Sudden problem

LATEST UPDATE: This problem appeared for about 5 minutes then went away.

Problem:
My Eudora is suddenly giving a "Cert chain not trusted" error on the mail server from Jodo domain. Here is the dump. Should I worry about this?

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 36888 (0x9018)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=ES, ST=BARCELONA, L=BARCELONA, O=IPS Seguridad CA, OU=Certificaciones, CN=IPS SERVIDORES/[email protected]
Validity
Not Before: Dec 30 13:36:11 2001 GMT
Not After : Dec 29 13:36:11 2025 GMT
Subject: C=ES, ST=Barcelona, L=Barcelona, O=IPS Certification Authority s.l., [email protected] C.I.F. B-B62210695, OU=ipsCA CLASEA1 Certification Authority, CN=ipsCA CLASEA1 Certification Authority/[email protected]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a6:f5:73:66:36:1d:a3:2f:4f:ad:2a:d8:ef:0c:
a6:4b:ef:a7:1b:ac:f7:f2:46:17:1b:b2:02:ab:3e:
11:89:8c:6a:a8:0f:d8:63:14:99:d7:1f:bc:b2:27:
68:02:6e:f4:30:89:eb:ad:eb:41:dc:b4:42:06:fa:
48:1f:13:8c:64:df:87:2d:c7:14:d4:a7:83:e4:72:
3b:32:ea:d3:4d:79:31:65:05:09:33:81:2b:6e:e6:
36:ad:21:11:33:36:2b:68:ca:be:43:2c:37:b7:3d:
69:16:3b:e5:9d:be:32:a7:d5:df:4a:80:fc:da:73:
70:aa:d9:28:82:2f:68:bb:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:TRUE
Netscape Cert Type:
SSL CA, S/MIME CA, Object Signing CA
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Key Agreement, Certificate Sign, CRL Sign, Encipher Only, Decipher Only
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication, Code Signing, E-mail Protection, Time Stamping, Microsoft Individual Code Signing, Microsoft Commercial Code Signing, Microsoft Trust List Signing, Microsoft Encrypted File System
X509v3 Subject Key Identifier:
0E:07:60:D4:39:C9:1B:5B:5D:90:7B:23:C8:D2:34:9D:4A:9A:46:39
X509v3 Authority Key Identifier:
DirName:/C=ES/ST=BARCELONA/L=BARCELONA/O=IPS Seguridad CA/OU=Certificaciones/CN=IPS SERVIDORES/[email protected]
serial:00

X509v3 Subject Alternative Name:
email:[email protected]
X509v3 Issuer Alternative Name:
<EMPTY>

Netscape Comment:
CLASEA1 CA Certificate issued by https://www.ips.es/
Netscape Base Url:
https://www.ips.es/
X509v3 CRL Distribution Points:
URI:https://www.ips.es/crl/ipsSERVIDOREScrl.crl
URI:https://wwwback.ips.es/crl/ipsSERVIDOREScrl.crl

Authority Information Access:
OCSP - URI:http://ocsp.ips.ES/

Signature Algorithm: sha1WithRSAEncryption
27:05:4a:0c:74:c9:14:5d:c8:75:c8:de:ee:89:0c:63:1e:1f:
01:84:c7:02:cb:19:d7:91:c8:dd:3e:cf:b0:c8:f3:f5:92:b5:
54:82:54:62:1f:32:eb:80:a1:7d:56:f1:e4:e7:28:59:26:a4:
7d:f0:ca:2d:31:c6:c9:f3:70:9d:c1:cf:5e:26:a4:ef:b2:12:
e7:88:e8:19:85:ed:80:e4:39:02:68:87:63:a9:13:3c:6c:f5:
45:6a:22:ce:96:56:07:5f:a6:a3:ee:37:0a:6e:92:8b:9e:40:
de:14:30:19:28:93:90:b7:f3:fc:b5:4e:f2:f7:96:0e:bb:10:
94:d4
 
Sorry for that. I was fixing Psoft's magic. Their update killed Mail SSL support.
However you should be able to use SSL right on port 25.
 
I hope I'm not hijacking the thread here. I'm having an issue that I think is related. I'm using Thunderbird with mail.mydomain.com on port 587 as my SMTP server. On sending, I get a warning that the certificate associated with mail.mydomain.com really belongs to m****here.biz.

By turning off the "TLS, if available" option in my SMTP settings, the error goes away. But, I've run this way for years and now all of a sudden I get the warning.

Is this something from the recent upgrades that can be changed on the Jodo end so that I don't hear a lot from my clients who probably have similar setups?

Thanks,
Tim
 
Same here. Made no changes and was sending mail fine yesterday, but this morning I get the warning:
"You have attempted to establish a connection with "mail.mydomain.com" Howwever the security cert belongs to *.m****here.biz [etc]"
If I click continue, I then get a warning:
"Sending message failed. The message could not be sent because connecting to SMTP server mail.mydomain.com failed."

Then strangely if I try again, it sometimes sends after the first security warning.

Thunderbird, XP Pro SP2.
 
Same here, using Eudora. Can't pick up or send email because of security cert problem. I did not submit a ticket, because it seems Jodo is aware of the problem. Is someone working on a fix?

riley
 
This should be all fine now. The issue indeed related to the newer implementation of SSL support in Hsphere's mail service. Fixing this however took away possibility of using SSL on port 25.
 
Just wondering how this has been fixed? I'm still getting that error: "You have attempted to establish a connection with "mail.mydomain.com" However the security cert belongs to *.m****here.biz [etc]"

Mail does go out, but I get that message every time.
 
Well I did test it and it was fine, unless i missed a port or two on any of the servers. Your mailserver, pop3 port and SMTP port please?
 
Back
Top