Did Webfaction change the certificate it uses on smtp.webfaction.com? Attempting to send email, I'm getting an SSL error that I'm missing the needed root certificate. This only started for me today and I've not changed the certificate configuration on my system. I'm running OS X 10.6.8. I don't have this problem with IMAP over SSL at mail.webfaction.com, but that server is using a different certificate. If this behavior is appropriate, where can I safely get the missing root certificate? (This is a wee bit annoying.) The certificate in question:
That is to say...
asked 23 Aug '13, 19:35 x704 |
We have updated the certificates 2 days ago according to our internal change logs. Try clearing your clients cached certificates or try another client such as Mozilla to see if the issue continues, if it does submit a support ticket and we can assist further. answered 23 Aug '13, 21:48 johns The error vanished by itself on smtp.webfaction.com, but now it's acting up on mail.webfaction.com. The issues shows up if I manually connect, so it's not a problem with my mail client:
(28 Aug '13, 20:28)
x704
That message just means the server is not asking for client certificates, which is fine.
(29 Aug '13, 03:06)
waynek
(Sorry, emphasis was added by the comment system, not me.) The problem appears to have gone away for now; it looks like the server is using the old certificate again. Shouldn't Dovecot include the intermediate certificate(s) in the certificate chain? Webfaction's Postfix SSL configuration is operating with the new certificates and sending them correctly.
(29 Aug '13, 04:58)
x704
We're still working on upgrading the certificates to be consistent everywhere. Please wait about a week and let us know if you're still seeing this afterward.
(30 Aug '13, 00:11)
ryans ♦♦
Sorry, it may be redundant to point out that Dovecot is back to not sending the certificate chain with the new cert. Would it work to concatenate the server certificate with the intermediates?
(02 Sep '13, 21:07)
x704
That's not exactly the problem, for example you can see from this command that everything is working on the
but that it's not working on
We have an internal ticket about this issue and we're working on it; it's not as simple as the certificate chain being concatenated or not.
(02 Sep '13, 21:13)
ryans ♦♦
showing 5 of 6
show 1 more comments
|
I'm receiving the same error when I try to receive my webfaction email on gmail. The gmail says: "Tue, Sep 3, 2013 at 11:24 AM SSL Security Error. [ Help ] Server returned error "SSL error: unable to verify the first certificate"" answered 03 Sep '13, 09:31 Joao Paulo L... |