Which of the following could cause a browser to display the message below?
“The security certificate presented by this website was issued for a different website’s address.”

A.
The website certificate was issued by a different CA than what the browser recognizes in its trusted
CAs.

B.
The website is using a wildcard certificate issued for the company’s domain.

C.
HTTPS://127.0.01 was used instead of HTTPS://localhost.

D.
The website is using an expired self signed certificate.

Explanation:
PKI is a two-key, asymmetric system with four main components: certificate authority (CA), registration
authority (RA), RSA (the encryption algorithm), and digital certificates. In typical public key infrastructure
(PKI) arrangements, a digital signature from a certificate authority (CA) attests that a particular public key
certificate is valid (i.e., contains correct information). Users, or their software on their behalf, check that
the private key used to sign some certificate matches the public key in the CA’s certificate. Since CA
certificates are often signed by other, “higher-ranking,” CAs, there must necessarily be a highest CA,
which provides the ultimate in attestation authority in that particular PKI scheme.
Localhost is a hostname that means this computer and may be used to access the computer’s own
network services via its loopback network interface. Using the loopback interface bypasses local network
interface hardware. In this case the HTTPS://127.0.01 was used and not HTTPS//localhost
Incorrect Answers:
A: This is not a case where the certificate was issued by a different CA.
B: A wildcard certificate is a public key certificate which can be used with multiple subdomains of a
domain. This option will not yield an error message
D: A self-signed certificate is an identity certificate that is signed by the same entity whose identity it
certifies.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 262, 280-281