Opened 7 years ago

Closed 7 years ago

#5562 closed Bug/Something is broken (fixed)

Security Certificate for webmail.mayfirst.org

Reported by: Gino Arcurie, Jr. Owned by: Daniel Kahn Gillmor
Priority: Urgent Component: Tech
Keywords: webmail.mayfirst.org sni Cc:
Sensitive: no

Description

I am trying to log into my email and I'm being told there is a problem with this website's security certificate. This is what it is saying when I try to log into my email: The security certificate presented by this website was not issued by a trusted certificate authority. The security certificate presented by this website was issued for a different website's address. Can you please help me out with this I need to get into my email asap. You can reach me at 570-262-6785 or numberouno@…. Thank you, Gino Arcurie

Change History (2)

comment:1 Changed 7 years ago by Daniel Kahn Gillmor

Keywords: webmail.mayfirst.org added
Owner: set to Daniel Kahn Gillmor
Status: newassigned
Summary: Security CertificateSecurity Certificate for webmail.mayfirst.org

What URL are you visiting when you go to check your mail? Are you visiting https://webmail.mayfirst.org/ ? What web browser are you using?

comment:2 Changed 7 years ago by Daniel Kahn Gillmor

Keywords: sni added
Resolution: fixed
Status: assignedclosed

Spoke with Gino, he is running Internet Explorer 8 (8.0.6001.18702) on Windows XP.

I believe this is a result of our recent addition of a roundcube test instance on the webmail server, and Server Name Indication not being supported by any version of IE on WinXP.

I resolved the problem by ensuring that the webmail.mayfirst.org config comes before any other TLS-enabled configuration:

0 stallman:/etc/apache2/sites-enabled# mv {,000-}webmail.ssl 
0 stallman:/etc/apache2/sites-enabled# /etc/init.d/apache2 restart
Restarting web server: apache2[Mon Apr 09 15:25:08 2012] [warn] NameVirtualHost *:80 has no VirtualHosts
 ... waiting [Mon Apr 09 15:25:09 2012] [warn] NameVirtualHost *:80 has no VirtualHosts
.
0 stallman:/etc/apache2/sites-enabled# 

I spoke with Gino on the phone and confirmed that this resolved the issue for his setup.

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.