I have some email addresses hosted with DreamHost. the email addresses
are of the form [email protected] (these are used by our church).
Within the last few days, I get a popup whenever the mail server
(mail.rosemontcc.org) is accessed about the "common name" not being
correct. mail.dreamhost.com is the "common name" in the certificate but
the real name is mail.rosemontcc.org. Since they do not match, the
popup telling about it comes up. I have tried to tell Seamonkey
(2.17.1) to accept the certificate anyway but the next time Seamonkey
goes to that mail server, the certificate error pops up again.
DreamHost support says that their certificate string is valid. They
(DreamHost) admits to making changes:
We recently made changes to the security certificates used to receive
mail for all DreamHost-hosted mail accounts across all our mail clusters.
The newcertificates have an improved trust chain linking them to a
third-party CA.
http://www.dreamhoststatus.com/2013/05/02/14570/
http://www.dreamhoststatus.com/2013/05/09/secure-certificate-changes-coming-for-imap-and-pop-on-homiemail-sub4-and-homiemail-sub5-email-clusters-on-may-14th/
The new certificates are still written for our dreamhost.com domain and
not your DOMAIN.TLD domain, so your mail program may ask you whether you
want to trust the certificate and require you verify you want to connect.
You can examine the certificate information received by your mail program
to verify it matches the information at this link and is valid.
http://www.sslshopper.com/ssl-checker.html#hostname=mail.DOMAIN.TLD:993
I told Seamonkey to trust the certificate but it still fails.
So far, the only way that I have found to eliminate the popup about the
certificate mismatch is to turn off, entirely, the use of OCSP and I do
not want to do that.
Does it take time for the certificate changes to propagate down? I have
had this problem for two or three days now.
Should DreamHost have generated/created/whatever a certificate for each
mail domain that they host on their mail servers?
If not, what steps can I take with either DreamHost or on my machine to
resolve this?
DreamHost Support says:
As mentioned we unfortunately cannot support the third party application
itself.
I recommend contact MOzilla or trying their support forums to see if
anyone has had a similar issue and resolved it.
And I don't know where to go from here.
Thanks
_______________________________________________
support-seamonkey mailing list
[email protected]
https://lists.mozilla.org/listinfo/support-seamonkey
