Jump to content


Photo

Certificate issue


  • Please log in to reply
7 replies to this topic

#1 Zylantex

Zylantex

    Newbie

  • Members
  • Pip
  • 10 posts
  • Gender:Male
  • Location:France

Posted 15 January 2012 - 02:30 PM

Of late I am getting a warning every time that outlook checks my email.

The server that you are connected to is using a certificate that cannot be verified. The target principal name is incorrect.

If I choose to view the cerificate I see the following:

All the intended purposes of this certificate could not be verified.
Issued to: hermes.supportdns.com
Issued by RapidSSl CA
Valid from 02/08/2011 to 5/8/2013

Then I must click "Yes" to continue to use this server.
If I click No" I get no emails and have to do a send and receive all over again and click "Yes".
I'm sure this must be affecting other people too.

I realise this is probably just a technical fault that doesn't really mean much but I have to respond every time I check my email and it's getting tedious.
  • 0

#2 MikeDVB

MikeDVB

    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,893 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 16 January 2012 - 11:06 PM

What version of Outlook are you using? Hermes has a valid RapidSSL certificate.
  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#3 Zylantex

Zylantex

    Newbie

  • Members
  • Pip
  • 10 posts
  • Gender:Male
  • Location:France

Posted 19 January 2012 - 10:33 AM

MS Outlook 2007 (12.0.4518.1014)

I'm still getting the message intermittantly. I am puzzled as to why it doesn't come up on every send and receive cycle but for some reason it only pops up the warning every now and then. The only thing I can think of is that whatever site Outlook checks the cert on is not always contactable, other than that I've got no other ideas.
  • 0

#4 Zylantex

Zylantex

    Newbie

  • Members
  • Pip
  • 10 posts
  • Gender:Male
  • Location:France

Posted 20 January 2012 - 12:59 AM

Here's what I see

Posted Image
  • 0

#5 MikeDVB

MikeDVB

    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,893 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 20 January 2012 - 01:13 AM

Yeah, Outlook 2007 is 5 years old and likely simply doesn't support the newer RapidSSL certificate chains. There isn't anything we can do on our end to "fix" this for you short of advising that you upgrade to a newer version of Outlook or perhaps give Thunderbird a try.
  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/

#6 fshagan

fshagan

    Member

  • Members
  • PipPip
  • 145 posts

Posted 20 January 2012 - 11:08 AM

This problem started cropping up in 2008, right after Outlook 2007 was released. We ran it at one of the companies I worked at, and there was a solution. I just can't recall what it was now; it is "client based" as Mike said.

It might be the top answer at this link:

justhost is a hosting service provider and if you/your company host your mail services on their non-dedicated servers, this umbrella wildcard certificate will be used to secure the connection.

There's a limitation in SSL/TLS that the host name the client is connecting to is not revealed to the server until a secure socket has been established. This means the server must blindly supply a default certificate which is the "*.justhost.com" you saw.

Thus if you access the mail server through your company's alias domain, e.g. mail.company.com, a certificate subject mismatch will occur. You could use the following steps to find the correct domain to use:

ping your mail server to get its IP address
Use nslookup or whois to get the host name of the server. The host name should end with "justhost.com", which is covered by the wildcard certificate.
Replace the POP/IMAP server and SMTP server address with the host name in Outlook


I'm not sure that was the solution. If I think of it, I'll post it here (what has happened to my memory? I forget when I lost it!)
  • 0

#7 Zylantex

Zylantex

    Newbie

  • Members
  • Pip
  • 10 posts
  • Gender:Male
  • Location:France

Posted 21 January 2012 - 08:59 AM

Thanks for the responses guys.

Fair enough, I accept that my software is getting on a bit and I should probably update it. More money down the tubes to to get what I already have!

Nevertheless it has only happened in the last couple of weeks, perhaps only since Jan 1st, so I thought it was a change at the server end. I collect email from 18 email addresses spread across the US, Canada and France. None of them give me this error, just some, not all, of my MDD mail and even at that not every time. So I'm a bit puzzled by the inconsistancy.
  • 0

#8 MikeDVB

MikeDVB

    Forum Administrator

  • Staff Administrator
  • PipPipPipPipPip
  • 2,893 posts
  • Gender:Male
  • Location:Central Indiana, USA

Posted 25 January 2012 - 04:24 PM

The same certificate is used no matter the email client/server/etc. http://www.rapidssl.com/
  • 0
Michael Denney - MDDHosting LLC - Providing Hosting since 2007
Scalable shared hosting plans in the cloud! Check them out!
Highly Available Cloud Shared, Reseller, and VPS
http://www.mddhosting.com/




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users