NAME_INVALID.

You can fix this by installing a new SSL certificate on yourdomain.com that also covers the www version, or by installing a separate SSL certificate on www.yourdomain.com

4. Check Your Site/WordPress URL

In WordPress, mismatched URLs in your site settings can cause SSL certificate errors. If your site’s URL is set to HTTPS instead of HTTP, and you do not have an SSL certificate installed, it can lead to the NET::ERR_CERT_COMMON_NAME_INVALID error.

The recommended solution is to install an SSL certificate on your domain so your website runs through HTTPS.

Alternatively, you can set WordPress to use HTTP, so you can access your website until you are able to install an SSL.

Here’s how to fix this:

Go to Settings > General in your WordPress dashboard and set both the WordPress Address (URL) and Site Address (URL) fields to use the HTTP version of your domain.

WordPress General Settings page. Highlighted options to edit the WordPress Site and Home URLs.

If you’ve already updated the URLs in the settings but still see the same error, the HTTPS URLs might be hardcoded in the database.

Use a plugin to search for HTTPS links and replace them with HTTP. Alternatively, run a query in phpMyAdmin to update the URLs in the database.

SiteGround offers an integrated tool that allows you to easily run a search and replace directly through your Site Tools dashboard.

5. Clear Your SSL State on Windows

Windows devices store SSL cache in the OS, which browsers use when loading a website. Clearing your SSL state helps remove old, cached SSL certificates that might be causing issues, especially after updates or changes to your SSL certificate.

To clear the SSL state:

In Windows, open the Internet Options > go to the Content tab > click Clear SSL State.

Internet Properties dialog on Windows showing the Content tab. The section includes a 'Clear SSL State' button under Certificates and settings for AutoComplete and Feeds.

This can often resolve a mismatch error where an outdated or incorrect certificate is cached, preventing secure connections.

macOS also has an SSL cache, but browsers do not use it. To clean the “SSL State” in macOS, you should instead clear the browser’s cache.

6. Clear Your Browser Cache

Sometimes, the browser’s cache stores outdated SSL certificates or settings, which can lead to security errors.

Clearing your browser cache means the most recent version of the site and its certificate is loaded.

7. Troubleshoot Browser Extension Conflicts

Browser extensions can sometimes interfere with SSL certificates and cause the NET::ERR_CERT_COMMON_NAME_INVALID error.

The easiest way to test this is to open the site in incognito mode. This disables all extensions by default. If the page loads properly in private mode, disable your extensions one by one to isolate the issue.

To Disable Extensions One by One:

  • In Chrome:
    • Click the three dots in the upper-right corner and go to More tools > Extensions.
    • Disable extensions by toggling off the switch next to each one, then reload the page to check if the error persists.
  • In Firefox:
    • Click the three horizontal lines, go to Add-ons and themes > Extensions, and disable them one by one.
  • In Safari:
    • Go to Safari > Settings > Extensions and uncheck each extension to disable it temporarily.

8. Update Your Browser and Operating System

Outdated browsers or operating systems may not support the latest SSL/TLS protocols, causing certificate errors like NET::ERR_CERT_COMMON_NAME_INVALID.

Keeping your browser and OS up to date maintains compatibility with newer SSL certificates. Here’s how to update:

  1. Update Your Browser:
    • In Chrome:
      • Click the three dots in the top-right corner, go to Help > About Google Chrome.
      • Chrome will check for updates and install them automatically if available.
    • In Firefox:
      • Click the three horizontal lines in the top-right corner, go to Firefox > About Firefox.
      • Firefox will check for updates and install them if necessary.
    • In Safari:
      • Safari updates are tied to macOS updates, so make sure you’re running the latest version of macOS.
    • In Microsoft Edge:
      • Click the three dots in the upper-right corner, go to Help and Feedback > About Microsoft Edge.
      • Edge will check for updates automatically.
  2. Update Your Operating System:
    • For Windows:
      • Go to Settings > Update & Security > Windows Update and click Check for updates.
    • For macOS:
      • Go to System Settings > Software Update and install any available updates.

9. Check Your Proxy Settings

A misconfigured proxy server can result in SSL errors.

To troubleshoot, use Google Chrome to access and reset your proxy settings.

Go to Settings> System > Open your computer’s proxy settings:

Google Chrome's advanced settings page, showing the option to open your computer's proxy settings.

On Windows, this will take you to your WiFi’s network settings. Make sure the Automatically detect settings option is toggled on.

Windows network proxy settings screen. Includes sections for automatic proxy setup with options to automatically detect settings or use a setup script, and manual proxy setup with fields for address and port.

On macOS, toggle Automatic Proxy Configuration from the list of Proxy settings.

macOS proxy settings screen under the Wi-Fi network options. Includes options for auto proxy discovery, automatic proxy configuration, web proxy (HTTP), secure web proxy (HTTPS), SOCKS proxy, and bypass proxy settings for specific hosts and domains.

Final Thoughts on NET::ERR_CERT_COMMON_NAME_INVALID

The NET::ERR_CERT_COMMON_NAME_INVALID error can disrupt website access, but it is typically easy to resolve with the right approach.

By understanding its causes and applying the fixes listed above, you should be able to restore secure access to your site.

To prevent SSL errors, regularly monitor your SSL certificates and make sure they are valid and up-to-date.

If the issue persists, consult with your hosting provider or SSL certificate authority for additional support.

RELATED ARTICLES

Share This Article