Buy from the highest-rated provider   Buy SSL.com Certificate x

SSL Certificate Name Mismatch Error

 "The security certificate presented by this website was issued for a different website's address."

Name Mismatch Error in Internet Explorer 7

The name mismatch error indicates that the common name (domain name) in the SSL certificate doesn't match the address that is in the address bar of the browser. For example, if the certificate is for www.paypal.com and you access the site without the "www" (https://paypal.com), you will get this SSL certificate name error. If you aren't the website administrator you will want to always access the site with the full name (usually include the "www." before the domain name) or ask the website owner to fix the problem.

If you are the website administrator, you will usually want to forward all traffic without the "www" to an address with the "www" and get an SSL certificate with the "www" in the common name. That way you will completely avoid the name mismatch error. Some certificate authorities get around this problem by issuing a certificate with SANs. So you can get a certificate for paypal.com and include a SAN of www.paypal.com so you don't get a name mismatch error. Another common reason for this error is if you are accessing a server using an internal name when the SSL certificate on it just has the public name on it. In this situation you can get a UC certificate that has both the external public name and the internal server name in the certificate. You can verify whether you will get a name mismatch error by using our SSL Checker.

Most web browsers make it clear that you shouldn't just continue when you receive this error. This is because, while most of the time it doesn't, it could indicate that a phisher is trying to pass a website off as a legitimate site. You shouldn't have to continue through this error message on legitimate web sites.

This error is often phrased differently depending on the web browser. These are some common ways the name mismatch error is stated in other browsers:

Different name mismatch errors in different web browsers

Web Browser  Error Message
 Internet Explorer 6  "The name on the security certificate is invalid or does not match the name of the site"
 Internet Explorer 7

 "The security certificate presented by this website was issued for a different website's address."

 Firefox 2

"You have attempted to establish a connection with "www.paypal.com". However, the security certificate presented belongs to "paypal.com.phishingsite.com". It is possible, though unlikely, that someone may be trying to intercept your communication with this web site.

If you suspect the certificate shown does not belong to "www.paypal.com", please cancel the connection and notify the site administrator."

 Firefox 3  "www.phishingsite.com uses an invalid security certificate. The certificate is only valid for: www.paypal.com"
 Safari 3  "This certificate is not valid (host name mismatch)"

 

Name Mismatch Error in Internet Explorer 6

Name Mismatch Error in Firefox 2

Name Mismatch Error in Firefox 3

Name Mismatch Error in Safari 3

Originally posted on Thu Nov 6, 2008

Comments


Robert(2014-12-13)

Hi Mary,

It looks like you have a certificate for *.dlm.myherbalife.com. That is why you get an error when you access it with dlm.myherbalife.com. You will need to change the common name in the certificate to *.myherbalife.com to get rid of the error. Talk to your certificate provider (GeoTrust) about how to do this.

Sandeep(2014-12-13)

if we have 2 profiles on WAS server with the same sub domain can we use the same SSL for both? would it still show this issue?

Vinayak(2014-12-13)

Hi,

I am facing issue while accessing one site getting the certificate of different site where as both the site are binded with different IPs on same server. i.e - If I am accessing www.xyz.com I am getting the certificate of www.pqr.com.

Megini(2014-12-13)

I am recieving this error after dns records were pointed to a new server where the site would be hosted the current server uses a certificate that can be used more than once is there a way of fixing this at all?

John(2014-12-13)

Your certificate is *.myherbalife.com therefore when the web site has two or more "." (periods) to left of myherbalife then you will get the mismatch error. The * portion of your URL refers to a wildcard however with SSL if you have a "." as part of wildcard portion you will get this error. Suggest changing your DNS to use "-" instead of a "."

Mary Sylvia.S(2014-12-13)

Internet Explorer 7 "The security certificate presented by this website was issued for a different website's address."

I'm not getting the SECURITY ALERT Screen, prev i use to get it an when i click yes, it will go to the secured page.
Now my prob with the ceritifacte error is originally the certifacte was issue to "*.myherbalife.com" ( equifax) and now i tried to connect "dlm.myherbalife.com" that time i get this error.
help me to clear this error.

Ander(2014-12-13)

Hello,

As Robert says, if you have a wildcard certificate for one domain, yo won't have the error if the website is like

service1.dominio.com
service2.dominio.com
.....

But if you use it for a websike like

service1.city.dominio.com
service2.city.dominio.com
.....

you will get it, because the wildcard certificate it's only for the services in "dominio.com", not for the subdomain "city.dominio.com".

Anyway it's a valid certificate, as for "city.dominio.com" like for "dominio.com", the problem is the message (it doesn't look nice). Internet Explorer have the option to disable it, but you need to do that in each IE client, so it's not very effective. This otion is in Internet tools/Advanced Options/security/, it's something like "Notify abaut the not mattching in the adress of the certificates" (I have it in spanish, so it's not exatly this, but something like this).

Paul(2014-12-13)

CA are offering wildcard services which allows an organisation to release SSL fast but this results in a cert error. Does anyone know the best set-up for a wildcard entry to avoid the error message to the end user?

Sonic Bass(2014-12-13)

Ive got this issue using a watchguard firebox with single sign on. nightmare.

ikye(2014-12-13)

it tells me domain name mismatch when i open a particular website, pls what do i do to solve this problem. thanks

taje(2014-12-13)

The security certificate presented by this website was not issued by a trusted certificate authority.
The security certificate presented by this website was issued for a different website's address

AR(2014-12-13)

I have a Mac and use Macmail, I haven't made any changes to our email or site logins or certificates however I'm getting the dialog "Mail can't verify the identity of "gives our mail server #" (which is the correct #). You might be connecting to a server that is pretending to be "number" ....
I clicked "Show Certificate" and it gave me GeoTurst Global CA > .securesites.com. "This certificate is not valid (host name mismatch). I called our web host, Verio, and they said for now just Connect each time, don't click "Always trust". this happens every time I open my email client. Could it be pisching or is this authentic? Can I click "Always Trust"?

Andjelko(2014-12-13)

Ander, thank you for your tip, it worked fine. Muchas gracias! :)

marwan(2014-12-13)

i can't uploade from my wibe sit to server
tise error
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application's trust level in the configuration file.

Exception Details: System.Security.SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

Source Error:

Line 210: 'File.Copy(img_path.PostedFile.FileName, "c:\")

Robert(2014-12-13)

Hi AR,

It sounds like your host is just using a shared certificate on your site. It would be more secure to use a separate certificate for your site, but you should be fairly safe to click through the warnings in this case.

sagar(2014-12-13)

Your certificate is *.myherbalife.com therefore when the web site has two or more "." (periods) to left of myherbalife then you will get the mismatch error. The * portion of your URL refers to a wildcard however with SSL if you have a "." as part of wildcard portion you will get this error. Suggest changing your DNS to use "-" instead of a "."

Thinakaran(2014-12-13)

I setup cname for a domain. Both are different domains like xyz.com, zxy.com and both are wildcard SSL enabled.



I am getting this below error in my browser.

You attempted to reach xyz.com, but instead you actually reached a server identifying itself as *.zxy.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of xyz.com.

Niti(2014-12-13)

Is there a way by which we can allow web application access with multiple URLS viz., using IP address (say 151.34.25.190), hostname (say 01hm45678) and complete hostname (say 01hm45678.india.com). The user should be able to access the we app using either of the URLs without giving any certificate error.

RickP(2015-01-31)

Yes, using Subject Alternative Name extensions.

Default Admin User(2014-12-13)

Thinakaran, you'll need to have both names included in the certificate to avoid the name mismatch error.

Nick(2014-12-13)

When i use the SSL checker with my Domain of www.limosa.com.au it comes up with someone elses domain name... what does this mean? i have no affiliation with this other domain and i am getting annoyed that i cannot read emails on my devices because they dont match up.

Cheers, Nick

Russ Hill(2015-01-20)

I need help this has been problem has been coming up for awhile it will not let me in to aol mail on uk side only usa side using .com. and also other sites i use a lot says the certificate is not right but these will not work by changing to .com as they uk sites any help would be appreciated. google chrome is browser.

Pankaj Patil(2016-06-09)

i need help, In my magento ecommerce website i have activate the ssl certificate but it is not redirect to https://www.mixrack.com from mixrack.com

vinay(2016-08-09)

i have installed ssl certificate for a website runing on iis 8, certificate had been working fine until 15 days back, and on the same server Macfee EPO server is also runing. now when i accessing my website, certificate is not showing, i used ssl checker to check the appropriate certificate for the website, but it showing the MCAfee EPO server certificate , can some help me out to resolve this certificate problem,

jimlongo(2018-06-04)

When I check a site with a cPanel auto ssl cert https://www.sslshopper.com/... you report a possible problem in that "None of the names in the cert . . ."

and report this about the cert - Common name: li1265-51.members.linode.com

When every browser I check the cert in has the common name whm.topline.cloud, and viewing the cert has the following.
--
X509v3 Subject Alternative Name:
DNS:whm.topline.cloud, DNS:mail.whm.topline.cloud, DNS:www.whm.topline.cloud
--

I think the report is wrong in this instance.

SSL Shopper(2018-06-05)

Thanks for posting about this. I fixed the SSL Checker so that it grabs the correct certificate (the server seems to be sending a different certificate if you connect with the IPv6 address)

jimlongo(2018-06-05)

Nice, thanks for the quick fix, and a valuable tool.

Gaurav Maniar(2018-06-13)

You should not have to continue through this error message on legitimate website. This error is often phrased differently depending on the web browser.

Faheem iqbal(2019-06-10)

www.Cricketlivehd.com had the same problem. the better way it to just call your hosting guys and get the common name changed on their servers to solve it all for you.

Roberto Cortes(2020-09-08)

Has anyone been able to find a way to check hostname mismatch with OpenSSL

CP(2020-11-13)

Horizon Hobby thinks it is my browser(s)..... Gawd!

https://www.sslshopper.com/...

They are missing a SAN in their cert to make it work...dummies!

Advertisement • Hide