Forums

ERR_CERT_COMMON_NAME_INVALID with a valid cert

Hello, my site has been running for a few months now and i use the pythonanywhere 'auto renewing Let's encrypt certificate'

I have force HTTPS on and domain forwarding on godaddy to http://www.blah.com

This worked fine as naked domains forwarded to www. and were forced HTTPS.

I am finding though that every so often i am getting a 'ERR_CERT_COMMON_NAME_INVALID' error in chrome. A few other people have also seen it. Is this something to do with an issue with the cert?

I might happen once per week to me and i find it hard to reproduce.

Could be some caching in your browser? Does hard refresh help?

No it's random. It might be fine for now and then next week happen again. Also other people see the same problem. Hard refreshing does not change anything it seems.

does this happen when you explicitly type in https://techkno.io/ (ie. without www but with https)?

see the https redirection part of https://help.pythonanywhere.com/pages/NakedDomains/

yes, so now i can reproduce it! seems like no issue with all variants except with https://techkno.io without the www.

It is confusing to me though why i am getting the cert invalid error, as i do have redirecting active on both http and https for the naked domain.

Also techkno.io by itself works without issue.

Your best bet is to contact whoever is doing the https forward for you because it looks like they do not provide a certificate that matches the domain. See https://help.pythonanywhere.com/pages/NakedDomains/ for other alternatives.

Ok i will contact goDaddy who is providing the forwarding. In terms of the certificate, that is provided by PythonAnywhere.

The certificate on the www.techkno.io domain is provided by PythonAnywhere. The one that is causing the problem is on the techkno.io domain and that is not provided by PythonAnywhere, it is provided by GoDaddy.

Thank you, i will double check with them.

I have the impression that GoDaddy's domain forwarding service does not support HTTPS properly, which might explain the problem. If that is the case, then you could configure HTTPS forwarding using the free service from NakedSSL.

I have the same problem. ERR_CERT_COMMON_NAME_INVALID

What must I do when I have my own SSL (Comodo) certificate ?

I used nakedssl.com

Could you try to switch to our let's encrypt cert and see if it works?