Is traffic not encrypted given ERR_CERT_COMMON_NAME_INVALID?

If I am shown ERR_CERT_COMMON_NAME_INVALID, and I can see that the domains do not match (cert for * but I am visiting, do I understand correctly that someone packet sniffing will still see encrypted traffic?

I'm trying to make sure I understand the threat of accepting these incorrect SSL certs. As I see it, it would be possible that a MITM is reading the traffic (decrypt it, then encrypt it correctly to pass it to the https site?) But unlike http it would still be encrypted traffic to someone "outside" - yes?

It's been a long sleepless night so forgive the stupidity.


You are correct. When you get a certification name invalid error, the piece of TLS that you lose is the authentication component; knowing that you're talking to the server you think you're talking to. The encryption component is not affected. So, as you suspect, you may not be (or may be, it could just be a configuration issue) talking to the correct server/site, but the encryption between you and whoever it is you are talking to is intact.

Category: tls Time: 2016-07-28 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 0.181 (s). 12 q(s)