Forum Discussion

KDkevindraper's avatar
KDkevindraper
Copper Contributor
Dec 19, 2020
Solved

ERR_CERT_COMMON_NAME_INVALID on Windows but not on Mac for same URL and both using Norton

Hi 

I'm trying to access a Box location for work. https:/apps.box.com/.... On Windows 10 I get the error ERR_CERT_COMMON_NAME_INVALID. I tried turning off auto-protect and smart-firewall in Norton. I get the same error using Edge and Chrome.

On my Mac I can access the Box location, using the same URL, in both Safari and Chrome. Both laptops are running up to date Norton and are accessing broadband via the same router.

It's a pukka website so I would be happy with a solution where windows trusts it.

Can anyone help please?

  • HotCakeX's avatar
    HotCakeX
    Dec 20, 2020

    KDkevindraper 

    please try this

     

    1. navigate to:  edge://net-internals/#hsts

    2. First, to confirm the domain’s HSTS settings are recorded by Edge, type the hostname into the Query Domain section, Click Query.

    If the Query box returns Found with settings information, the domain’s HSTS settings are saved in your browser.

    *Note that this is a very sensitive search. Only enter the hostname, such as www.example.com or example.com without a protocol or path.

     

    3. Type the same hostname into the Delete domain section and click on Delete.

     

    *Note that depending on the HSTS settings provided by the site, you may need to specify the proper subdomain. For example, the HSTS settings for staging.yoursite.com may be separate from yoursite.com so you may need to repeat the steps as appropriate.

     

    You can test if it's working properly by refreshing or navigating to the Box website again

  • Hi,
    the error is unlikely to be originating from Windows (unless you've removed the global certificate authorities from the built-in certificate store in Windows)
    it's most likely either a website problem or your 3rd party antivirus has installed its own certificate (for web scanning purposes) and that's what's causing problem.
    try uninstalling it.
    • KDkevindraper's avatar
      KDkevindraper
      Copper Contributor

      HotCakeX thanks for your suggestion. I haven't removed the global certificate authorities from the built-in certificate store in Windows. I uninstalled Norton and re-booted, when I try to access the Box site I get the same error. The detail description is this:

      app.box.com uses encryption to protect your information. When Microsoft Edge tried to connect to app.box.com this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be app.box.com, or a WiFi sign-in screen has interrupted the connection. Your information is still secure because Microsoft Edge stopped the connection before any data was exchanged.

      You can't visit app.box.com at the moment because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.


      It's unlikely to be a website problem as all the other team members are using it, mostly on Windows, and no-one else has had an issue. Also it works fine on my Mac. 

       

      Do you have any other suggestions, perhaps in Windows network settings? Years ago we used to set a website URL as "safe". Not sure you can do that nowadays.

       

      • HotCakeX's avatar
        HotCakeX
        MVP

        KDkevindraper 

        please try this

         

        1. navigate to:  edge://net-internals/#hsts

        2. First, to confirm the domain’s HSTS settings are recorded by Edge, type the hostname into the Query Domain section, Click Query.

        If the Query box returns Found with settings information, the domain’s HSTS settings are saved in your browser.

        *Note that this is a very sensitive search. Only enter the hostname, such as www.example.com or example.com without a protocol or path.

         

        3. Type the same hostname into the Delete domain section and click on Delete.

         

        *Note that depending on the HSTS settings provided by the site, you may need to specify the proper subdomain. For example, the HSTS settings for staging.yoursite.com may be separate from yoursite.com so you may need to repeat the steps as appropriate.

         

        You can test if it's working properly by refreshing or navigating to the Box website again

Resources