Microsoft KB Archive/813618

= Security Alert: The Name of the Security Certificate Is Invalid or Does Not Match the Name of the Site =

Article ID: 813618

Article Last Modified on 11/21/2006

-

APPLIES TO


 * Microsoft Internet Information Server 1.01

-



SYMPTOMS
When you use Secure Sockets Layer (SSL) to open a Web site or Web page that is hosted on Internet Information Services (IIS), you may receive the following security message:

The name of the security certificate is invalid or does not match the name of the site

If you continue, you can view the site by using HTTPS.



CAUSE
The common name that you specified when you generated the certificate request for that Web site does not match the URL that is used to access the Web site. For example, if you access the site by typing an IP address or the server name, but the common name that is specified in the certificate request is www.adatum.com, you receive the security message.



RESOLUTION
To avoid this warning, make sure that the common name that is specified when you generate the certificate request matches the URL that will be used to access the site.

If the URL that will be used to access the site cannot be changed to match the common name on the certificate, follow these steps:
 * 1) Create another certificate request. Make sure that the common name matches the URL that is used to access the Web site.
 * 2) Have your certification authority generate a new certificate.
 * 3) Use the new certificate for the Web site.



STATUS
This behavior is by design.



MORE INFORMATION
If you see this behavior when you access a Web site that is published by someone else, the authors may have configured their site certificate incorrectly and you should provide feedback to the site administrator. In this case, use caution when you exchange personal information.

To avoid all security messages when you access a site by using HTTPS, the security certificate must meet the following two additional critieria:
 * The security certificate must be from a trusted certification authority.
 * The security certificate date must be valid.

