Skip navigation

when adding a mail account on client computer wrong ssl certificate comes up

440 Views 3 Replies Latest reply: Sep 25, 2013 4:13 AM by robfoster34 RSS
robfoster34 Calculating status...
Currently Being Moderated
Sep 24, 2013 2:58 AM

Hi

Im using 10.6 server with kerio mailserver for email.

 

I have self signed certificated in both 10.6 server admin ands kerio mailserver, which used to come up correctly when i added a mail account on a clients machine.

 

When i add a mail account to a clients computer now (10.8.5 Mountain Lion) the certificate that comes up is nothing to do with my company, it is a certificate through Geotrust, Rapid ssl and then shows a expired certificate for neuhaus-chocolates, which is nothing to do with us, could it be that weve been hacked? and has anyone got any suggestions as to what i can do to fix it, as im at a loss.

 

ssl.jpg

Xserve, Mac OS X (10.6.8)
  • MrHoffman Level 6 Level 6 (11,710 points)

    It's not clear (to me) where in the client's computer you're seeing this.

     

    In general, delete that certificate from the Keychain, and add your certificate(s) into the Keychain.  (Safest to add these certs via a trusted access path, too.)

     

    Also check the client's view of the local DNS services and the associated IP addresses here, and make sure you're not getting to a different server.  In this case, to the chocolate folks.  (You've obfuscated the target domain, so I can't check this case.)

     

    If you want to follow through with the "have I been hacked?" discussion, that can take a day or two (and potentially longer) of digging around to determine what's happened and how and whether there are any obvious back-doors left around, and (for most cases, with most clients) it's usually easier to preemptively wipe the client system and install from distro, roll the user's own files in from backup, change all the passwords and all the local private keys, and otherwise lock down the client system.  (There are exceptions, of course.   For hacked servers and for some clients, figuring out how the attack has happened can be more useful.  But it's more involved.)

     

    FWIW, if you're running your own public key chain here, then load your root cert public key into the server and into the clients, and use CSRs from the various clients to set up the key-pairs for the various servers and clients involved.  (I'd guess you're not implementing this private CA approach though, based on your "certificated" phrasing; I'm going to assume that was intended to be "certificates", and that you have two seperate self-signed certs here.) 

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.