Certificate expired

bipbop · 2 Jun 2011, 02:20 AM

Secure.runbox.com. This site attempts to identify itself with invalid information.

Certificate is not currently valid.. It is impossible to verify whether this identity was reported as stolen.

The above from Thunderbird. Same happened when logged in via my HTC Android.

Pretty lame, Runbox. How come you didn't notice?

kbkgraphx · 2 Jun 2011, 06:02 AM

Yeah, tried to access inbox a couple days ago and Firefox told me it was an "Attack Site", lol, but not funny really.

And crazy slow today, geez!

Geir · 2 Jun 2011, 06:53 AM

The certificate is still valid, rest assured... We'll get it replaced shortly and implement a better regime for this.

- Geir

kijinbear · 2 Jun 2011, 10:45 AM

Everybody forgets to renew their domains and/or SSL certificates at one point or another. Even companies sometimes do that. You're lucky it was just a certificate and not an entire domain. Definitely need a better system to keep track of all those things that expire!

gmit · 2 Jun 2011, 04:40 PM

Quote:

Originally Posted by kijinbear

Everybody forgets to renew their domains and/or SSL certificates at one point or another. Even companies sometimes do that. You're lucky it was just a certificate and not an entire domain. Definitely need a better system to keep track of all those things that expire!

There's no excuse. Thunderbird now refuses to send a mail from my runbox account. This is ridiculous...

robert@fm · 2 Jun 2011, 04:46 PM

Even Microsoft did this once, resulting in the Hotmail domain being owned for a few days by a third party -- however he did this solely to stop anyone else doing so, and let Microsoft have the domain back as soon as they asked!

Geir · 2 Jun 2011, 05:29 PM

We've now installed new certificates that should take care of POP, IMAP, and SMTP over SSL on secure.runbox.com. Apparently the format of the certficate used by the proxy server had changed and it took a little while to figure it out.

Sorry again for the inconvenience caused -- we're planning to improve our certificate regime so that this doesn't happen again.

- Geir

50ftQueenie · 15 Jun 2011, 01:10 AM

Hi Runbox team,

I just opened Thunderbird and I get a message that the certificate (issued to bigdog.runbox.net and to expire on 31-8-2011) could not be identified. I'm trying to connect to secure.runbox.com:993.

Just to make sure: am I OK by accepting this? Hope to hear from you!

Thanx,
50ftQ.

kservik · 16 Jun 2011, 06:26 PM

This was just an issue while we moved. It should not be a issue any more.

Kim

2 Jun 2011, 02:20 AM	#1
bipbop Senior Member Join Date: Dec 2009 Posts: 197	Certificate expired Secure.runbox.com. This site attempts to identify itself with invalid information. Certificate is not currently valid.. It is impossible to verify whether this identity was reported as stolen. The above from Thunderbird. Same happened when logged in via my HTC Android. Pretty lame, Runbox. How come you didn't notice? Last edited by bipbop : 2 Jun 2011 at 02:23 AM. Reason: More

2 Jun 2011, 06:02 AM	#2
kbkgraphx Member Join Date: Apr 2003 Location: Ohio Posts: 67	Yeah, tried to access inbox a couple days ago and Firefox told me it was an "Attack Site", lol, but not funny really. And crazy slow today, geez!

2 Jun 2011, 06:53 AM	#3
Geir The "e" in e-mail Join Date: Sep 2001 Location: Oslo, Norway Posts: 2,938 Representative of: Runbox.com	The certificate is still valid, rest assured... We'll get it replaced shortly and implement a better regime for this. - Geir

2 Jun 2011, 10:45 AM	#4
kijinbear Cornerstone of the Community Join Date: Mar 2011 Location: ~$ Posts: 652	Everybody forgets to renew their domains and/or SSL certificates at one point or another. Even companies sometimes do that. You're lucky it was just a certificate and not an entire domain. Definitely need a better system to keep track of all those things that expire!

2 Jun 2011, 04:46 PM	#6
robert@fm The "e" in e-mail Join Date: Feb 2002 Location: London, UK Posts: 4,681	Even Microsoft did this once, resulting in the Hotmail domain being owned for a few days by a third party -- however he did this solely to stop anyone else doing so, and let Microsoft have the domain back as soon as they asked!

2 Jun 2011, 05:29 PM	#7
Geir The "e" in e-mail Join Date: Sep 2001 Location: Oslo, Norway Posts: 2,938 Representative of: Runbox.com	We've now installed new certificates that should take care of POP, IMAP, and SMTP over SSL on secure.runbox.com. Apparently the format of the certficate used by the proxy server had changed and it took a little while to figure it out. Sorry again for the inconvenience caused -- we're planning to improve our certificate regime so that this doesn't happen again. - Geir

15 Jun 2011, 01:10 AM	#8
50ftQueenie Member Join Date: Dec 2003 Posts: 70	Hi Runbox team, I just opened Thunderbird and I get a message that the certificate (issued to bigdog.runbox.net and to expire on 31-8-2011) could not be identified. I'm trying to connect to secure.runbox.com:993. Just to make sure: am I OK by accepting this? Hope to hear from you! Thanx, 50ftQ.

16 Jun 2011, 06:26 PM	#9
kservik Cornerstone of the Community Join Date: Sep 2005 Location: Oslo, Norway Posts: 555 Representative of: Runbox.com	This was just an issue while we moved. It should not be a issue any more. Kim