Forum Discussion
ERR_CERT_COMMON_NAME_INVALID
MicrosoftSharing the full certificate info of an incorrect certificate (see https://textslashplain.com/2017/03/30/get-help-with-https-problems/ ) or a Network Log (https://textslashplain.com/2020/01/17/capture-network-logs-from-edge-and-chrome/) would allow me to tell you what specifically is happening.
Eric_Lawrence Hi! The same problem is happening to me, and only in a specific situation: when accessing Twitter from an email I got on my Gmail saying I have a new Direct Message. If I click on the link from there, this happens. If I access Twitter from any other means, it works fine.
The certificate information and the network log are in attachment, in the same ZIP file.
Eric_Lawrence Yeah, I'm in Brazil, and that makes sense. Thank you for the assistance!
- Eric_Lawrence
The Twitter team reports that they're working on it; see the "reached out to" link above. (I'm presuming that you're located somewhere near Brazil; if not, it might be helpful for you to share a bit more info so I can make sure that they fix this everywhere that is impacted).
Eric_Lawrence Thank you! I'm not a web developer, but is there anything I can do to report this?
- Eric_Lawrence
RobertoSAG The immediate problem is that the certificate (thumbprint d4b95942dea3f885dc782634cbcc0c8cabe82b4c) being presented for "www.twitter.com" does not contain "www.twitter.com", only "twitter.com". The live certificate I see for Twitter when navigating to it from Texas, USA includes both. When navigating to Twitter from Brazil, I get the certificate lacking the "www." I reached out to Twitter Engineering.
It appears that either Twitter mis-issued this certificate (it should have included the "www." prefix), or misconfigured their servers such that a server which was supposed to use a "www." certificate instead chose the certificate that omitted the "www." entry.