<

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x

SSL Name Mismatch Errors and How to Fix Them

Published on
3,206 Points
106 Views
1 Endorsement
Last Modified:
Editors:
Devin Becker
Computer and Networking Technologies student getting his start in the industry.
Have you ever received a “This page is not protected” error while trying to access a web page? Maybe even your own web page? This may mean that the site, or your site, that you are trying to access has an SSL Certificate Name Mismatch error.

Have you ever received a “This page is not protected” error while trying to access a web page? Maybe even your own web page? This may mean that the site, or your site, that you are trying to access has an SSL Certificate Name Mismatch error. In simplest of forms, this means that the name for the website on the certificate doesn’t match the name in the URL/Address Bar.

 

For example: typing in www.example.com, when the certificate for the site is for explicitly https://example.com


This is most likely a cause of not having the right common name, or not having the correct Subject Alternative Name (SAN) on the website’s certificate.


There are two main parts of the certificate that are important when dealing with this specific issue. The Subject field, and the Subject Alternative Name field, both of which are accessed in the Details of a certificate.



As the pictures show, Experts Exchange’s certificate has a Common Name of: experts-exchange.com, and two SANs: experts-exchange.com & *.experts-exchange.com.


For those unfamiliar, the asterisk (*) represents a wildcard, which means that anything can go in its place, in this case, a sub-domain. Using this wildcard we cover any cases that might cause a name mismatch error when entering www.expert-exchange.com and https://experts-exchange.com as well as other URLs.

 

Google is a great example of a company that uses wildcard sub-domains.

 


As they have sub-domains like drive.google.com, hangouts.google.com, and many more, it makes sense that they would wildcard their sub-domains. Note that they can also use wildcards on completely different domains(ie. Google.co.jp & google.co.uk). They also have their own Internet Authority, which allows them to create their own certificate.


While having a wildcard sub-domain can be a hassle-free solution to many name mismatch problems, it is more expensive to obtain a wildcard certificate.

 

According to GoDaddy’s standard Certificate pricing: a One Site certificate is $75 a year, a certificate that will protect one domain and up to 5 SANs for $169 per year, while a wildcard certificate that protects all subdomains for 1 domain is $350 per year.


Go Daddy Security Certificates


If you manage a site that is experiencing name mismatch errors:


  1. Check your certificate for your site
    1. Check the common name in the Subject field
    2. Check the Subject Alternative Names field
  2. If you find that changes need to be made you may need to:
    1. Access the account with your Certificate Provider(DigiCert, GeoTrust, GoDaddy, etc.)
    2. Access your Certificates or Orders
    3. Select the Certificate or Order for your website
    4. If available, Add, Remove, or Change Domains.
      • If this option is not available it is possible that you need to contact your certificate provider
  3. Add the necessary SANs into your certificate
    1. Depending on your provider, your certificate plan, or your current SAN entries, there may be an additional charge.
  4. Process the changes
  5. Reissue the certificate to your site.
    • Note: Most certificate providers take 30 to 60 minutes to issue the new certificate to your site.


I hope that this article may help you if you, or your site visitors, are receiving this error when accessing your site.


Devin Becker



1
0 Comments

Featured Post

PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

The is a quite short video tutorial. In this video, I'm going to show you how to create self-host WordPress blog with free hosting service.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month