ERR_CERT_COMMON_NAME_INVALID: How to Fix This Error

The ERR_CERT_COMMON_NAME_INVALID error usually occurs when the SSL/TLS certificate's name doesn’t match the domain name the user is trying to access. This can cause browsers to flag the site as potentially unsafe, which may discourage visitors and negatively impact SEO.

Main Causes of ERR_CERT_COMMON_NAME_INVALID

• Incorrect certificate configuration: Sometimes, an incorrect domain name is specified when setting up the SSL certificate, leading to this error.
• Subdomain mismatch: The certificate is issued for a specific domain, such as example.com, but the user is trying to access the site through a subdomain, like www.example.com or another variant.
• SSL certificate chain issues: If the certification chain is incomplete or invalid, the browser may not trust the certificate.
• Expired certificate: If the SSL/TLS certificate has expired, this error may appear in the browser as well.

How to Fix ERR_CERT_COMMON_NAME_INVALID

1. Check Your SSL Certificate Configuration

Ensure your certificate is issued for the correct domain name. You can verify this using the following command in the terminal:

openssl s_client -connect your_domain:443

2. Renew the Certificate

If the certificate has expired, renew it. If you have automatic renewal, check that it’s functioning correctly.

3. Use a Certificate for Subdomains

If you need to secure multiple subdomains (e.g., www.example.com and blog.example.com), ensure your SSL certificate supports them, or install a wildcard certificate.

4. Restart Your Server

After making changes, restart the web server to apply the updated certificate settings.

5. Clear Browser Cache and Cookies

Sometimes browsers retain outdated data that causes conflicts. Clearing your cache and cookies can resolve this issue.