What Does NET::ERR_CERT_COMMON_NAME_INVALID Error Mean?
The NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome indicates there is an issue with the security certificate for the website you are trying to access. This error typically appears when the common name field in the certificate does not match the domain name for the website. While frustrating, this error is usually easy to resolve. Here are some steps you can take to fix the NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome:
Understand the Cause of ERR_CERT_COMMON_NAME_INVALID Error
To understand this error, you need to know a bit about how security certificates work. Websites prove their identity and establish encrypted HTTPS connections using SSL/TLS certificates issued by certificate authorities (CAs). These certificates contain information identifying the website domain, like the common name (CN) field.
When you try to access a website, Chrome checks that the certificate CN matches the domain you requested. If not, Chrome prevents access and shows the NET::ERR_CERT_COMMON_NAME_INVALID error to indicate the certificate is not valid for that domain.
Some common causes of this mismatch include:
- The website recently changed domain names but is still using the old certificate.
- The web admin requested a certificate for the wrong domain name.
- There are multiple versions of the site (e.g. www.example.com vs example.com) with conflicting certificates.
- The server is misconfigured and returning the wrong certificate for the domain.
So, in most cases, the issue is with the website’s configuration, not your browser. But there are ways you can try fixing it on your end.
Step-by-Step Guide to Fix NET::ERR_CERT_COMMON_NAME_INVALID Chrome Error?
Clear Browsing Data in Chrome
The first troubleshooting step is to clear your Chrome browsing data. Over time, your browser can cache old certificate data that may conflict with updated certificates on the website. Clearing this data forces Chrome to re-fetch the certificate:
- Click the 3-dot menu in the top right of Chrome.
- Select Settings.
- In the Privacy and Security section, click Clear browsing data.
- Select the time range for data deletion. Choose the beginning of time to clear all cached data.
- Check the boxes for Cookies, Cache, and Hosted app data.
- Click Clear data.
Once deleted, try reloading the page that gave you the error. If it was a caching issue, this should resolve it.
Check Chrome’s Certificate Settings
Chrome has a certificates page that allows you to examine and manage website certificates stored by your browser. Check here for any conflicts:
- Type chrome://settings/certificates into the address bar. Press Enter.
- Under the ‘Authorities’ tab, look for a certificate for the problematic domain. If found, select it and click Remove.
- Switch to the ‘Your Certificates’ tab. Again, look for an entry associated with that domain and remove it if present.
Removing outdated, cached certificates for the site may correct the name mismatch error.
Try Disabling Chrome Extensions
Some Chrome extensions can interfere with page requests and cause certificate errors. As a test, temporarily disable your extensions:
- Click the 3-line menu button in Chrome. Select Settings.
- Click Extensions on the left side.
- For each enabled extension, click the toggle switch next to it to turn it off.
- Once disabled, try reloading the page with the certificate error.
If the problem goes away, turn extensions back on one-by-one until you identify the problematic add-on. You can then remove or reconfigure that extension.
Use Incognito or Guest Mode
Incognito and Guest modes in Chrome launch with extensions and most cached data disabled. Try accessing the site in one of these modes:
- For Incognito, click File > New Incognito Window.
- For Guest mode, click your profile icon > Guest window.
If the certificate name error goes away, that reinforces the idea something in your browser profile is causing conflicts.
Try Another Browser
To rule out broader issues beyond Chrome, attempt accessing the problematic website using another browser like Firefox or Edge. If you get the same error, it likely indicates a server-side certificate configuration issue you’ll need to contact the website admin about.
But if the site works fine in other browsers, the problem is isolated to your Chrome installation. You can then focus troubleshooting on Chrome itself.
Contact the Website Owner
If you still see the NET::ERR_CERT_COMMON_NAME_INVALID error after trying the above steps, the issue is likely on the server end. Contact the website owner and explain you are getting a certificate name mismatch error for their domain.
Provide the steps you took to isolate the problem in Chrome. They can then investigate and update the certificate configuration on their web server to properly match the domain name.
In your message, include key details like:
- The website URL giving the error.
- Screenshots of the error message in Chrome.
- The current date and time when you tried to access the site.
This will help them recreate and troubleshoot the issue. In most cases, the admins will need to reissue or renew the security certificate to fix the problem.
Renew Your Own Certificate (Self-Signed Sites Only)
If you host your own website and manage your own certificates, you likely need to renew the SSL/TLS certificate for that domain.
The common name not matching is a sign the current certificate is outdated and no longer aligned with your domain name. Follow your web host’s process for generating and installing a new certificate that correctly uses your updated domain name in the CN field.
Be sure to restart your web server software after installing the renewed certificate for the changes to take effect. Visitors to your site should then see the NET::ERR_CERT_COMMON_NAME_INVALID error resolved.
Conclusion
The NET::ERR_CERT_COMMON_NAME_INVALID error in Chrome is annoying but usually straightforward to resolve. In most cases, clearing your browsing data, disabling extensions, or using Incognito/Guest modes will correct the problem by forcing Chrome to re-fetch the certificate. If that fails, contact the website admin to report the certificate issue on their end. With the right troubleshooting steps, you should be able to resolve this error and regain access to the website.
FAQs About Common Chrome Certificate Errors
What other Chrome errors are related to security certificates?
Some other common Chrome certificate errors include:
- NET::ERR_CERT_DATE_INVALID – The certificate expired.
- NET::ERR_CERT_AUTHORITY_INVALID – The issuing CA is not trusted.
- NET::ERR_CERT_REVOKED – The certificate was revoked.
- NET::ERR_CERT_INVALID – General issue with the certificate format or configuration.
Why do I only see the error in Chrome, not other browsers?
Chrome enforces some newer, stricter policies around certificate validation. Other browsers may ignore minor name mismatches or expiration dates. So, issues with server certificates often affect Chrome first. Try the troubleshooting steps to see if you can resolve it on your end before contacting the website owner.
What if clearing browsing data does not fix it?
If clearing your Chrome data like cookies and cache does not resolve the issue, the problem likely lies with the server’s certificate configuration. Contact the website admin and provide details about the error to help them troubleshoot on their end. There is likely little else you can do to resolve it in the browser itself at that point.
How do I create a Guest or Incognito window in Chrome?
To open Incognito mode, click the 3-dot menu > New Incognito window. For Guest mode, click your profile icon > Guest window. Using these private browsing modes can help isolate certificate issues.
Can I access an insecure site despite the error?
You can technically proceed to a site by clicking Advanced > Proceed. But this is highly unrecommended, as it means communicating with a server that has an invalid security certificate. That exposes you to risks like data interception and phishing. You should only proceed if absolutely necessary, and never enter sensitive info.
