Menu
Reply
pgeo
  • 2
  • 0
  • 2
Joining in
552 Views
Message 1 of 13
Flag for a moderator

Cannot access email - certificate not trusted

I'm using Mozilla Firefox. I've not changed anything for years but now cannot download emails because "the certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature" and "Legitimate banks, stores and other public sites will not ask you to do this". The location it refers to is Imap.virginmedia.com:993 which is the server setting and port in my account details. The certificate itself was issued in October 2020 and continues until November 2021. Any ideas on how to sort this out would be very welcome.

thanks, pgeo

 

theinternetguy
  • 51
  • 4
  • 12
Tuning in
521 Views
Message 2 of 13
Flag for a moderator

Re: Cannot access email - certificate not trusted

Hi @pgeo

May I suggest you make sure your internet browser is on the latest version. If this didn’t change anything please try it on a different browser. If it works on the other browser then it must be something to do with Mozilla Firefox. 

Hope this helps 😊

0 Kudos
Reply
fizz
  • 195
  • 6
  • 36
Superfast
514 Views
Message 3 of 13
Flag for a moderator

Re: Cannot access email - certificate not trusted

I'm getting problems on  an android device with certificates for Ssl but only on one of my virginmedia emails. I can access via Web but not imap on my android device.

My Broadband Ping - Home Broadband
0 Kudos
Reply
theinternetguy
  • 51
  • 4
  • 12
Tuning in
505 Views
Message 4 of 13
Flag for a moderator

Re: Cannot access email - certificate not trusted

Very strange. Perhaps just contact VM and ask for help can’t really suggest anything from here. 

I had an issue when I first signed up to VM emails and I phoned 150 and they sorted it there and then. 

0 Kudos
Reply
用心棒
  • 5.64K
  • 634
  • 1.97K
Very Insightful Person
Very Insightful Person
492 Views
Message 5 of 13
Flag for a moderator

Re: Cannot access email - certificate not trusted

Which operating system are you running?

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media. Learn more
Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
schm
  • 3
  • 0
  • 2
Tuning in
430 Views
Message 6 of 13
Flag for a moderator

Re: Cannot access email - certificate not trusted

I don't believe this is anything to do with OS or browser, it happens on android ,windows, linux and is a little bit annoying. Seemed to start yesterday 15/02 for me. Webmail access will work. All IMAP clients I've used, complain about the certificate.

I believe it's a TLS certificate verification problem. To be fair, it may not be fully VMs fault and the problem may lie @ the certificate issuing authority GlobalSign     (......unless VM have made some changes to email access that they haven't publicised very well???)

If anybody technical @ VM actually reads this stuff, this may help:

openssl s_client -connect imap.virginmedia.com:993 -servername imap.virginmedia.com
CONNECTED(00000003)
depth=0 CN = email.virginmedia.com
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 CN = email.virginmedia.com
verify error:num=21:unable to verify the first certificate
verify return:1
depth=0 CN = email.virginmedia.com
verify return:1
---
Certificate chain
0 s:CN = email.virginmedia.com
i:C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020
---
Server certificate
-----BEGIN CERTIFICATE-----
blah, blah, certificate (certificate removed in forum post for readability)
-----END CERTIFICATE-----
subject=CN = email.virginmedia.com

issuer=C = BE, O = GlobalSign nv-sa, CN = GlobalSign GCC R3 DV TLS CA 2020

---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-521, 521 bits
---
SSL handshake has read 2341 bytes and written 506 bytes
Verification error: unable to verify the first certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Session-ID-ctx:
Master-Key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1613459843
Timeout : 7200 (sec)
Verify return code: 21 (unable to verify the first certificate)
Extended master secret: no
---
* OK Virgin Media IMAP4 server ready [ e4c558782VM ].

I would call VM support, but life's too short to go through the usual list of trivial questions the first line support people are forced to ask, to cover all levels of VM customer IT competence.

Hopefully VM will spot it and fix it soon.

 

 

 

0 Kudos
Reply
boothy99
  • 297
  • 11
  • 161
Fibre optic
406 Views
Message 7 of 13
Flag for a moderator

Error checking mail. Invalid security (SSL) certificate

Hi pgeo,

I was just about to send a bug report for the app I use to access email - Aqua Mail, as none of my ntlworld email accounts would sync again today. I thought I'd check up on the forum here first. Glad I did.

I noticed my Virgin emails weren't syncing yesterday. However, after I entered the Manage account settings in-app, I clicked on Account setup / left the name & password as-is / clicked "next" (Servers checked and passed) / left name & account name as-is / saved. This appeared to have fixed it - messages synced all day as expected again. However, after restarting both my phone (Xiaomi Mi 9T), my tablet (Samsung Galaxy Tab S4) and my wife's tablet (Samsung Galaxy Tab S4) today - all failed to sync any ntlworld / virgin accounts. Gmail account works fine and has done throughout this issue.

The brief popup error message(s) reads -

"Error checking mail. Invalid security (SSL) certificate. Java.security.cert.CertPathValidatorException. Trust anchor for certification path not found."

Refreshing each account's settings without changing anything seems to temporarily fix the issue. That's 3 different devices with sync issues on 3 different ntlworld / virgin accounts.

 

0 Kudos
Reply
theinternetguy
  • 51
  • 4
  • 12
Tuning in
395 Views
Message 8 of 13
Flag for a moderator

Re: Error checking mail. Invalid security (SSL) certificate

Yes @boothy99 

Does seem to be an issue with Virgin Email. Have seen quite a lot of posts like this over the past few days. 

boothy99
  • 297
  • 11
  • 161
Fibre optic
376 Views
Message 9 of 13
Flag for a moderator

Re: Error checking mail. Invalid security (SSL) certificate

Yeh, it's a pain in the Haçienda to have to go through every account on every device. Just hope this gets noticed and forwarded on to whoever's responsible for fixing it, soon.

schm
  • 3
  • 0
  • 2
Tuning in
369 Views
Message 10 of 13
Flag for a moderator

Re: Error checking mail. Invalid security (SSL) certificate

Now seems to be fixed.