This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

thunderbird trying to override ssl certificate

  • 4 odgovori
  • 19 ima ovaj problem
  • 10 views
  • Posljednji odgovor poslao christ1

more options

When I try to send a email I get a error message, "Sending of message failed. The message could not be sent using SMTP server smtpout.secureserver.net for an unknown reason. Please verify that your SMTP server settings are correct and try again, or contact your network administrator." Then another window pops asking to override my SSL certificate. I am using Godaddy for email hosting and they are saying it might be a security flaw within Thunderbird. It is trying to override my godaddy SSL cert with a cert with the following info.


Issued To

Common Name (CN): Server ] Organization (O):Sample, Inc.

Organization Unit (OU):IT Team

Serial Number:02


Issued By

Common Name (CN):CA

Organization (O):Sample, Inc.

Organization Unit (OU):IT Team


Validity

Issued on:11/18/2010

Expires On:11/15/2020


Fingerprints

SHA1 Fingerprint:12:52:B4:38:8C:74:A2:F1:13:1F:F3:46:EF:75:CE:9A:02:E9:28:91

MD5 Fingerprint:FA:A3:01:DD:E5:5D:20:60:F7:6C:24:DA:93:14:7F:30


I don't want to override my SSL cert and every email I try to send it wants me to. Is there a virus on my computer or am I being hacked or am I over reacting and should just accept it?

When I try to send a email I get a error message, "Sending of message failed. The message could not be sent using SMTP server smtpout.secureserver.net for an unknown reason. Please verify that your SMTP server settings are correct and try again, or contact your network administrator." Then another window pops asking to override my SSL certificate. I am using Godaddy for email hosting and they are saying it might be a security flaw within Thunderbird. It is trying to override my godaddy SSL cert with a cert with the following info. Issued To Common Name (CN): Server ] Organization (O):Sample, Inc. Organization Unit (OU):IT Team Serial Number:02 Issued By Common Name (CN):CA Organization (O):Sample, Inc. Organization Unit (OU):IT Team Validity Issued on:11/18/2010 Expires On:11/15/2020 Fingerprints SHA1 Fingerprint:12:52:B4:38:8C:74:A2:F1:13:1F:F3:46:EF:75:CE:9A:02:E9:28:91 MD5 Fingerprint:FA:A3:01:DD:E5:5D:20:60:F7:6C:24:DA:93:14:7F:30 I don't want to override my SSL cert and every email I try to send it wants me to. Is there a virus on my computer or am I being hacked or am I over reacting and should just accept it?

Izmjenjeno od strane cajohnson002

All Replies (4)

more options

It does seem very suspicious if the Issuer ("Issued by") is "Sample, Inc."

Have you always had this problem with Thunderbird or it is a new issue that started recently?

For suggested malware scanning tools, see this article: Troubleshoot Firefox issues caused by malware.

more options

I've been having the same problem intermittently, for maybe a few weeks. The certificate is clearly self-signed, probably being served by just one of the SMTP pool servers behind the smtpout.secureserver.net VIP (or possibly on the load-balancer itself, if it's terminating the SSL). I've uploaded a screenshot, which appears to be identical to the one described above, as well as another screenshot of a valid GoDaddy SMTP certificate.

Unfortunately, I can't get GoDaddy support to consider this possibility, as they've responded that their servers aren't misconfigured, and that it's "being caused locally by the time and date on [my] computer." Apparently my time/date configuration, which is synchronized via NTP, is somehow causing a certificate to appear from the "IT Team" at "Sample, Inc." Right.

The other possibility I might be willing to consider is a man-in-the-middle attack from malware or a malicious actor at the ISP. The fact that the OP on this thread is having the same problem, and is getting the exact same certificate, makes the ISP theory pretty unlikely. I'm also experiencing this problem from both a Mac and a Windows box, so the malware option is unlikely as well.

I will post an update if I get a resolution through GoDaddy or other means.

Izmjenjeno od strane dafx

more options

dafx, where have I suggested to accept a suspicious certificate?

Please read the article before making such claims.