Ubuntu 16.04 / mail / thunderbird / invalid ssl certificate

Hello all,

Time to time I got error message regarding thunderbird mail client using wrong site certificate. This occur often when network is going back from hibernation but not only and this may also occur with Kmail or Evoluion and with another Ubuntu laptop.
All mails boxes servers are authenticated with let’s encrypt and are within my mail client configuration.
In this sample mail.gandi.net:993 is using a wrong certificate belonging to *.net-c.com
both mail boxes are in my Thunderbird/Kmail/Evolution configuration.

Any direction is most welcome as I already tried lot of workaround
Regards

1 Like

I’m pretty sure this is what TLS is for: preventing Man-in-the-Middle attacks. By adding a (permanent) exception in Thunderburd, you’re letting others read your password and your e-mail.

You should remove the exception from Thunderbird and try to figure out what’s going on with your connection to mail.gandi.net: check the IP address your DNS client is resolving: is it actually a Gandi.net server? Or perhaps is somebody spoofing DNS results?

1 Like

Hi @guicar

checking that domain name there is a valid certificate - https://check-your-website.server-daten.de/?q=mail.gandi.net#connections

So you should never, never, really never see such a warning.

But if you see such a warning, something is critical wrong. You send your username and your password to the wrong server.

May be your PC or your router has a big problem.

3 Likes

Thank you for your quick inputs.
This this is not related to my Pc as I have same issue with another one but both are Ubuntu based, one version 18.04 and the other one is 16.04.
This this not related to Thunderbird as I have same issue on various mail client.
I use a cisco RV215W as Firewall/Router.
For your information Gandi (mail.gandi.net) is also hosting net-c.com

2 Likes

mail.gandi.net resolves to the IP address 217.70.178.9 here. What IP address are you getting when you resolve mail.gandi.net?

1 Like

I think Dns resolution is the right direction because yesterday evening I got same issue and solved mail.gandi.net and got 77.238.185.51 which belong to yahoo !

I reconfigured my RV215W cisco firewall to use my ISP dns server. Was previously configured as “Dns proxy” but I think something goes wrong with such setting.
Many thanks to all as I was stuck with this issue since a couple of months without having the right direction !!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.