Security Alert: The Name of the Security Certificate Is Invalid or Does Not Match the Name of the Site

Retired KB Content Disclaimer

This article was written about products for which Microsoft no longer offers support. Therefore, this article is offered "as is" and will no longer be updated.


When you use Secure Sockets Layer (SSL) to open a Web site or Web page that is hosted on Internet Information Services (IIS), you may receive the following security message:
The name of the security certificate is invalid or does not match the name of the site

If you continue, you can view the site by using HTTPS.


The common name that you specified when you generated the certificate request for that Web site does not match the URL that is used to access the Web site. For example, if you access the site by typing an IP address or the server name, but the common name that is specified in the certificate request is, you receive the security message.


To avoid this warning, make sure that the common name that is specified when you generate the certificate request matches the URL that will be used to access the site.

If the URL that will be used to access the site cannot be changed to match the common name on the certificate, follow these steps:
  1. Create another certificate request. Make sure that the common name matches the URL that is used to access the Web site.
  2. Have your certification authority generate a new certificate.
  3. Use the new certificate for the Web site.


This behavior is by design.

More Information

If you see this behavior when you access a Web site that is published by someone else, the authors may have configured their site certificate incorrectly and you should provide feedback to the site administrator. In this case, use caution when you exchange personal information.

To avoid all security messages when you access a site by using HTTPS, the security certificate must meet the following two additional critieria:
  • The security certificate must be from a trusted certification authority.
  • The security certificate date must be valid.


For more information about generating a new certificate request, click the following article number to view the article in the Microsoft Knowledge Base:

290625 How to: Configure SSL in a Windows 2000 IIS 5.0 Test Environment by Using Certificate Server 2.0


Article ID: 813618 - Last Review: Nov 21, 2006 - Revision: 1