ErrorFindly
0x80090322SystemMedium

Error 0x80090322 — Wrong Principal (SEC_E_WRONG_PRINCIPAL) | Windows System Error Fix

Windows 11Windows 10Windows Server 2022

What Does 0x80090322 Mean?

The target principal name is incorrect. The server name in the certificate does not match the expected name.

Real-World Causes

  1. 1SSL/TLS certificate does not match the server hostname
  2. 2Kerberos SPN (Service Principal Name) mismatch
  3. 3DNS returning a different server than expected
  4. 4Load balancer or proxy presenting the wrong certificate

Symptoms

  • HTTPS connections fail with name mismatch
  • Kerberos authentication fails
  • Remote Desktop shows certificate warning
  • Web browsers show 'certificate name mismatch' error

DIY Fix

Beginner-friendly steps you can try at home

  1. 1Verify you are connecting to the correct server name
  2. 2Check DNS resolution: the hostname should resolve to the expected server
  3. 3Accept the certificate warning if you trust the server (for internal servers)
  4. 4Contact the server administrator about the certificate mismatch

Advanced Fix

For experienced users and IT professionals

  1. 1For Kerberos: check SPNs with 'setspn -L accountname' and correct mismatches
  2. 2Install a certificate that matches the server hostname
  3. 3For load balanced environments, use a SAN (Subject Alternative Name) certificate covering all names

Frequently Asked Questions

What is an SPN?
A Service Principal Name (SPN) uniquely identifies a service instance in Active Directory for Kerberos authentication. If the SPN does not match the server name clients use, Kerberos authentication fails and may fall back to NTLM or fail entirely.

Related Error Codes

0x80090304Internal Error (SEC_E_INTERNAL_ERROR)0x8009033FAlgorithm Mismatch (SEC_E_ALGORITHM_MISMATCH)

About the Author

Windows Troubleshooting Team

Verified against official Microsoft documentation and real-world diagnostic data. Error behavior confirmed across Windows 10, Windows 11, and Windows Server.