How to Fix “Server Certificate Does NOT Include an ID Which Matches the Server Name”
Table of Contents
If you’ve come across the “Server certificate does NOT include an ID which matches the server name” error message, you’re not alone. This common SSL issue can block access to your live site, trigger browser security warnings, or prevent secure connections altogether.
The error means there’s a mismatch between your domain name and what’s listed in the SSL certificate. This can happen whether you’re working on a local setup like XAMPP, accessing your live website, or just browsing in older browsers like Internet Explorer.
The good news? Fixing it is usually straightforward. In this guide, we’ll help you identify the cause and walk you through the steps to resolve it, so your visitors can securely access your site.
When this happens, your browser or server may block the connection to protect users from potential threats. You might see this message in your browser, SSL checker tools, or during server diagnostics.
It can cause broken HTTPS connections, blocked access, or security warnings—so resolving it quickly is essential.
Common Causes of the Error
Several issues can trigger this SSL certificate mismatch error. Here are the most common ones:
- Different domain – The SSL certificate is issued for one domain, like example.com, but someone visits www.example.com, which isn’t included in the certificate.
- Missing Subject Alternative Name (SAN) – Modern certificates list all protected domains in the SAN field. If your domain isn’t listed, the connection won’t be trusted.
- Using an IP address – SSL certificates are tied to domain names, not raw IPs. Accessing a site via IP will trigger this error message.
- DNS changes not fully propagated – If you’ve recently updated DNS settings, they might not have spread globally yet, leading to mismatches.
- Incorrect server configuration – The server may be set to use a default or outdated SSL certificate instead of the correct one.
How to Fix the “Server Certificate Does NOT Include an ID Which Matches the Server Name” Error
You can usually fix this error by checking a few key settings and making sure the right certificate is in place. Follow these steps:
1. Inspect the SSL Certificate
Start by checking which domains your SSL certificate covers. You can use tools like SSL Checker or click the padlock in your browser’s address bar.
Look for:
- Common Name (CN) – Should match your main domain exactly.
- Subject Alternative Names (SANs) – Should include all versions you use, such as example.com and www.example.com.
If your domain isn’t listed, the certificate won’t work for it.
You can also review the certificate details in your hosting panel. Verify the SSL is set up correctly before proceeding with the next steps.
2. Replace or Reinstall the SSL Certificate
If your certificate doesn’t match your domain, install a correct one.
- For SiteGround clients: Go to Site Tools > Security > SSL Manager. You can install a free Let’s Encrypt SSL or upload a custom certificate.
- For other hosts: Use your control panel or contact support to install a valid SSL that covers your domain and subdomains.
If the right certificate is already installed but the error persists, try reinstalling it.
3. Update Configuration Files
If your server is still using an outdated or incorrect certificate, you may need to manually update its configuration—especially on custom setups.
- Apache: Check your httpd.conf or ssl.conf files for the correct paths to SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile. You should also review the error log or Apache log file for any certificate-related warnings or messages that might help pinpoint the issue.
- NGINX: Look in your site config for ssl_certificate and ssl_certificate_key. Make sure they point to the current certificate files.
If you’re using a local test environment like XAMPP, make sure the SSL section of your conf files is properly configured.
After making changes, don’t forget to restart Apache or your web server to apply them.
4. Use the Fully Qualified Domain Name (FQDN)
Always use the full domain name—like www.example.com or blog.example.com—instead of just localhost or an IP address.
SSL certificates are domain-specific. If you try to connect using 192.0.2.1 or just example, the certificate won’t match and the error will appear.
Make sure your browser, server settings, and applications are all configured with the full domain name.
5. Check DNS Records
Ensure your domain points to the correct servername. Outdated DNS records might direct users to a server with the wrong certificate.
Verify the following:
- A record – Should point to your current hosting server’s IP.
- CNAME record – If used, should direct to the correct domain or subdomain hostname.
- Propagation status – Use a tool like WhatsMyDNS to confirm DNS changes have taken effect globally.
You can check and update DNS settings from your hosting control panel.
Final Thoughts—Preventing the Error in the Future
To avoid seeing “Server Certificate Does NOT Include an ID Which Matches the Server Name,” and other SSL errors going forward:
- Install certificates that match your full domain, including www and non-www versions.
- Use SAN or wildcard SSLs if your site has multiple subdomains.
- Access your site using the actual domain name—not IPs or shortcuts.
- Keep your DNS records and server configuration current, especially after changes or migrations.
- Renew SSLs before they expire and check that all needed domains are included.
Taking these steps should help you prevent SSL errors and offer a secure, trusted experience for your visitors.
