Secure connection failed. Certificate for my@email.address.com may not be valid

Discussion in 'encryption problems' started by WildarsNube, Jan 18, 2015.

  1. WildarsNube

    WildarsNube Registered Member

    Joined:
    Dec 7, 2011
    Posts:
    23
    Location:
    United States
    I've been using my email accounts for years from my iPod Touch. It is from my WiFi network at home. A few days ago, I got "Secure connection failed. The certificate for myEmail@server.address.com may not be valid. Cancel/continue". A google search indicates that this is a rampant problem encountered by iOS users. The solution seems to be to simply select Continue. I'm not a security expert, but from what I've read up on, it's not a good idea to proceed when certificates for the host do not match. Apparently, it opens up the communication to well known attacks.

    Can anyone shed some light on what would cause this certificate error when things worked fine previously? And why exactly is the prevailing wisdom to proceed despite the error? The explanations I've seen are rare and very vague (something about domains and host names, but nothing convincing). I don't get such errors when accessing my email from other devices on the same home WiFi, e.g. Firefox from a Windows 7 machine.

    P.S. In response to a reply on discussions.apple.com, I found that the time was one hour off, so I manually fixed that, but still experienced the same problem. Part of the confusion as to the problem might be the ambiguity about what is meant by "continue". If it means continue communicating with the server even though the certificate is wrong, that's bad. If it means continue with something else...I guess that would depend on what that something is.

    As a further investigative step, I erased all accounts, erased all history/cookies//cache (which was the web-recommended way to remove certificates), and recreated one account. Same problem. (Looks like I better get a move on getting my Moto G working).
     
  2. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    This happens with Mozilla Thunderbird, in my case Thunderbird asked me if I wanted to mark the expired certificate as a exception so i said yes and I downloaded a copy and stored it in documents so I thought it was over, No. it happened the next time I checked my Email. I searched the Mozilla Database to find the answer, Mozilla says it happens when somebody at Mozilla forgets to renew the certificate.
     
    Last edited: Jan 18, 2015
  3. WildarsNube

    WildarsNube Registered Member

    Joined:
    Dec 7, 2011
    Posts:
    23
    Location:
    United States
    I thought it might be gmail's problem, but I don't get certificate problems when accessing my accounts from Outlook.

    Hmmm. Maybe that's a Outlook security shortcoming....

    But really, the web is crawling with complaints about the iOS certificate problem, and almost without fail, the explanation is to simply accept it and proceed. If there's an app coding problem which requires this response even though there is no actual security problem, I have a beef with the opaqueness of the situation. The fact that there is no explanation anywhere online is a problem too. In my mind, the fact that it is impossible to distinguish between an actual security problem versus bad UI design is unacceptable. It doesn't seem to be justifiable to simply proceed without further insight into the actual problem, so I'm basically stuck.

    This is a first generation iPod Touch, with the About panel showing version 3.1.3 (7E1:cool:. It could be that this ambiguous UI situation is a vestige of a prehistoric OS version, and that things are much improved now. Be that as it may, I still have to contend with it, unfortunately, at least until I iron the the details of how I will manage my Outlook client data on my new replacement smartphone and migrate to it. I'm working on that...
     
Loading...