CERT COMMON NAME INVALID doesn't mean what you think it does
Standards change, error codes don't
January 24, 2020
So you're checking your HTTPS on your website and see:
Hrm. There's only one piece of useful information here: ERR_CERT_COMMON_NAME_INVALID (there's some linked help but it doesn't contain anything for site owners). Seems like you need to fix the common name on your certificate. If you set up web sites in the early 2000s, you might even remember common names (also called CNs).
There's just one thing:
The error message is wrong - Chrome, like most web browsers, doesn't use Common Names.
The 'Common Name' field was used more than a decade ago, but has been phased out by browsers since 2001.
The real cause of the error is simple: the name of the site you're visiting isn't included on the certificate. For example, if you visited get.example.com and the certificate only contained example.com and www.example.com, you'd see this error.
You'll need to add an additional domain names to the domain names on the certificate. The field - the only field - that stores domain names on certificates these days is called 'Server Alternate Names', or SANs - so you might hear the process referred to as 'adding a new SAN' by people who like being specific.
The important bit is, getting a certificate with a new 'common name' won't fix the problem. Again, Chrome doesn't actually use the field anymore. Here's a certificate with no Common Name at all - it's fine.
To add a name to the certificate, contact your certificate provider to add the additional domain name you need.
Most SSL certificates allow you to add multiple domain names. Contact your certificate provider to add additional domains.
After you approve the change, you'll get a new certificate with the domain name added. You can simply overwrite your old certificate file with the new one.