How to Match a Website Certificate With Its True Owner
IT | Aug 11, 2016 | Master3395
You might not think about it much when browsing the web every day, but website certificates are incredibly important. Your browser handles so much transactional information in the background to make sure that you’re browsing the web safely.
Sometimes, though, you might see a website certificate error letting you know that the website’s certificate belongs to another page.
If you see these all the time, you might have an issue with your system’s clock being off or you might have some malware that needs cleaning, but if you only see it sometimes, it’s worth examining to understand the error.
To view any website’s certificate in any browser (except Edge), click the green padlock icon when visiting a page using HTTPS. Choose Details > View Certificate on Chrome, click the arrow and choose More Information on Firefox, and choose View Certificates on IE. This allows you to view who the certificate was assigned to.
However, one certificate can be valid for more than one URL name. If you view YouTube’s certificate, it shows as issued to google.com. By digging into the Details tab in any browser and finding Subject Alternative Name, you can see other names that the certificate is valid for. So, Google’s cert is valid for youtube.com, gmail.com, and android.com, for example.
Using this information to your advantage, you can find out if an invalid certificate warning is coming from a legitimate website name change (maybe Hewlett-Packard changes their name to Hewlett-Jackson and the site changes from hp.com to hj.com), or if it’s a cert for some shady URL across the world.
Keywords: Website, encryption, https, certificate
Comments:comments powered by Disqus
General (151) IT (342) Microsoft (164) Apple (68) Europe (2) Google (88) Norge (12) Lokale nyheter [Vestfold] (19) Roblox (0) Roblox Game Review (8) Roblox Model Review (0) Roblox Plugin Review (0) Tutorials (30)