I'm still getting a warning when using the Thunderbird account setup wizard and selecting the POP3 option. Yesterday, the certificate details listed some non-ruggedinbox URL, and now it lists "mail.ruggedinbox.com" but still claims it's invalid.
I've manually typed everything I saw, so there may be mistakes...
Thunderbird 38.5.1 over non-Tor connection...
Selected "Add Mail Account...".
Entered name, e-mail address (
[email protected]), and password; kept "Remember password" checked; pressed "Continue" button.
Observed messages of "Looking up configuration: Trying common server names", etc.
Switched radio button from "IMAP" to "POP3"; pressed "Done".
Observed "Checking password" message, then window stating the following:
You are about to override how Thunderbird identifies this site.
Legitimate banks, stores, and other public sites will not as you to do this.
Server: Location: pop.ruggedinbox.com:110 [Get Certificate]
Certificate Status: This site attempts to identify itself with invalid information. [View]
Wrong Site: The certificate belongs to a different site, which could mean that someone is trying to impersonate this site.
[ x ] Permanently store this exception
[Confirm Security Exception] [Cancel]
Here's where I'm getting
really confused. When I click "View", it brings up a window with "General" and "Details" tabs -- sometimes showing one set of credential, sometimes another.
Result #1:This certificate has been verified for the following uses:
SSL Client Certificate
SSL Server Certificate
Issued To
Common Name (CN): mail.ruggedinbox.com
Organization (O):
(I inadvertently overlooked this entry.)Organizational Unit (OU): Domain Control Validated
Serial Number: 0B:A6:AB:22:5D:CD:AF:C4:6C:9F:92:19:85:16:57:53
Issued By
Common Name (CN): COMODO RSA Domain Validation Secure Server CA
Organization (O): COMODO CA Limited
Organizational Unit (OU):
Period of Validity
Begins On: 03/04/2015
Expires On: 03/04/2016
Fingerprints
SHA-256 Fingerprint: A0:59:AF:7B:A5:69:23:C2:93:23:7D:86:CC:30:E6:14:4B:9B:77:41:92:5E:E1:10:9A:0F:C7:B8:49:B9:EE:2D
SHA1 Fingerprint: FD:18:DE:8F:55:A1:01:4E:E8:A9:DF:8E:95:4E:92:BB:2F:75:FC:67
Result #2:
This certificate has been verified for the following uses:
SSL Client Certificate
SSL Server Certificate
Issued To
Common Name (CN): us2.pop.mailhostbox.com
Organization (O):
Organizational Unit (OU): Domain Control Validated
Serial Number: 1C:30:0E:C7:E6:FC:1D:49:D8:86:01:A3:24:1E:A7:75
Issued By
Common Name (CN): COMODO RSA Domain Validation Secure Server CA
Organization (O): COMODO CA Limited
Organizational Unit (OU):
Period of Validity
Begins On: 09/15/2015
Expires On: 05/15/2016
Fingerprints
SHA-256 Fingerprint: CD:DA:B0:66:00:1F:4E:E7:67:EC:39:AE:FB:FF:9C:FB:FC:D3:7B:F3:DC:5C:BE:82:10:01:87:12:9F:82:C1:7B
SHA1 Fingerprint: 17:C3:65:17:2F:F7:D9:1E:C2:BA:F2:7D:C1:6E:C7:C6:92:5C:38:E0