ssl certificates and email failure!

bobs bikes
bobs bikes Posts: 589
edited December 2011 in The hub
hi all, any one got any ideas.
my shop email wont allow me to log in as it states that the ssl encryption doesnt match up with the page and its a scam or hack or something. it wont allow me to gain access to my control panel neither.

bloody technology!

its running cpanel 11 if that helps.

TA!

Comments

  • projectsome
    projectsome Posts: 4,010
    disable SSL encryption and see what happens.... Someone more technically gifted will be along shortly.
    FARKBOOK TWATTER Happiness is my fucking mood!
  • Anonymous
    Anonymous Posts: 79,666
    Are you accessing this on desktop/laptop or from a phone, and from a browser or email client?

    With a browser you should be able to ignore the warnings and continue to the site regardless anyway.

    Do you manage the server? It sounds like the certificate on the server needs fixing. Typical issues are the certificate on the server has expired, has the wrong domain name for the URL, the chain is broken somewhere.

    On a desktop/laptop browser you should be able to see the certificate details and see what's wrong. Depends on the browser were to look.
  • Hmm you may have some virus/malware that is attempting to do a man in the middle attack (ie pass your logon bits to someone else to use and abuse)... dont turn ssl off if entering logon info over the internet, well not if you want it to remain safe.
    Scan what ever device you are using for virus etc make sure it fully patched blah blah, try logging on from a clean machine etc.
  • Ok, SSL certificates are actually pretty simple, they just sign a site to show that the person is who they say they are, in this case, you are who you say you are.

    You need to start by ensuring your private key, which is the file you had when you bought the certificate, is safe. If this is not the case, contact your certificate provider to revoke that cert and you'll need to buy another.

    Next visit the site and agree to bypass/accept the certificate warning. Click on the padlock or the crossed out https depending on browser and you'll see the certificate information. It will name a site a company and a certificate authority. Make sure the site name is the same, exactly the same as the site. This is the most common error. If it's not you'll need another, correct, certificate. Then check the valid from and to dates. Same applies. If all that seems okay then make sure the certificate authority is valid and trusted. A site like this, will help with all these issues https://www.ssllabs.com/ssldb/

    Then it can get more complex, like, a browser is requesting a script from a non ssl site e.g. Google analytics, but start with the obvious stuff first.

    Lastly, when you say you are using cpanel, it isn't just the cpanel that is giving the ssl error and the site is fine. Depending on your host, the cpanel access maybe through your site, but the ssl is owned by the host, this giving a mismatch and error?

    Tony

    PS post the site url and we can check too