Ssl error unrecognized name alert - Исправление ошибок и поиск оптимальных решений проблем

What caused the error err_ssl_unrecognized_name_alert on your site?

SSL error is a prevalent web browser security error that comes with the message “err_ssl_unrecognized_name_alert” when this site can not provide a secure connection or this is not a private connection on browsers such as Google Chrome, Safari, or Firefox. This error can be caused by the following reasons:

The SSL certificate that your visiting website is using is free or expired
SSL is not updating
The connection between the browser and the server is not secure
Because of something wrong with the SSL configuration.

So, how to fix this common trouble? In today’s guide, we will provide you with some ideas to handle this issue. Now, don’t waste your time. Let’s dive into our detailed solutions below.

Solutions to deal with err_ssl_unrecognized_name_alert error

Whether you are doubting that this trouble is caused for a wrong SSL configuration, you need to:

Make use of Qualys SSL Labs to find out the errors in the certificate you are using. If the scan informs any error messages, which means that you performed the wrong settings with the SSL configuration. Now, it’s time to reach out to your hosting provider or certificate provider and ask them for help.
In case, the tool doesn’t give you any errors after scanning, there is an error in your browser’s configuration. Then, let’s check if you are making use of the latest browser version. Next, you should clear the browser cache and visit your site again. Now, your problem should be handled. If not, keep reading to try the next method.

In case, you would like to connect the temporary URL and get this error, you only do according to the following steps:

First of all, you need to make sure that the temporary URL, WordPress site, and home URL load via HTTP://
Turn off Force HTTPs in the Control Panel
Deactivate the SSL plugin to stop it from forcing HTTPS://
In the .htaccess file, let’s delete redirects
Next, you can use a new incognito browser tab to make sure that there is no cache on your using browser(HTTPS://)

The final thought-err_ssl_unrecognized_name_alert

If you have read this far, congratulations! Your problem has just been resolved quickly. Hopefully, we gave you a useful blog to handle your issue timely. If you have any similar problems, don’t hesitate to mention them in the comment below. We are always willing to support you.

We’re Digital Content Marketing team from AgeThemes Marketplace. We provide quality content for everyone who using open source CMS like Joomla and WordPress. If you have any questions or feedback, feel free leave your comment, we happy to assist you asap.

Источник

Содержание

Engine Templates
Free Joomla templates, Free WordPress themes
err_ssl_unrecognized_name_alert: What should to do
Why do you meet “err_ssl_unrecognized_name_alert” error on your site?
How to tackle err_ssl_unrecognized_name_alert error?
The bottom lines-err_ssl_unrecognized_name_alert
sslerr¶
SSL Error Codes¶
SEC Error Codes¶

Engine Templates

Free Joomla templates, Free WordPress themes

Number of items in cart: 0

err_ssl_unrecognized_name_alert: What should to do

Why do you meet “err_ssl_unrecognized_name_alert” error on your site?

Once you approach your WordPress site. Unluckily if you get the following error “err_ssl_unrecognized_name_alert”, you need to acknowledge that this error happened since the certificate’s name is not determined. In other words, you may have the wrong settings with the SSL configuration. Moreover, once you try to access a temporary URL, you may also see this error. Furthermore, the error will happen when the temporary URL can not load over SSL (through https://).

So, how to handle this problem. Don’t worry, in today’s guide, we will demonstrate some solutions to address this error effectively. Now, let’s check them out.

How to tackle err_ssl_unrecognized_name_alert error?

If you think that this error is caused due to wrong settings with SSL configuration. The first thing you need to do:

Let’s utilize the Qualys SSL Labs to scan and determine the errors in the certificate you are using. In case, there is any error message displayed by the scan, which means that your SSL configuration has had the wrong settings. So, it is necessary for you to contact your hosting provider or certificate provider and request them for help.
In contrast, if there are no errors displayed after scanning, this error can be caused by something wrong in your browser’s configuration. Initially, you have to check if you are using the latest browser version. Then, let’s clear the browser cache and navigate to your WordPress site. Now, your problem should be solved. For any reason, if this error still happens, you can try another method.

Otherwise, if you want to visit the temporary URL and meet this error. You need to perform the following steps.

Make sure the temporary URL, WordPress site, and home URL load over HTTPS://
Disable Force HTTPS in the Control Panel
Deactivate the SSL plugin to stop it forcing https://
Get rid of redirects in the .htaccess file
After all, let’s use an incognito browser tab to ensure HTTPS:// is not cached.

The bottom lines-err_ssl_unrecognized_name_alert

Congratulations, we believe that your issue is now resolved. We expect that you find your favorite solution via our blog to tackle the “err_ssl_unrecognized_name_alert” error. If you have any queries, don’t hesitate to leave a comment below. Thanks for your reading.

We’re a Digital Team from EngineTemplate with 5 content experts. Our team has 5 years exp in open source Joomla and WordPress, we make daily blogs and build useful resources for everyone who is having issues with open source while using it.

Источник

sslerr¶

This page is part of the OLD SSL Reference that we are migrating into the format described in the MDN Style Guide. If you are inclined to help with this migration, your help would be very much appreciated.

Upgraded documentation may be found in the NSS reference

NSS and SSL Error Codes

`__NSS and SSL Error Codes

NSS error codes are retrieved using the NSPR function PR_GetError. In addition to the error codes defined by NSPR, PR_GetError retrieves the error codes described in this chapter.

SSL Error Codes¶

Table 8.1 Error codes defined in sslerr.h

Constant

Value

Description

“Unable to communicate securely. Peer does not support high-grade encryption.”

The local system was configured to support the cipher suites permitted for domestic use. The remote system was configured to support only the cipher suites permitted for export use.

“Unable to communicate securely. Peer requires high-grade encryption which is not supported.”

The remote system was configured to support the cipher suites permitted for domestic use. The local system was configured to support only the cipher suites permitted for export use.

“Cannot communicate securely with peer: no common encryption algorithm(s).”

The local and remote systems share no cipher suites in common. This can be due to a misconfiguration at either end. It can be due to a server being misconfigured to use a non-RSA certificate with the RSA key exchange algorithm.

“Unable to find the certificate or key necessary for authentication.”

This error has many potential causes; for example:

Certificate or key not found in database.

Certificate not marked trusted in database and Certificate’s issuer not marked trusted in database.

Wrong password for key database.

“Unable to communicate securely with peer: peers’s certificate was rejected.”

A certificate was received from the remote system and was passed to the certificate authentication callback function provided by the local application. That callback function returned SECFailure, and the bad certificate callback function either was not configured or did not choose to override the error code returned by the certificate authentication callback function.

“The server has encountered bad data from the client.”

This error code should occur only on sockets that are acting as servers. It is a generic error, used when none of the other more specific error codes defined in this file applies.

“The client has encountered bad data from the server.”

This error code should occur only on sockets that are acting as clients. It is a generic error, used when none of the other more specific error codes defined in this file applies.

“Unsupported certificate type.”

The operation encountered a certificate that was not one of the well known certificate types handled by the certificate library.

“Peer using unsupported version of security protocol.”

On a client socket, this means the remote server has attempted to negotiate the use of a version of SSL that is not supported by the NSS library, probably an invalid version number. On a server socket, this means the remote client has requested the use of a version of SSL older than version 2.

“Client authentication failed: private key in key database does not correspond to public key in certificate database.”

“Unable to communicate securely with peer: requested domain name does not match the server’s certificate.”

This error code should be returned by the certificate authentication callback function when it detects that the Common Name in the remote server’s certificate does not match the hostname sought by the local client, according to the matching rules specified for CERT_VerifyCertN ame.

“Peer only supports SSL version 2, which is locally disabled.”

The remote server has asked to use SSL version 2, and SSL version 2 is disabled in the local client’s configuration.

“SSL received a record with an incorrect Message Authentication Code.”

This usually indicates that the client and server have failed to come to agreement on the set of keys used to encrypt the application data and to check message integrity. If this occurs frequently on a server, an active attack (such as the “million question” attack) may be underway against the server.

“SSL peer reports incorrect Message Authentication Code.” The remote system has reported that it received a message with a bad Message Authentication Code from the local system. This may indicate that an attack on that server is underway.

“SSL peer cannot verify your certificate.”

The remote system has received a certificate from the local system, and has rejected it for some reason.

“SSL peer rejected your certificate as revoked.”

The remote system has received a certificate from the local system, and has determined that the certificate has been revoked.

“SSL peer rejected your certificate as expired.”

The remote system has received a certificate from the local system, and has determined that the certificate has expired.

“Cannot connect: SSL is disabled.”

The local socket is configured in such a way that it cannot use any of the SSL cipher suites. Possible causes include: (a) both SSL2 and SSL3 are disabled, (b) All the individual SSL cipher suites are disabled, or (c) the socket is configured to handshake as a server, but the certificate associated with that socket is inappropriate for the Key Exchange Algorithm selected.

“Cannot connect: SSL peer is in another FORTEZZA domain.”

The local system and the remote system are in different FORTEZZA domains. They must be in the same domain to communicate.

“An unknown SSL cipher suite has been requested.”

The application has attempted to configure SSL to use an unknown cipher suite.

“No cipher suites are present and enabled in this program.”

Possible causes: (a) all cipher suites have been configured to be disabled, (b) the only cipher suites that are configured to be enabled are those that are disallowed by cipher export policy, (c) the socket is configured to handshake as a server, but the certificate associated with that socket is inappropriate for the Key Exchange Algorithm selected.

“SSL received a record with bad block padding.”

SSL was using a Block cipher, and the last block in an SSL record had incorrect padding information in it. This usually indicates that the client and server have failed to come to agreement on the set of keys used to encrypt the application data and to check message integrity. If this occurs frequently on a server, an active attack (such as the “million question” attack) may be underway against the server.

“SSL received a record that exceeded the maximum permissible length.”

This generally indicates that the remote peer system has a flawed implementation of SSL, and is violating the SSL specification.

“SSL attempted to send a record that exceeded the maximum permissible length.”

This error should never occur. If it does, it indicates a flaw in the NSS SSL library.

“SSL peer has closed this connection.”

The local socket received an SSL3 alert record from the remote peer, reporting that the remote peer has chosen to end the connection. The receipt of this alert is an error only if it occurs while a handshake is in progress.

“SSL Server attempted to use domestic-grade public key with export cipher suite.”

On a client socket, this error reports that the remote server has failed to perform an “SSL Step down” for an export cipher. It has sent a certificate bearing a domestic-grade public key, but has not sent a ServerKeyExchange message containing an export-grade public key for the key exchange algorithm. Such a connection cannot be permitted without violating U.S. export policies. On a server socket, this indicates a failure of the local library.

“Server has no key for the attempted key exchange algorithm.”

An SSL client has requested an SSL cipher suite that uses a Key Exchange Algorithm for which the local server has no appropriate public key. This indicates a configuration error on the local server.

“PKCS #11 token was inserted or removed while operation was in progress.”

A cryptographic operation required to complete the handshake failed because the token that was performing it was removed while the handshake was underway. Another token may also have been inserted into the same slot.

“No PKCS#11 token could be found to do a required operation.”

A cryptographic operation required a PKCS#11 token with specific abilities, and no token could be found in any slot, including the “soft token” in the internal virtual slot, that could do the job. May indicate a server configuration error, such as having a certificate that is inappropriate for the Key Exchange Algorithm selected.

“Cannot communicate securely with peer: no common compression algorithm(s).”

“Cannot initiate another SSL handshake until current handshake is complete.”

“Received incorrect handshakes hash values from peer.”

“The certificate provided cannot be used with the selected key exchange algorithm.”

“No certificate authority is trusted for SSL client authentication.”

“Client’s SSL session ID not found in server’s session cache.”

“SSL server cache not configured and not disabled for this socket.”

“Renegotiation is not allowed on this SSL socket.”

** Received a malformed (too long or short or invalid content) SSL handshake: **

All the error codes in the following block indicate that the local socket received an improperly formatted SSL3 handshake message from the remote peer. This probably indicates a flaw in the remote peer’s implementation.

“SSL received a malformed Hello Request handshake message.”

“SSL received a malformed Client Hello handshake message.”

“SSL received a malformed Server Hello handshake message.”

“SSL received a malformed Certificate handshake message.”

“SSL received a malformed Server Key Exchange handshake message.”

“SSL received a malformed Certificate Request handshake message.”

“SSL received a malformed Server Hello Done handshake message.”

“SSL received a malformed Certificate Verify handshake message.”

“SSL received a malformed Client Key Exchange handshake message.”

“SSL received a malformed Finished handshake message.”

“SSL received a malformed New Session Ticket handshake message.”

Received a malformed (too long or short) SSL record:

All the error codes in the following block indicate that the local socket received an improperly formatted SSL3 record from the remote peer. This probably indicates a flaw in the remote peer’s implementation.

“SSL received a malformed Change Cipher Spec record.”

“SSL received a malformed Alert record.”

“SSL received a malformed Handshake record.”

“SSL received a malformed Application Data record.”

Received an SSL handshake that was inappropriate for the current state:

All the error codes in the following block indicate that the local socket received an SSL3 handshake message from the remote peer at a time when it was inappropriate for the peer to have sent this message. For example, a server received a message from another server. This probably indicates a flaw in the remote peer’s implementation.

“SSL received an unexpected Hello Request handshake message.”

“SSL received an unexpected Client Hello handshake message.”

“SSL received an unexpected Server Hello handshake message.”

“SSL received an unexpected Certificate handshake message.”

“SSL received an unexpected Server Key Exchange handshake message.”

“SSL received an unexpected Certificate Request handshake message.”

“SSL received an unexpected Server Hello Done handshake message.”

“SSL received an unexpected Certificate Verify handshake message.”

“SSL received an unexpected Client Key Exchange handshake message.”

“SSL received an unexpected Finished handshake message.”

“SSL received an unexpected New Session Ticket handshake message.”

Received an SSL record that was inappropriate for the current state:

All the error codes in the following block indicate that the local socket received an SSL3 record from the remote peer at a time when it was inappropriate for the peer to have sent this message. This probably indicates a flaw in the remote peer’s implementation.

“SSL received an unexpected Change Cipher Spec record.”

“SSL received an unexpected Alert record.”

“SSL received an unexpected Handshake record.”

“SSL received an unexpected Application Data record.”

Received record/message with unknown discriminant:

All the error codes in the following block indicate that the local socket received an SSL3 record or handshake message from the remote peer that it was unable to interpret because the byte that identifies the type of record or message contained an unrecognized value. This probably indicates a flaw in the remote peer’s implementation.

“SSL received a record with an unknown content type.”

“SSL received a handshake message with an unknown message type.”

“SSL received an alert record with an unknown alert description.”

Received an alert report:

“SSL peer was not expecting a handshake message it received.”

“SSL peer was unable to successfully decompress an SSL record it received.”

“SSL peer was unable to negotiate an acceptable set of security parameters.”

“SSL peer rejected a handshake message for unacceptable content.”

“SSL peer does not support certificates of the type it received.”

“SSL peer had some unspecified issue with the certificate it received.”

“Peer was unable to decrypt an SSL record it received.”

“Peer received an SSL record that was longer than is permitted.”

“Peer does not recognize and trust the CA that issued your certificate.”

“Peer received a valid certificate, but access was denied.”

“Peer could not decode an SSL handshake message.”

“Peer reports failure of signature verification or key exchange.”

“Peer reports negotiation not in compliance with export regulations.”

“Peer reports incompatible or unsupported protocol version.”

“Server requires ciphers more secure than those supported by client.”

“Peer reports it experienced an internal error.”

“Peer user canceled handshake.”

“Peer does not permit renegotiation of SSL security parameters.”

“SSL peer does not support requested TLS hello extension.”

“SSL peer could not obtain your certificate from the supplied URL.”

“SSL peer has no certificate for the requested DNS name.”

“SSL peer was unable to get an OCSP response for its certificate.”

“SSL peer reported bad certificate hash value.”

Unspecified errors that occurred while attempting some operation:

All the error codes in the following block describe the operation that was being attempted at the time of the unspecified failure. These failures may be caused by the system running out of memory, or errors returned by PKCS#11 routines that did not provide meaningful error codes of their own. These should rarely be seen. (Certain of these error codes have more specific meanings, as described.)

“SSL experienced a failure of its random number generator.”

“Unable to digitally sign data required to verify your certificate.”

“SSL was unable to extract the public key from the peer’s certificate.”

“Unspecified failure while processing SSL Server Key Exchange handshake.”

“Unspecified failure while processing SSL Client Key Exchange handshake.”

“Bulk data encryption algorithm failed in selected cipher suite.”

“Bulk data decryption algorithm failed in selected cipher suite.”

“Attempt to write encrypted data to underlying socket failed.”

After the data to be sent was encrypted, the attempt to send it out the socket failed. Likely causes include that the peer has closed the connection.

“MD5 digest function failed.”

“SHA-1 digest function failed.”

“Message Authentication Code computation failed.”

“Failure to create Symmetric Key context.”

“Failure to unwrap the Symmetric key in Client Key Exchange message.”

“PKCS11 code failed to translate an IV into a param.”

“Failed to initialize the selected cipher suite.”

“Failed to generate session keys for SSL session.”

On a client socket, indicates a failure of the PKCS11 key generation function. On a server socket, indicates a failure of one of the following: (a) to unwrap the pre-master secret from the ClientKeyExchange message, (b) to derive the master secret from the premaster secret, (c) to derive the MAC secrets, cryptographic keys, and initialization vectors from the master secret. If encountered repeatedly on a server socket, this can indicate that the server is actively under a “million question” attack.

“SSL received a compressed record that could not be decompressed.”

SEC Error Codes¶

Table 8.2 Security error codes defined in secerr.h

Constant

Value

Description

An I/O error occurred during authentication; or an error occurred during crypto operation (other than signature verification).

Security library failure.

Security library: received bad data.

Security library: output length error.

Security library: input length error.

Security library: invalid arguments.

Security library: invalid algorithm.

Security library: invalid AVA.

Security library: invalid time.

Security library: improperly formatted DER-encoded message.

Peer’s certificate has an invalid signature.

Peer’s certificate has expired.

Peer’s certificate has been revoked.

Peer’s certificate issuer is not recognized.

Peer’s public key is invalid

The password entered is incorrect.

New password entered incorrectly.

Security library: no nodelock.

Security library: bad database.

Security library: memory allocation failure.

Peer’s certificate issuer has been marked as not trusted by the user.

Peer’s certificate has been marked as not trusted by the user.

Certificate already exists in your database.

Downloaded certificate’s name duplicates one already in your database.

Error adding certificate to database.

Error refiling the key for this certificate.

The private key for this certificate cannot be found in key database.

This certificate is valid.

This certificate is not valid.

Certificate library: no response.

The certificate issuer’s certificate has expired.

The CRL for the certificate’s issuer has expired.

The CRL for the certificate’s issuer has an invalid signature.

New CRL has an invalid format.

Certificate extension value is invalid.

Certificate extension not found.

Issuer certificate is invalid.

Certificate path length constraint is invalid.

Certificate usages field is invalid.

The key does not support the requested operation.

Certificate contains unknown critical extension.

New CRL is not later than the current one.

Not encrypted or signed: you do not yet have an email certificate.

Not encrypted: you do not have certificates for each of the recipients.

Cannot decrypt: you are not a recipient, or matching certificate and private key not found.

Cannot decrypt: key encryption algorithm does not match your certificate.

Signature verification failed: no signer found, too many signers found, or improper or corrupted data.

Unsupported or unknown key algorithm.

Cannot decrypt: encrypted using a disallowed algorithm or key size.

FORTEZZA card has not been properly initialized.

No FORTEZZA cards found.

No FORTEZZA card selected.

Please select a personality to get more info on.

Personality not found

No more information on that personality.

Couldn’t initialize FORTEZZA personalities.

No KRL for this site’s certificate has been found.

The KRL for this site’s certificate has expired.

The KRL for this site’s certificate has an invalid signature.

The key for this site’s certificate has been revoked.

New KRL has an invalid format.

Security library: need random data.

Security library: no security module can perform the requested operation.

The security card or token does not exist, needs to be initialized, or has been removed.

Security library: read-only database.

No slot or token was selected.

A certificate with the same nickname already exists.

A key with the same nickname already exists.

Error while creating safe object.

Error while creating baggage object.

Couldn’t remove the principal.

Couldn’t delete the privilege

This principal doesn’t have a certificate.

Required algorithm is not allowed.

Error attempting to export certificates.

Error attempting to import certificates.

Unable to import. Decoding error. File not valid.

Unable to import. Invalid MAC. Incorrect password or corrupt file.

Unable to import. MAC algorithm not supported.

Unable to import. Only password integrity and privacy modes supported.

Unable to import. File structure is corrupt.

Unable to import. Encryption algorithm not supported.

Unable to import. File version not supported.

Unable to import. Incorrect privacy password.

Unable to import. Same nickname already exists in database.

The user clicked cancel.

Not imported, already in database.

Message not sent.

Certificate key usage inadequate for attempted operation.

Certificate type not approved for application.

Address in signing certificate does not match address in message headers.

Unable to import. Error attempting to import private key.

Unable to import. Error attempting to import certificate chain.

Unable to export. Unable to locate certificate or key by nickname.

Unable to export. Private key could not be located and exported.

Unable to export. Unable to write the export file.

Unable to import. Unable to read the import file.

Unable to export. Key database corrupt or deleted.

Unable to generate public-private key pair.

Password entered is invalid.

Old password entered incorrectly.

Certificate nickname already in use.

Peer FORTEZZA chain has a non-FORTEZZA Certificate.

“A sensitive key cannot be moved to the slot where it is needed.”

Invalid module name.

Invalid module path/filename.

Unable to add module.

Unable to delete module.

New KRL is not later than the current one.

New CKL has different issuer than current CKL.

Certificate issuer is not permitted to issue a certificate with this name.

“The key revocation list for this certificate is not yet valid.”

“The certificate revocation list for this certificate is not yet valid.”

“The requested certificate could not be found.”

“The signer’s certificate could not be found.”

“The location for the certificate status server has invalid format.”

“The OCSP response cannot be fully decoded; it is of an unknown type.”

“The OCSP server returned unexpected/invalid HTTP data.”

“The OCSP server found the request to be corrupted or improperly formed.”

“The OCSP server experienced an internal error.”

“The OCSP server suggests trying again later.”

“The OCSP server requires a signature on this request.”

“The OCSP server has refused this request as unauthorized.”

“The OCSP server returned an unrecognizable status.”

“The OCSP server has no status for the certificate.”

“You must enable OCSP before performing this operation.”

“You must set the OCSP default responder before performing this operation.”

“The response from the OCSP server was corrupted or improperly formed.”

“The signer of the OCSP response is not authorized to give status for this certificate.”

“The OCSP response is not yet valid (contains a date in the future).”

“The OCSP response contains out-of-date information.”

“The CMS or PKCS #7 Digest was not found in signed message.”

“The CMS or PKCS #7 Message type is unsupported.”

“PKCS #11 module could not be removed because it is still in use.”

“Could not decode ASN.1 data. Specified template was invalid.”

“No matching CRL was found.”

“You are attempting to import a cert with the same issuer/serial as an existing cert, but that is not the same cert.”

“NSS could not shutdown. Objects are still in use.”

“DER-encoded message contained extra unused data.”

“Unsupported elliptic curve.”

“Unsupported elliptic curve point form.”

“Unrecognized Object IDentifier.”

“Invalid OCSP signing certificate in OCSP response.”

“Certificate is revoked in issuer’s certificate revocation list.”

“Issuer’s OCSP responder reports certificate is revoked.”

“Issuer’s Certificate Revocation List has an unknown version number.”

“Issuer’s V1 Certificate Revocation List has a critical extension.”

“Issuer’s V2 Certificate Revocation List has an unknown critical extension.”

“Unknown object type specified.”

“PKCS #11 driver violates the spec in an incompatible way.”

“No new slot event is available at this time.”

“CRL already exists.”

“NSS is not initialized.”

“The operation failed because the PKCS#11 token is not logged in.”

“The configured OCSP responder’s certificate is invalid.”

“OCSP response has an invalid signature.”

“Certification validation search is out of search limits.”

“Policy mapping contains any-policy.”

“Certificate chain fails policy validation.”

“Unknown location type in certificate AIA extension.”

“Server returned a bad HTTP response.”

“Server returned a bad LDAP response.”

“Failed to encode data with ASN.1 encoder.”

“Bad information access location in certificate extension.”

“Libpkix internal error occurred during cert validation.”

“A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred.”

“A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed.”

“A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot.”

“Unknown information access method in certificate extension.”

“Error attempting to import a CRL.”

“Unknown PKCS #11 error.” (unknown error value mapping)

Источник

Why do you meet “err_ssl_unrecognized_name_alert” error on your site?

So, how to handle this problem. Don’t worry, in today’s guide, we will demonstrate some solutions to address this error effectively. Now, let’s check them out.

How to tackle err_ssl_unrecognized_name_alert error?

If you think that this error is caused due to wrong settings with SSL configuration. The first thing you need to do:

Let’s utilize the Qualys SSL Labs to scan and determine the errors in the certificate you are using. In case, there is any error message displayed by the scan, which means that your SSL configuration has had the wrong settings. So, it is necessary for you to contact your hosting provider or certificate provider and request them for help.
In contrast, if there are no errors displayed after scanning, this error can be caused by something wrong in your browser’s configuration. Initially, you have to check if you are using the latest browser version. Then, let’s clear the browser cache and navigate to your WordPress site. Now, your problem should be solved. For any reason, if this error still happens, you can try another method.

Otherwise, if you want to visit the temporary URL and meet this error. You need to perform the following steps.

Make sure the temporary URL, WordPress site, and home URL load over HTTPS://
Disable Force HTTPS in the Control Panel
Deactivate the SSL plugin to stop it forcing https://
Get rid of redirects in the .htaccess file
After all, let’s use an incognito browser tab to ensure HTTPS:// is not cached.

The bottom lines-err_ssl_unrecognized_name_alert

Источник

Why do you get err_ssl_unrecognized_name_alert error on your site?

When you access your WordPress website, have you ever got an err_ssl_unrecognized_name_alert error? If yes, you need to find out why it appears first. You can understand that this error is caused because the certificate’s name is not recognized. It may be something wrong with the SSL configuration. Furthermore, you may also get the error when you try to visit a temporary URL. It may be the temporary URL can not load over SSL (through https://).

In order to fix the trouble, we will suggest you some ideas. You can try each way to find the most suitable solution. So, what are you waiting for? Let’s go!

How to solve err_ssl_unrecognized_name_alert error?

If you suspect this error is caused by an SSL configuration error, you need to:

Use the Qualys SSL Labs to scan and check for the errors in the certificate you are utilizing. If the scan gives you any error messages, that means there is something wrong with the SSL configuration. Now, you need to get in touch with your hosting provider or certificate provider and ask them to support you.
In case there won’t be any errors after scanning, it may be an error in your browser’s configuration. Firstly, you need to check if you are utilizing the newest browser version. After that, simply clear the browser cache and go back to your site. If the trouble has been solved, congratulate. If not, let’s try another solution.

In case you want to access the temporary URL and see the error, all things you need to do:

Ensure the temporary URL, WordPress site, and home URL loads over http://
Turn off Force HTTPS in the Control Panel
Deactivate the SSL plugin to prevent it forcing https://
Remove redirects in the .htaccess file
After trying the steps above, let’s try an incognito browser tab to make sure https:// is not cached.

Wrapping up – err_ssl_unrecognized_name_alert

In conclusion, we hope that you can tackle the err_ssl_unrecognized_name_alert error effectively. If you think the blog is helpful, don’t hesitate to share it with your friends. Any ideas or solutions? Let’s show it in the comment box below. Thanks for your reading. Hope you enjoy it!

Author
Recent Posts

Welcome to LT Digital Team, we’re small team with 5 digital content marketers. We make daily blogs for Joomla! and WordPress CMS, support customers and everyone who has issues with these CMSs and solve any issues with blog instruction posts, trusted by over 1.5 million readers worldwide.

Источник

Constant

Value

Description

SEC_ERROR_IO

-8192

An I/O error occurred during
authentication; or
an error occurred during
crypto operation (other than
signature verification).

SEC_ERROR_LIBRARY_FAILURE

-8191

Security library failure.

SEC_ERROR_BAD_DATA

-8190

Security library: received bad
data.

SEC_ERROR_OUTPUT_LEN

-8189

Security library: output
length error.

SEC_ERROR_INPUT_LEN

-8188

Security library: input length
error.

SEC_ERROR_INVALID_ARGS

-8187

Security library: invalid
arguments.

SEC_ERROR_INVALID_ALGORITHM

-8186

Security library: invalid
algorithm.

SEC_ERROR_INVALID_AVA

-8185

Security library: invalid AVA.

SEC_ERROR_INVALID_TIME

-8184

Security library: invalid
time.

SEC_ERROR_BAD_DER

-8183

Security library: improperly
formatted DER-encoded message.

SEC_ERROR_BAD_SIGNATURE

-8182

Peer’s certificate has an
invalid signature.

SEC_ERROR_EXPIRED_CERTIFICATE

-8181

Peer’s certificate has
expired.

SEC_ERROR_REVOKED_CERTIFICATE

-8180

Peer’s certificate has been
revoked.

SEC_ERROR_UNKNOWN_ISSUER

-8179

Peer’s certificate issuer is
not recognized.

SEC_ERROR_BAD_KEY

-8178

Peer’s public key is invalid

SEC_ERROR_BAD_PASSWORD

-8177

The password entered is
incorrect.

SEC_ERROR_RETRY_PASSWORD

-8176

New password entered
incorrectly.

SEC_ERROR_NO_NODELOCK

-8175

Security library: no nodelock.

SEC_ERROR_BAD_DATABASE

-8174

Security library: bad
database.

SEC_ERROR_NO_MEMORY

-8173

Security library: memory
allocation failure.

SEC_ERROR_UNTRUSTED_ISSUER

-8172

Peer’s certificate issuer has
been marked as not trusted by
the user.

SEC_ERROR_UNTRUSTED_CERT

-8171

Peer’s certificate has been
marked as not trusted by the
user.

SEC_ERROR_DUPLICATE_CERT

-8170

Certificate already exists in
your database.

SEC_ERROR_DUPLICATE_CERT_NAME

-8169

Downloaded certificate’s name
duplicates one already in your
database.

SEC_ERROR_ADDING_CERT

-8168

Error adding certificate to
database.

SEC_ERROR_FILING_KEY

-8167

Error refiling the key for
this certificate.

SEC_ERROR_NO_KEY

-8166

The private key for this
certificate cannot be found in
key database.

SEC_ERROR_CERT_VALID

-8165

This certificate is valid.

SEC_ERROR_CERT_NOT_VALID

-8164

This certificate is not valid.

SEC_ERROR_CERT_NO_RESPONSE

-8163

Certificate library: no
response.

SEC_ER
ROR_EXPIRED_ISSUER_CERTIFICATE

-8162

The certificate issuer’s
certificate has expired.

SEC_ERROR_CRL_EXPIRED

-8161

The CRL for the certificate’s
issuer has expired.

SEC_ERROR_CRL_BAD_SIGNATURE

-8160

The CRL for the certificate’s
issuer has an invalid
signature.

SEC_ERROR_CRL_INVALID

-8159

New CRL has an invalid format.

SEC
_ERROR_EXTENSION_VALUE_INVALID

-8158

Certificate extension value is
invalid.

SEC_ERROR_EXTENSION_NOT_FOUND

-8157

Certificate extension not
found.

SEC_ERROR_CA_CERT_INVALID

-8156

Issuer certificate is invalid.

SEC_ERR
OR_PATH_LEN_CONSTRAINT_INVALID

-8155

Certificate path length
constraint is invalid.

SEC_ERROR_CERT_USAGES_INVALID

-8154

Certificate usages field is
invalid.

SEC_INTERNAL_ONLY

-8153

Internal-only module.

SEC_ERROR_INVALID_KEY

-8152

The key does not support the
requested operation.

SEC_ER
ROR_UNKNOWN_CRITICAL_EXTENSION

-8151

Certificate contains unknown
critical extension.

SEC_ERROR_OLD_CRL

-8150

New CRL is not later than the
current one.

SEC_ERROR_NO_EMAIL_CERT

-8149

Not encrypted or signed: you
do not yet have an email
certificate.

SEC_
ERROR_NO_RECIPIENT_CERTS_QUERY

-8148

Not encrypted: you do not have
certificates for each of the
recipients.

SEC_ERROR_NOT_A_RECIPIENT

-8147

Cannot decrypt: you are not a
recipient, or matching
certificate and private key
not found.

S
EC_ERROR_PKCS7_KEYALG_MISMATCH

-8146

Cannot decrypt: key encryption
algorithm does not match your
certificate.

SEC_ERROR_PKCS7_BAD_SIGNATURE

-8145

Signature verification failed:
no signer found, too many
signers found,
or improper or corrupted data.

SEC_ERROR_UNSUPPORTED_KEYALG

-8144

Unsupported or unknown key
algorithm.

S
EC_ERROR_DECRYPTION_DISALLOWED

-8143

Cannot decrypt: encrypted
using a disallowed algorithm
or key size.

XP_SEC_FORTEZZA_BAD_CARD

-8142

FORTEZZA card has not been
properly initialized.

XP_SEC_FORTEZZA_NO_CARD

-8141

No FORTEZZA cards found.

XP_SEC_FORTEZZA_NONE_SELECTED

-8140

No FORTEZZA card selected.

XP_SEC_FORTEZZA_MORE_INFO

-8139

Please select a personality to
get more info on.

XP
_SEC_FORTEZZA_PERSON_NOT_FOUND

-8138

Personality not found

XP_SEC_FORTEZZA_NO_MORE_INFO

-8137

No more information on that
personality.

XP_SEC_FORTEZZA_BAD_PIN

-8136

Invalid PIN.

XP_SEC_FORTEZZA_PERSON_ERROR

-8135

Couldn’t initialize FORTEZZA
personalities.

SEC_ERROR_NO_KRL

-8134

No KRL for this site’s
certificate has been found.

SEC_ERROR_KRL_EXPIRED

-8133

The KRL for this site’s
certificate has expired.

SEC_ERROR_KRL_BAD_SIGNATURE

-8132

The KRL for this site’s
certificate has an invalid
signature.

SEC_ERROR_REVOKED_KEY

-8131

The key for this site’s
certificate has been revoked.

SEC_ERROR_KRL_INVALID

-8130

New KRL has an invalid format.

SEC_ERROR_NEED_RANDOM

-8129

Security library: need random
data.

SEC_ERROR_NO_MODULE

-8128

Security library: no security
module can perform the
requested operation.

SEC_ERROR_NO_TOKEN

-8127

The security card or token
does not exist, needs to be
initialized, or has been
removed.

SEC_ERROR_READ_ONLY

-8126

Security library: read-only
database.

SEC_ERROR_NO_SLOT_SELECTED

-8125

No slot or token was selected.

SEC
_ERROR_CERT_NICKNAME_COLLISION

-8124

A certificate with the same
nickname already exists.

SE
C_ERROR_KEY_NICKNAME_COLLISION

-8123

A key with the same nickname
already exists.

SEC_ERROR_SAFE_NOT_CREATED

-8122

Error while creating safe
object.

SEC_ERROR_BAGGAGE_NOT_CREATED

-8121

Error while creating baggage
object.

XP_JAVA_REMOVE_PRINCIPAL_ERROR

-8120

Couldn’t remove the principal.

XP_JAVA_DELETE_PRIVILEGE_ERROR

-8119

Couldn’t delete the privilege

XP_JAVA_CERT_NOT_EXISTS_ERROR

-8118

This principal doesn’t have a
certificate.

SEC_ERROR_BAD_EXPORT_ALGORITHM

-8117

Required algorithm is not
allowed.

SE
C_ERROR_EXPORTING_CERTIFICATES

-8116

Error attempting to export
certificates.

SE
C_ERROR_IMPORTING_CERTIFICATES

-8115

Error attempting to import
certificates.

SEC_ERROR_PKCS12_DECODING_PFX

-8114

Unable to import. Decoding
error. File not valid.

SEC_ERROR_PKCS12_INVALID_MAC

-8113

Unable to import. Invalid MAC.
Incorrect password or corrupt
file.

SEC_ERROR_PK
CS12_UNSUPPORTED_MAC_ALGORITHM

-8112

Unable to import. MAC
algorithm not supported.

SEC_ERROR_PKC
S12_UNSUPPORTED_TRANSPORT_MODE

-8111

Unable to import. Only
password integrity and privacy
modes supported.

SEC_ERROR
_PKCS12_CORRUPT_PFX_STRUCTURE

-8110

Unable to import. File
structure is corrupt.

SEC_ERROR_PK
CS12_UNSUPPORTED_PBE_ALGORITHM

-8109

Unable to import. Encryption
algorithm not supported.

SEC_ER
ROR_PKCS12_UNSUPPORTED_VERSION

-8108

Unable to import. File version
not supported.

SEC_ERROR_PKC
S12_PRIVACY_PASSWORD_INCORRECT

-8107

Unable to import. Incorrect
privacy password.

S
EC_ERROR_PKCS12_CERT_COLLISION

-8106

Unable to import. Same
nickname already exists in
database.

SEC_ERROR_USER_CANCELLED

-8105

The user clicked cancel.

S
EC_ERROR_PKCS12_DUPLICATE_DATA

-8104

Not imported, already in
database.

SEC_ERROR_MESSAGE_SEND_ABORTED

-8103

Message not sent.

SEC_ERROR_INADEQUATE_KEY_USAGE

-8102

Certificate key usage
inadequate for attempted
operation.

SEC_ERROR_INADEQUATE_CERT_TYPE

-8101

Certificate type not approved
for application.

SEC_ERROR_CERT_ADDR_MISMATCH

-8100

Address in signing certificate
does not match address in
message headers.

SEC_ERR
OR_PKCS12_UNABLE_TO_IMPORT_KEY

-8099

Unable to import. Error
attempting to import private
key.

SEC_ERR
OR_PKCS12_IMPORTING_CERT_CHAIN

-8098

Unable to import. Error
attempting to import
certificate chain.

SEC_ERROR_PKCS12_U
NABLE_TO_LOCATE_OBJECT_BY_NAME

-8097

Unable to export. Unable to
locate certificate or key by
nickname.

SEC_ERRO
R_PKCS12_UNABLE_TO_EXPORT_KEY

-8096

Unable to export. Private key
could not be located and
exported.

SE
C_ERROR_PKCS12_UNABLE_TO_WRITE

-8095

Unable to export. Unable to
write the export file.

S
EC_ERROR_PKCS12_UNABLE_TO_READ

-8094

Unable to import. Unable to
read the import file.

SEC_ERROR_PKCS1
2_KEY_DATABASE_NOT_INITIALIZED

-8093

Unable to export. Key database
corrupt or deleted.

SEC_ERROR_KEYGEN_FAIL

-8092

Unable to generate
public-private key pair.

SEC_ERROR_INVALID_PASSWORD

-8091

Password entered is invalid.

SEC_ERROR_RETRY_OLD_PASSWORD

-8090

Old password entered
incorrectly.

SEC_ERROR_BAD_NICKNAME

-8089

Certificate nickname already
in use.

SEC_ERROR_NOT_FORTEZZA_ISSUER

-8088

Peer FORTEZZA chain has a
non-FORTEZZA Certificate.

SEC_E
RROR_CANNOT_MOVE_SENSITIVE_KEY

-8087

“A sensitive key cannot be
moved to the slot where it is
needed.”

SE
C_ERROR_JS_INVALID_MODULE_NAME

-8086

Invalid module name.

SEC_ERROR_JS_INVALID_DLL

-8085

Invalid module path/filename.

SEC_ERROR_JS_ADD_MOD_FAILURE

-8084

Unable to add module.

SEC_ERROR_JS_DEL_MOD_FAILURE

-8083

Unable to delete module.

SEC_ERROR_OLD_KRL

-8082

New KRL is not later than the
current one.

SEC_ERROR_CKL_CONFLICT

-8081

New CKL has different issuer
than current CKL.

SE
C_ERROR_CERT_NOT_IN_NAME_SPACE

-8080

Certificate issuer is not
permitted to issue a
certificate with this name.

SEC_ERROR_KRL_NOT_YET_VALID

-8079

“The key revocation list for
this certificate is not yet
valid.”

SEC_ERROR_CRL_NOT_YET_VALID

-8078

“The certificate revocation
list for this certificate is
not yet valid.”

SEC_ERROR_UNKNOWN_CERT

-8077

“The requested certificate
could not be found.”

SEC_ERROR_UNKNOWN_SIGNER

-8076

“The signer’s certificate
could not be found.”

SEC_
ERROR_CERT_BAD_ACCESS_LOCATION

-8075

“The location for the
certificate status server has
invalid format.”

SEC_ER
ROR_OCSP_UNKNOWN_RESPONSE_TYPE

-8074

“The OCSP response cannot be
fully decoded; it is of an
unknown type.”

SE
C_ERROR_OCSP_BAD_HTTP_RESPONSE

-8073

“The OCSP server returned
unexpected/invalid HTTP data.”

SE
C_ERROR_OCSP_MALFORMED_REQUEST

-8072

“The OCSP server found the
request to be corrupted or
improperly formed.”

SEC_ERROR_OCSP_SERVER_ERROR

-8071

“The OCSP server experienced
an internal error.”

S
EC_ERROR_OCSP_TRY_SERVER_LATER

-8070

“The OCSP server suggests
trying again later.”

SE
C_ERROR_OCSP_REQUEST_NEEDS_SIG

-8069

“The OCSP server requires a
signature on this request.”

SEC_E
RROR_OCSP_UNAUTHORIZED_REQUEST

-8068

“The OCSP server has refused
this request as unauthorized.”

SEC_ERRO
R_OCSP_UNKNOWN_RESPONSE_STATUS

-8067

“The OCSP server returned an
unrecognizable status.”

SEC_ERROR_OCSP_UNKNOWN_CERT

-8066

“The OCSP server has no status
for the certificate.”

SEC_ERROR_OCSP_NOT_ENABLED

-8065

“You must enable OCSP before
performing this operation.”

SEC_E
RROR_OCSP_NO_DEFAULT_RESPONDER

-8064

“You must set the OCSP default
responder before performing
this operation.”

SEC
_ERROR_OCSP_MALFORMED_RESPONSE

-8063

“The response from the OCSP
server was corrupted or
improperly formed.”

SEC_ER
ROR_OCSP_UNAUTHORIZED_RESPONSE

-8062

“The signer of the OCSP
response is not authorized to
give status for this
certificate.”

SEC_ERROR_OCSP_FUTURE_RESPONSE

-8061

“The OCSP response is not yet
valid (contains a date in the
future).”

SEC_ERROR_OCSP_OLD_RESPONSE

-8060

“The OCSP response contains
out-of-date information.”

SEC_ERROR_DIGEST_NOT_FOUND

-8059

“The CMS or PKCS #7 Digest was
not found in signed message.”

SEC_
ERROR_UNSUPPORTED_MESSAGE_TYPE

-8058

“The CMS or PKCS #7 Message
type is unsupported.”

SEC_ERROR_MODULE_STUCK

-8057

“PKCS #11 module could not be
removed because it is still in
use.”

SEC_ERROR_BAD_TEMPLATE

-8056

“Could not decode ASN.1 data.
Specified template was
invalid.”

SEC_ERROR_CRL_NOT_FOUND

-8055

“No matching CRL was found.”

SEC_
ERROR_REUSED_ISSUER_AND_SERIAL

-8054

“You are attempting to import
a cert with the same
issuer/serial as an existing
cert, but that is not the same
cert.”

SEC_ERROR_BUSY

-8053

“NSS could not shutdown.
Objects are still in use.”

SEC_ERROR_EXTRA_INPUT

-8052

“DER-encoded message contained
extra unused data.”

SEC_ER
ROR_UNSUPPORTED_ELLIPTIC_CURVE

-8051

“Unsupported elliptic curve.”

SEC_E
RROR_UNSUPPORTED_EC_POINT_FORM

-8050

“Unsupported elliptic curve
point form.”

SEC_ERROR_UNRECOGNIZED_OID

-8049

“Unrecognized Object
IDentifier.”

SEC_E
RROR_OCSP_INVALID_SIGNING_CERT

-8048

“Invalid OCSP signing
certificate in OCSP response.”

SEC
_ERROR_REVOKED_CERTIFICATE_CRL

-8047

“Certificate is revoked in
issuer’s certificate
revocation list.”

SEC_
ERROR_REVOKED_CERTIFICATE_OCSP

-8046

“Issuer’s OCSP responder
reports certificate is
revoked.”

SEC_ERROR_CRL_INVALID_VERSION

-8045

“Issuer’s Certificate
Revocation List has an unknown
version number.”

SEC_E
RROR_CRL_V1_CRITICAL_EXTENSION

-8044

“Issuer’s V1 Certificate
Revocation List has a critical
extension.”

SEC_ERROR_
CRL_UNKNOWN_CRITICAL_EXTENSION

-8043

“Issuer’s V2 Certificate
Revocation List has an unknown
critical extension.”

SEC_ERROR_UNKNOWN_OBJECT_TYPE

-8042

“Unknown object type
specified.”

SEC_ERROR_INCOMPATIBLE_PKCS11

-8041

“PKCS #11 driver violates the
spec in an incompatible way.”

SEC_ERROR_NO_EVENT

-8040

“No new slot event is
available at this time.”

SEC_ERROR_CRL_ALREADY_EXISTS

-8039

“CRL already exists.”

SEC_ERROR_NOT_INITIALIZED

-8038

“NSS is not initialized.”

SEC_ERROR_TOKEN_NOT_LOGGED_IN

-8037

“The operation failed because
the PKCS#11 token is not
logged in.”

SEC_ERR
OR_OCSP_RESPONDER_CERT_INVALID

-8036

“The configured OCSP
responder’s certificate is
invalid.”

SEC_ERROR_OCSP_BAD_SIGNATURE

-8035

“OCSP response has an invalid
signature.”

SEC_ERROR_OUT_OF_SEARCH_LIMITS

-8034

“Certification validation
search is out of search
limits.”

SE
C_ERROR_INVALID_POLICY_MAPPING

-8033

“Policy mapping contains
any-policy.”

SEC_
ERROR_POLICY_VALIDATION_FAILED

-8032

“Certificate chain fails
policy validation.”

SEC_E
RROR_UNKNOWN_AIA_LOCATION_TYPE

-8031

“Unknown location type in
certificate AIA extension.”

SEC_ERROR_BAD_HTTP_RESPONSE

-8030

“Server returned a bad HTTP
response.”

SEC_ERROR_BAD_LDAP_RESPONSE

-8029

“Server returned a bad LDAP
response.”

S
EC_ERROR_FAILED_TO_ENCODE_DATA

-8028

“Failed to encode data with
ASN.1 encoder.”

SEC_
ERROR_BAD_INFO_ACCESS_LOCATION

-8027

“Bad information access
location in certificate
extension.”

SEC_ERROR_LIBPKIX_INTERNAL

-8026

“Libpkix internal error
occurred during cert
validation.”

SEC_ERROR_PKCS11_GENERAL_ERROR

-8025

“A PKCS #11 module returned
CKR_GENERAL_ERROR, indicating
that an unrecoverable error
has occurred.”

SE
C_ERROR_PKCS11_FUNCTION_FAILED

-8024

“A PKCS #11 module returned
CKR_FUNCTION_FAILED,
indicating that the requested
function could not be
performed. Trying the same
operation again might
succeed.”

SEC_ERROR_PKCS11_DEVICE_ERROR

-8023

“A PKCS #11 module returned
CKR_DEVICE_ERROR, indicating
that a problem has occurred
with the token or slot.”

SE
C_ERROR_BAD_INFO_ACCESS_METHOD

-8022

“Unknown information access
method in certificate
extension.”

SEC_ERROR_CRL_IMPORT_FAILED

-8021

“Error attempting to import a
CRL.”

SEC_ERROR_UNKNOWN_PKCS11_ERROR

-8018

“Unknown PKCS #11 error.”
(unknown error value mapping)

Источник