Err_cert_common_name_invalid

Hi there,

when I visit https://mitte-altona.info/ or http://mitte-altona.info/ or https://www.mitte-altona.info/ or http://www.mitte-altona.info/ I’m always redirected correctly to

And I don’t have any certificate error message.

But some users get an error message like this: ERR_CERT_COMMON_NAME_INVALID

Any hints? What can we do?

Some more information below.

Kind regards
winnewoerp


Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:mitte-altona.info or www.mitte-altona.info

I ran this command: New Let’s Encrypt Certificate via technical administration of my webhoster ALL-INKL.COM

It produced this output: (everything works fine here, but some users get the error message ERR_CERT_COMMON_NAME_INVALID)

My web server is (include version): I don’t know (shared hosting on my webhoster’s server)

The operating system my web server runs on is (include version): I don’t know

My hosting provider, if applicable, is: ALL-INKL.COM

I can login to a root shell on my machine (yes or no, or I don’t know): No

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ???

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): ???

1 Like

Hi @winnewoerp

checking your domain there is no such error visible - https://check-your-website.server-daten.de/?q=mitte-altona.info#url-checks

Domainname Http-Status redirect Sec. G
http://mitte-altona.info/ 85.13.162.146 301 https://mitte-altona.info/ Html is minified: 100,00 % 0.043 A
http://www.mitte-altona.info/ 85.13.162.146 301 https://www.mitte-altona.info/ Html is minified: 100,00 % 0.043 A
https://www.mitte-altona.info/ 85.13.162.146 301 https://mitte-altona.info/ 2.427 B
https://mitte-altona.info/ 85.13.162.146 GZip used - 10523 / 38594 - 72,73 % Inline-JavaScript (∑/total): 29/13598 Inline-CSS (∑/total): 2/1511 200 Html is minified: 184,31 % 2.710 I

Instead, there are two correct redirects http -> https (same domain name) and https (not preferred version) -> https (preferred version).

And there is no mixed content. There are two missing files, so Grade I, but not mixed content or certificate problems with external resources.

Your mail ports have the wrong certificate - see the #connections part. But it may be impossible to install an own certificate.

If that isn’t the problem, a screenshot is required.

PS: Your certificate

CN=mitte-altona.info
	18.05.2020
	16.08.2020
expires in 89 days	mitte-altona.info, www.mitte-altona.info - 2 entries

created yesterday. May be it was a problem one day earlier.

1 Like

You would have to get a good screenshot of that situation to better understand their problem.

As far as the four sites, they all redirect properly.
And the cert has both names in it.
And the server is providing the required cert chain (intermediates).
So I can’t see any reason for such an error.
[Unless they are using a very very old browser that is trying the IP instead of the name.]

1 Like

Hi @JuergenAuer and @rg305,

Thank you for your helpful replies. The website check result is the same as for other websites I have running at the same host and everything works fine there. So it’s even more unclear for me why it’s not working in some cases here.

The certificate was issued May 18th and also we switched from the domain including www to the one without as the main address of the Wordpress installation. The day before yesterday it was a browser caching problem in some cases, so after clearing the cache in the respective browser the problem disappeared. But this does not seem to work everywhere. Especially, some people get error messages when visiting the website via one of the addresses including www.

Here’s a screenshot of a Google Chrome user:

If you have other ideas based on this additional information, please let me know. Otherwise I will try to get even more information on the cases where the problem appears.

Kind regards
winnewoerp

1 Like

If you continue and then look at the cert, what name does it show?

1 Like

Did that user cleared his cache? What says “Erweitert”?

To see, which certificate is visible.

The problem “COMMON_NAME_INVALID” says: It’s not an expired certificate.

Double-click on “NET_ERR_CERT_COMMON_NAME_INVALID”, then the certificate is shown.

2 Likes

Thanks again for your replies! I will get back to you in detail when the respective user has sent his new screenshots of the certificate and error details.

In the meantime, here’s a screenshot of the certificate settings from our webhoster’s technical administration panel:

To me, everything looks fine there as well. So we’ll have to wait for the new screenshots.

Best
winnewoerp

2 Likes

Thank you for your help! Finally, it seemed to be a settings problem at the client’s local server.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.