Web Hosting Forum | Lunarpages
News: April 3, 2008 - New Contest! - Win 5 Years of Hosting and $1,000!
June 30, 2008 - Submit Your Site for the July 08 Site of the Month Award!
 
Home Help Search Calendar Login Register
*
Welcome, Guest. Please login or register.
Did you miss your activation email? 		July 09, 2008, 01:14:02 AM


Login with username, password and session length


Web Hosting Forum | Lunarpages > Lunarpages Web Hosting - Online Help Desk > E-mail with your Lunarpages Hosting Plan > Mail can't verify the identity of [ourdomain.com]
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Mail can't verify the identity of [ourdomain.com]  (Read 516 times)
MDLarson
Space Explorer
***
Offline Offline

Posts: 9


WWW
« on: April 18, 2008, 07:16:35 AM »
I'm using Mac OS X 10.5.2 Leopard and Mail 3.2.

Whenever I check my email lately I get the following error message:
Quote
The certificate for this server is invalid.  You might be connecting to a server that is pretending to be [ourdomain.com] which could put your confidential information at risk.  Would you like to connect to the server anyway?

I can successfully connect anyway, but it's a hassle having to authenticate every time, and this kind of thing makes me nervous.

The server we use is omicron.lunarpages.com.  I can probably post more specific details if needed.
Logged
Mitch
Lunarpages Traffic Cop
Senior Moderator
Berserker Poster
*****
Offline Offline

Posts: 6766



WWW
« Reply #1 on: April 18, 2008, 07:24:42 AM »
Far from being an Apple expert but let me see if I can help.  Is there any internal setting in there that will allow you to “Always Trust” the certificate?  Also after doing some searching in Google one suggestion to fix this issue was to "put the exact domain name specified in the certificate in the fields for POP/IMAP/SMTP server".  Might give that a shot.
Logged
+ Submit Your Web Site for the July 08 Web Site of the Month Award!
+ Also Read the JUNE 2008 Lunarpages Newsletter! Good Stuff!

Mitch the Moderator - Please Respect & Review the Lunarforums Rules Before Posting!
Lunarpages Web Hosting | Lunarpages Forums | Lunarpages Affiliate Program
Need something to read?  Try Lunartics & the Lunarpages Newsletter!

Lunar Fun! - Share Your Computer's Desktop Thread!
MDLarson
Space Explorer
***
Offline Offline

Posts: 9


WWW
« Reply #2 on: April 18, 2008, 08:02:52 AM »
Well, I'll go out on a limb and post the entire error message, SSL certificate, and real domain name:

Quote
Mail can't verify the identity of "larsonsystems.com".
The certificate for this server was signed by an unknown certifying authority.  You might be connecting to a server that is pretending to be "larsonsystems.com" which could put your confidential information at risk.  Would you like to connect to the server anyway?

omicron.lunarpages.com
Root certificate authority
Expires:  Saturday, January 3, 2009 11:43:32 PM CT
This root certificate is not trusted.

Details

Subject Name
Country:  US
State/Province:  Unknown
Locality:  Unknown
Organization:  Unknown
Organizational Unit:  Unknown
Common Name:  omicron.lunarpages.com
Email Address:  ssl@omicron.lunarpages.com

Issuer Name
Country:  US
State/Province:  Unknown
Locality:  Unknown
Organization:  Unknown
Organizational Unit:  Unknown
Common Name:  omicron.lunarpages.com
Email Address:  ssl@omicron.lunarpages.com

Serial Number:  6956915690
Version:  3

Signature Algorithm:  MD5 with RSA Encryption ( 1 2 840 113549 1 1 4 )
Parameters:  none

Not Valid Before:  Friday, January 4, 2008 11:43:32 PM CT
Not Valid After:  Saturday, January 3, 2009 11:43:32 PM CT

Public Key Info
Algorithm:  RSA Encryption ( 1 2 840 113549 1 1 1 )
Parameters:  none
Public Key:  128 bytes : EA 80 F8 85 6F 2F F3 BE 55 1A 33 39 82 3F 73 FE A9 D1 2E 86 13 6C ED 24 BC 21 CC C8 F6 07 50 DB E4 B8 35 72 9B DB EA 43 34 93 2B 15 CB E1 A1 FD E9 BC 30 0B D2 22 C7 F9 FF 28 2B 77 AE C0 C4 8D 32 08 A2 49 38 87 F3 D6 C8 1C BB 68 C6 C2 10 5D B0 43 D1 F4 59 FF FF 73 3C A8 D9 9A FE B9 16 4F 23 31 11 E0 F9 2E 33 88 4E D2 01 13 8F 64 FC 0F 1D 37 06 EE 7C 16 EA AB 3D 07 2A F9 8A 5D 5A F7
Exponent:  65537
Key Size:  1024 bits
Key Usage:  Any
Signature:  128 bytes : A5 0D 45 D9 B3 DE AA 99 8F EC 07 CD 34 71 47 B0 DA 1C 20 59 EA 20 62 1E E6 6A 4B A6 F1 95 97 E0 1D A3 D7 1D 78 6E 14 71 BE 2D F5 D9 18 ED 17 1A 16 83 72 5B 81 5A DA B1 35 D6 25 03 4B 8E 8A AB 81 B8 42 0F 66 A3 8E 7B 8F 7C 8A 03 58 40 BE 1F 22 AD D7 51 FD 83 4F 96 1D 9A F8 AB 1F 39 F3 84 1D 26 5F D9 AF 0C 49 9F 2D 01 6E ED 05 3E 28 1D 50 86 11 C1 3A 1A F0 5A C4 E7 36 B2 44 61 7C 24

Extension:  Basic Constraints ( 2 5 29 19 )
Critical:  NO
Certificate Authority:  YES

Extension:  Subject Key Identifier ( 2 5 29 14 )
Critical:  NO
Key ID:  23 78 03 A4 91 15 B5 26 C7 54 CA 1D D7 24 A0 CF E7 6B 89 AE

Extension:  Authority Key Identifier ( 2 5 29 35 )
Critical:  NO
Key ID:  23 78 03 A4 91 15 B5 26 C7 54 CA 1D D7 24 A0 CF E7 6B 89 AE

Directory Name
Country:  US
State/Province:  Unknown
Locality:  Unknown
Organization:  Unknown
Organizational Unit:  Unknown
Common Name:  omicron.lunarpages.com
Email Address:  ssl@omicron.lunarpages.com
Serial Number:  01 9E AA 1B EA

Fingerprints
SHA1:  06 10 31 A1 9B 14 A9 F8 E5 BE 0C 66 DC DD D8 10 95 AB 52 A3
MD5:  C1 D5 1F C6 63 81 DA 1F C1 B9 F9 5C A3 DC 03 36

Mail does provide a checkbox that says "Always trust 'omicron.lunarpages.com' when connecting to 'larsonsystems.com'" but it doesn't seem to stick (curiously I am prompted twice for my admin password).  Additionally, I do have a drop-down menu that allows me to "Always Trust" when using this certificate, which I have not tried yet.

I am more interested in finding and fixing the root cause of this issue.  It's generally not a good idea to just accept things like this IMO.
Logged
Mitch
Lunarpages Traffic Cop
Senior Moderator
Berserker Poster
*****
Offline Offline

Posts: 6766



WWW
« Reply #3 on: April 18, 2008, 08:31:20 AM »
Ok, been working with support on this one and came up with some nifty solutions.  Try going through your Mail preferences and then security to see if you can set it to always trust this certificate.  Next you could try to change the address your connecting to, to secure.omicron.lunarpages.com.

Now the reason this is happening is the same reason you sometimes see a similar issues when logging into cPanel.  The certificate is good - the mail client just is giving you a wide spread fix to a complicated issue and it doesn't bother to really check the certificate at all.  Changing it to secure.omicron.lunarpages.com should keep the server mismatch error at bay though.  Hope that helps.
Logged
+ Submit Your Web Site for the July 08 Web Site of the Month Award!
+ Also Read the JUNE 2008 Lunarpages Newsletter! Good Stuff!

Mitch the Moderator - Please Respect & Review the Lunarforums Rules Before Posting!
Lunarpages Web Hosting | Lunarpages Forums | Lunarpages Affiliate Program
Need something to read?  Try Lunartics & the Lunarpages Newsletter!

Lunar Fun! - Share Your Computer's Desktop Thread!
MDLarson
Space Explorer
***
Offline Offline

Posts: 9


WWW
« Reply #4 on: April 18, 2008, 08:58:57 AM »
Yeah, I think this version of Mail (3.2) has a bug where no matter how many times you check the "always trust" box (and / or the second Trust section) it doesn't stick.  Checking these boxes functions the same as if you simply choose the Connect option.  Things work great after that, but if you quit and re-open Mail you will be prompted with the same Verify Certificate message and the options are back to the defaults.

I tried using both "omicron.lunarpages.com" and "secure.omicron.lunarpages.com" instead of "larsonsystems.com" for my POP and SMTP servers but I get the same error message behavior.  I'm curious about this as well, as the initial Lunar Pages email setup instructions say to use the domain name on the account (i.e. larsonsystems.com).

I'm going to try repairing permissions (a common Mac OS X troubleshooting technique) to see if that will fix the forgetful Mail settings.
Logged
Mitch
Lunarpages Traffic Cop
Senior Moderator
Berserker Poster
*****
Offline Offline

Posts: 6766



WWW
« Reply #5 on: April 18, 2008, 09:08:24 AM »
Yep, see the problem is the certificate is written out for server.lunarpages.com and when you login it is using secure.server.lunarpages.com.  There is no problem with the certificate it is just that the browser or in your case mail client doesn't know what to do with it.  Hope you fix works!
Logged
+ Submit Your Web Site for the July 08 Web Site of the Month Award!
+ Also Read the JUNE 2008 Lunarpages Newsletter! Good Stuff!

Mitch the Moderator - Please Respect & Review the Lunarforums Rules Before Posting!
Lunarpages Web Hosting | Lunarpages Forums | Lunarpages Affiliate Program
Need something to read?  Try Lunartics & the Lunarpages Newsletter!

Lunar Fun! - Share Your Computer's Desktop Thread!
MDLarson
Space Explorer
***
Offline Offline

Posts: 9


WWW
« Reply #6 on: April 18, 2008, 09:14:09 AM »
Repair permissions didn't do anything.   Confused

I'll submit this to Apple and direct them to this thread for details.

Thanks for your help... I don't envy your job when it comes to the constantly changing landscape that is email.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.3 | SMF © 2006-2007, Simple Machines LLC
Seo4Smf v0.2 © Webmaster's Talks

Valid XHTML 1.0! Valid CSS! Dilber MC Theme by HarzeM