Knowledgebase

Troubleshooting a Name Mismatch in Web Browser

A Name Mismatch in the Web Browser occurs when the common name listed on an SSL certificate doesn’t match the name displayed in the URL bar. In order for an encrypted connection to commence, both the name on the certificate and the name in the URL have to match.

Connection Not Private

Name Mismatch errors across different browsers

Different browsers will show different error messages when there is a name mismatch issue. Below are some of the most common:

Chrome – Your connection is not private. Attackers might be trying to steal your information from wrong.host.badssl.com (for example, passwords, messages, or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID

Firefox – Your connection is not secure. The owner of wrong.host.badssl.com has configured their website improperly. To protect your information from being stolen, Firefox has not connected to this website.

Edge – This site is not secure. This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.

Safari – This Connection Is Not Private: This website may be impersonating “wrong.host.badssl.com” to steal your personal or financial information. You should close this page.

What causes it?

A Certificate Mismatch error can occur for a number of reasons :

  • The website was accessed via an IP address or an internal host name, but the certificate was only issued to the public facing fully qualified domain name.
  • The certificate was issued to example.com, but the website was reached via www.example.com. WWW is technically a sub-domain. Most certificates secure both WWW and non-WWW variations, so this is typically not the cause.
  • Multiple websites are hosted on the same IP address as is typically the case in shared hosting environments. The issue is that the SSL handshake occurs before the browser can request the host name via an HTTP header. This in turn leaves the server without enough information on which SSL certificate to provide and may result in the wrong certificate being sent or an error being generated. This isn’t a problem if you have SNI. Additionally, a Multi-Domain SSL certificate can also prevent this issue.

How to resolve?

You can check for Name Mismatches using our SSL Certificate Checker tool.

Resolving this error depends on the reason its occurring in the first place, so solutions to this problem can vary greatly but will almost always involve adjusting the configuration of your website. If you’ve identified the issue, but are struggling to troubleshoot, our installation teamwould be glad to help.

  • 0 Users Found This Useful
     Was this answer helpful?

Related Articles

 Understanding Different Certificate Types

If you’re new to the world of SSL certificates, trying to find the certificate that best suits your needs can seem like an impossible task. Use this guide to find the perfect certificate to match your needs. Single Domain Certificates Single...

 What is Certificate Transparency

Why logging SSL certificates makes the internet safer Certificate Transparency is a mechanism used to publicly log SSL certificates, this helps website owners and watchdogs detect mis-issuance. Of all the threats facing the SSL industry,...

 What is the Difference Between SHA-2 and SHA-2-Full-Chain

While you’re generating your SSL/TLS Certificate you may see an option to select a from 2 different hashing algorithms. You’re given a choice between SHA-2 and FULL SHA-2. SHA-2 is also sometimes referred to as SHA-256. But what’s the difference,...

 Troubleshooting Insecure Content

One of the most common issues site owners run into when installing and SSL certificate and migrating to HTTPS is Insecure Content. This error is produced when content on a secure website is being loaded through a non-secure source. An example...

 Elliptic Curve Cryptography (ECC) Certificates

Cryptography, the science of encrypting data and information, is the backbone of SSL. Every time you visit a website that is secured by an SSL certificate, your computer works with that website’s server to encrypt and then decipher all data sent...

Powered by WHMCompleteSolution