dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
906

marti
Color outside the lines
MVM
join:2001-12-14
Houston, TX

marti

MVM

[mail] Can't get mail via Gmail

I have had my DSLR account set to be checked through my on-line Gmail account. It has worked for years. The past few days it is not working. Error message :

SSL Security Error.
Server returned error "SSL error: certificate has expired"


I do not have a email client set up on any of my computers, therefore I depend on the DSLR to Gmail interface.

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert

Mod

Re: Can't get mail via Gmail

I just checked mail:

"fetchmail: Server certificate verification error: certificate has expired"

In my case it still works, because I did not tell "fetchmail" to verify the certificate. (I'm using APOP authentication, so I don't really need a secure connection).

In any case, gmail is correct - the certificate has expired.

1: Can somebody at dslr provide a new certificate;
2: If using a locally signed certificate, can the signing CA certificate be made available somewhere so that we can download and locally install.

Thanks.

nil

join:2000-11-27

nil to marti

to marti
I generated a new certificate, try again.

marti
Color outside the lines
MVM
join:2001-12-14
Houston, TX

marti

MVM

Thanks nil, but I still get the same error message.

nil

join:2000-11-27

nil

Unfortunately, it appears that, without any warning, google changed its policy on self-signed certificates. I'll see if we can get a non-self signed one for mail, but in the meantime, this change means the only way to get email via gmail from us is to not use ssl.

»productforums.google.com ··· scussion

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert to nil

Mod

to nil
said by nil:

I generated a new certificate, try again.

Thanks. It is no longer reported as expired, though it is reported as self-signed (which is not a problem for me).

marti
Color outside the lines
MVM
join:2001-12-14
Houston, TX

marti

MVM

nil,

I fixed it: removed SSL requirement and changed server from 995 to 110. Good enough for now.

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert

Mod

This is where google might be making a mistake.

Using port 995 with a self-signed certificate is more secure than using port 110.

marti
Color outside the lines
MVM
join:2001-12-14
Houston, TX

marti

MVM

Yes, but it was the only way I can get my DSLR mail!

nwrickert
Mod
join:2004-09-04
Geneva, IL

nwrickert

Mod

said by marti:

Yes, but it was the only way I can get my DSLR mail!

I was not criticizing you.

Google seems to be saying that because self-signed certificates are not completely safe, they will force users to do something even more unsafe.

I'm not a gmail user. You might check if they at least use APOP authentication, which is safer than a plain text authentication.

nil

join:2000-11-27

nil

Agreed, I think it's a stupid decision. If a user trusts the certificate, it should be good enough for google.
saradon
join:2001-03-29
Bethesda, MD

3 edits

saradon to marti

Member

to marti
I was having the same difficulty retrieving DSLR mail from with zoho mail (mail.zoho.com). I switched to zoho a while back when I perceived that Google started behaving in, IMHO, a less-than-benevolant manner. I wrote zoho a comment about it, and they now appear to have fixed it and I am now able to retrieve my DSLR mail using SSL/995. This really helps as I really didn't want my DSLR password being transmitted in clear text around the Internet.

So there's one place you could aggregate your mail including DSLR, if you like zoho's interface -- less minimalist than Google, and more (again, IMHO) like DSLR in that features are shown not deliberately obscured, which I like.

I've been using zoho for a while now, and could answer some questions about it if anyone's interested. (There's a whole office suite there too, BTW, and I have not used all of it, or even most of it - it's pretty extensive and there's more than just mail and a word processor.)

Hope this is helpful.