nerdexam
CompTIA

SY0-301 · Question #79

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website's address."

The correct answer is C. HTTPS://127.0.01 was used instead of HTTPS://localhost.. When a certificate is issued for the hostname 'localhost' but you access the site via its IP address '127.0.0.1', the browser checks the certificate's Common Name or Subject Alternative Name against the address in the URL. Since '127.0.0.1' and 'localhost' are technically differe

General security concepts

Question

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website's address."

Options

  • AThe website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.
  • BThe website is using a wildcard certificate issued for the company's domain.
  • CHTTPS://127.0.01 was used instead of HTTPS://localhost.
  • DThe website is using an expired self signed certificate.

How the community answered

(59 responses)
  • A
    7% (4)
  • B
    10% (6)
  • C
    81% (48)
  • D
    2% (1)

Explanation

When a certificate is issued for the hostname 'localhost' but you access the site via its IP address '127.0.0.1', the browser checks the certificate's Common Name or Subject Alternative Name against the address in the URL. Since '127.0.0.1' and 'localhost' are technically different identifiers, the names do not match, triggering the warning 'issued for a different website's address.' A different CA (A) would produce an untrusted CA warning. A wildcard certificate (B) covers subdomains and would not cause a name-mismatch error. An expired certificate (D) would produce an expiration warning, not a name mismatch.

Topics

#SSL/TLS certificates#certificate CN mismatch#PKI#HTTPS

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice