Eudora says pop.gmail ssl certificate invalid

Topic

New Reply

For years I have used Eudora as my email client, receiving and sending mail via several other servers including gmail, comcast, earthlink and others. As of two days ago, I am unable to download from gmail’s pop server. I am still able to send using the smtp.gmail server and can both send and receive using all other servers.
The ssl error shows only “unknown error”. I show no untrusted certificates, and have verified all settings. Several other have reported the same problem on the Gmail Help Forum, but no help so far. Any ideas?
All help will be appreciated.

Reply | Quote

Replies

See this post for information on testing the Google server.
http://windowssecrets.com/forums/showthread//169469-SSL-TLS-issue-with-Outlook-2013?p=1006774&viewfull=1#post1006774

cheers, Paul

Reply | Quote

I tried the dotcom-monitor test and the test result was F, the error code Pop3 and the error code 404. Now if only I knew what any of that meant….:o

Reply | Quote

You might take a look at this Google support post…

https://productforums.google.com/forum/#!topic/gmail/LFHAZhX_gkw

Thanks. That is my post. Unfortunately, the one response did not help.
Thanks for trying, though.

Reply | Quote

Thank you. I will from now on.

Reply | Quote

404 means page not found.

Have you checked that POP3 is enabled on Gmail?
1. Log in to Gmail.
2. Click the Cog > Settings Forwarding and POP/IMAP.
Check that POP is enabled.

cheers, Paul

Reply | Quote

Yes, POP was enabled. But ……
This morning a new untrusted certificate for pop.gmail appeared in my ssl cert list. I marked it as trusted and my email is now downloading. It was not the certificate referenced in the Eudora error message, and it was not in the certificated list as recently as last night. It’s magic.
Thank you for your help.

Reply | Quote

You should not need to add certificates to your trusted list – this usually indicates the certificate is not valid. It may be that your computer has not updated its root certificates so there is no trusted chain. To update your certificates see this link: https://support.microsoft.com/en-us/kb/2813430

cheers, Paul

Reply | Quote

For years I have used Eudora as my email client, receiving and sending mail via several other servers including gmail, comcast, earthlink and others. As of two days ago, I am unable to download from gmail’s pop server. I am still able to send using the smtp.gmail server and can both send and receive using all other servers.
The ssl error shows only “unknown error”. I show no untrusted certificates, and have verified all settings. Several other have reported the same problem on the Gmail Help Forum, but no help so far. Any ideas?
All help will be appreciated.

As posted on this Google Forum:

https://productforums.google.com/forum/#!topic/gmail/LFHAZhX_gkw

I was soooo glad to see posts related to July 23 incoming G-mail account certificate failures.

SORRY FOR THE LONG POST, but it may help other G-mail users.

I SECOND THE STATEMENT ABOUT IT WOULD BE “NICE” IF GOOGLE/G-mail NOTIFIED US WHEN CHANGES HAVE BEEN MADE.

G-mail Security Certificate Failures – Inbound downloads only

I have done extensive Google searches regarding G-mail Security Certificate Failures FOR JULY OF 2015.

NOTE: MY COMPUTER DATE/TIME IS CORRECT (AND AUTOMATICALLY UPDATED FROM THE INTERNET, INCLUDING DAYLIGHT SAVINGS TIME UPDATES).

NOTE: AT ALL TIMES, *OUTBOUND* G-MAIL ACCOUNTS WORK, AS WELL AS G-MAIL WEB MAIL.

All time references are to Central Daylight Savings Time (CDT).

AS A FORMER INFORMATION TECHNOLOGY QUALITY ASSURANCE TESTER, I HAVE TO ASK WHAT HAS BEEN GOING ON WITH G-MAIL SECURITY CERTIFICATES FAILING/WORKING/FAILNG/WORKING ON JUJLY 15 and SINCE JULY 22 TO PRESENT DATE OF JULY 26th?

What has G-mail changed in its (Equifax) Security Certificates IN THE MONTH OF JULY, that have caused my e-mail downloads to FAIL, even when I specify “YES” to trust the Certificate (see certificate copy-paste at bottom).

I AM NOW DESPERATE – my G-mail downloads to my computer e-mail application have now been TOTALLY FAILING FOR ANY/ALL OF MY G-MAIL ACCOUNTSSINCE JULY 23, 2015. Yet, G-MAIL WEB-MAIL WORKS FINE (THANK GOODNESS!) FOR THOSE SAME ACCOUNTS.

In JUST this month of July, 2015, I had G-mail certificate failures on July 15 that “fixed themselves”

July 15

NOTE: THESE G-MAIL FAILURES MAY HAVE RELATED TO COMCAST/ISP PROGLEMS

09:15 a.m. G-mail accounts downloaded normally
11:14 a.m. G-mail account downloads failed
02:28 p.m. G-mail accounts downloaded normally

This was my task status message at that time (NOTE THE CAUSE: [5]):

“SSL Negotiation Failed. Certificate bad. Destination Host name does not match host
name in certificate. But ignoring this error because Certificate is trusted. The connection
with the server has been lost. Cause: [5]

July 22

12:23 p.m. All G-mail accounts downloaded normally
12:55 p.m. Two primary G-mail accounts downloaded normally
07:19 p.m. G-MAIL DOWNLOADS FAILING AGAIN
09:00 p.m. Two primary G-mail accounts downloaded normally

July 23

06:42 a.m. Four primary G-mail accounts FAILED
07:19 a.m. Two primary G-mail accounts CONTINUE TO FAIL (even after close/reopen of computer application)
08:19 a.m. G-mail account downloads continue to fail
09:10 a.m. 1 primary G-mail account WORKED!!! I DOUBLE CLICKED ON ERROR MESSAGE IN E-MAIL APPLICATION TASK STATUS – has not worked again
04:22 p.m. Downloaded *227* e-mails from a single G-mail account
5:07 p.m. 100% OF G-MAIL ACCOUNT DOWNLOADS WORKED
10:08 p.m. 100% OF G-MAIL ACCOUNT DOWNLOADS FAILED

This has been/continues to be my task status messages for all G-mail accounts (NOTE THE CAUSE: [200]:
“SSL Negotiation Failed. Certificate bad. Destination Host name does not match host name in certificate. But ignoring this error because Certificate is trusted. The connection with the server has been lost. Cause: [200]

Whenever I *check* e-mail for downloading e-mails to my computer e-mail application, YAHOO AND COMCAST WORK FINE, BUT 100% OF G-MAIL ACCOUNT DOWNLOADS FAIL, NO MATTER WHAT I HAVE “TRIED”, INCLUFING A COMPUTER RESTART.

I am using OBSOLETE/UNSUPPORTED:

1. Windows XP

2. Eudora Version 7.0.0-Paid Mode [89] (WITH 73 *GIG* OF E-MAILS IN 5,768 MAILBOXES)

However, those obsolete products have not been a problem UNTIL G-MAIL CHANGED “SOMETHING” IN ITS POP ACCESS TO DOWNLOAD G-MAIL ACCOUNT E-MAILS ON OR AROUND JULY 23, 2015. .

CRITICAL QUESTION: WILL I NEED TO TERMINATE ALL G-MAIL E-MAIL ACCOUNT ADDRESSES/SUBSCRIPTIONS AND CHANGE THEM TO YAHOO?

Any help would be greatly appreciated!!!!!!

Funk4Crunk

Certificate:
Data:

Version: 3 (0x2)
Serial Number: 903804111 (0x35def4cf)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
Validity
Not Before: Aug 22 16:41:51 1998 GMT
Not After : Aug 22 16:41:51 2018 GMT
Subject: C=US, O=Equifax, OU=Equifax Secure Certificate Authority
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c1:5d:b1:58:67:08:62:ee:a0:9a:2d:1f:08:6d:
91:14:68:98:0a:1e:fe:da:04:6f:13:84:62:21:c3:
d1:7c:ce:9f:05:e0:b8:01:f0:4e:34:ec:e2:8a:95:
04:64:ac:f1:6b:53:5f:05:b3:cb:67:80:bf:42:02:
8e:fe:dd:01:09:ec:e1:00:14:4f:fc:fb:f0:0c:dd:
43:ba:5b:2b:e1:1f:80:70:99:15:57:93:16:f1:0f:
97:6a:b7:c2:68:23:1c:cc:4d:59:30:ac:51:1e:3b:
af:2b:d6:ee:63:45:7b:c5:d9:5f:50:d2:e3:50:0f:
3a:88:e7:bf:14:fd:e0:c7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 CRL Distribution Points:
DirName:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority/CN=CRL1

X509v3 Private Key Usage Period:
Not After: Aug 22 16:41:51 2018 GMT
X509v3 Key Usage:
Certificate Sign, CRL Sign
X509v3 Authority Key Identifier:
keyid:48:E6:68:F9:2B:D2:B2:95:D7:4

Reply | Quote

What error messages do you get when attempting to download mail now?

cheers, Paul

Reply | Quote

What error messages do you get when attempting to download mail now?

cheers, Paul

Hi, Paul!

Is your reply to my #11 post? If so, the error messages and the Certificate are posted in my lengthy post.

I REMAIN DESPERATE to be able to download ANY inbound G-mail account.

Both outbound G-mail and G-mail web mail continue to work fine.

Funk4Crunk

Reply | Quote

It wasn’t clear whether that was still the error message.
The certificate information is incomplete, you haven’t supplied the “Issued To” details.

When a certificate does not match the web site you should not trust it. This usually means broken web server configuration, or a hacking attempt. Work out what is wrong and get the correct certificate.

cheers, Paul

Reply | Quote

It wasn’t clear whether that was still the error message.
The certificate information is incomplete, you haven’t supplied the “Issued To” details.

When a certificate does not match the web site you should not trust it. This usually means broken web server configuration, or a hacking attempt. Work out what is wrong and get the correct certificate.

cheers, Paul

Paul, you are the *only* person who has replied on 3 different forums. Thank you so much!

This is the current error message:

This has been/continues to be my task status messages for all G-mail accounts (NOTE THE CAUSE: [200]:
“SSL Negotiation Failed. Certificate bad. Destination Host name does not match host name in certificate. But ignoring this error because Certificate is trusted. The connection with the server has been lost. Cause: [200]

I totally understand about a *website* security certificate.

However, this is G-mail security certificate error pops up *ONLY* downloading G-mail to my computer via Check Mail. Sending outbound G-mail and accessing G-mail web mail both work fine.

I have continued to spend HOURS UPON HOURS researching G-mail inbound security certificate errors AND NOTHING WORKS.

Reply | Quote

maybe

all the bad certs i have encountered were just that

out of date or some change was made and they did not get updated right

never had a hack found when we had a bad cert message

just got one that google cert is out of date

seems like google has a problem with their certs and this is not a hack issue with his email

It wasn’t clear whether that was still the error message.
The certificate information is incomplete, you haven’t supplied the “Issued To” details.

When a certificate does not match the web site you should not trust it. This usually means broken web server configuration, or a hacking attempt. Work out what is wrong and get the correct certificate.

cheers, Paul

Reply | Quote

You connect to different web sites to send and receive email, so the certificates must be different.

Incoming Mail (POP3) Server
pop.gmail.com

Outgoing Mail (SMTP) Server
smtp.gmail.com

cheers, Paul

Reply | Quote

You connect to different web sites to send and receive email, so the certificates must be different.

Incoming Mail (POP3) Server
pop.gmail.com

Outgoing Mail (SMTP) Server
smtp.gmail.com

cheers, Paul

Paul, thanks again for your reply.

That explains why outbound G-mail and G-mail web mail work, when inbound G-mail HAS BEEN TOTALLY FAILING SINCE JULY 23.

However, the critical issue remains: HOW DO I GET THE G-MAIL SECURITY CERTIFICATE FAILURE *FIXED*??

What if G-mail web mail security certificates had been failing , as well? (like when the G-mail security certificates EXPIRED for everyone in the past)?

I WOULD BE TOTALLY MISSING CRITICAL *LEGAL SERVICE* E-MAILS.

Thanks, again, Paul-

Funk4Crunk

Reply | Quote

Identical issues. I can only add that over the previous 2 days the login was intermittent – e.g. you could try a few times with your failure, but eventually Eudora (6.0 in my case) would download messages. I’ve seen this before, when the machine didn’t respond fast enough to the server…maybe Google reduced the timeout.

Paul, thanks again for your reply.

That explains why outbound G-mail and G-mail web mail work, when inbound G-mail HAS BEEN TOTALLY FAILING SINCE JULY 23.

However, the critical issue remains: HOW DO I GET THE G-MAIL SECURITY CERTIFICATE FAILURE *FIXED*??

What if G-mail web mail security certificates had been failing , as well? (like when the G-mail security certificates EXPIRED for everyone in the past)?

I WOULD BE TOTALLY MISSING CRITICAL *LEGAL SERVICE* E-MAILS.

Thanks, again, Paul-

Funk4Crunk

Reply | Quote

Identical issues. I can only add that over the previous 2 days the login was intermittent – e.g. you could try a few times with your failure, but eventually Eudora (6.0 in my case) would download messages. I’ve seen this before, when the machine didn’t respond fast enough to the server…maybe Google reduced the timeout.

SPECTACULAR!!!

MY EUDORA DOWNLOAD WORKS FOR ALL 10 OF MY G-MAIL INBOUND POP3 ACCOUNTS.

PLEASE SEE MY POST WITH *WORD DOCUMENT ATTACHMENT IN THIS THREAD:

https://productforums.google.com/forum/?utm_medium=email&utm_source=footer#!msg/gmail/LFHAZhX_gkw/auRqS2e37aIJ

FOR *ANYONE* GETTING A G-MAIL INBOUND CERTIFICATE ERROR, IT’S LIKELY THAT YOU NEED TO HAVE JUST RECEIVED THAT ERROR WARNING FOR THE FOLLOWING STEPS TO WORK.

THIS WAS THE FIRST TIME SINCE JULY 23, 2015 THAT ANY OF THEM DOWNLOADED G-MAIL AT ALL!

FIASCO PROBLEM SOLVED!!!!!

CRITICAL QUESTION:

WHAT DID *GOOGLE CHANGE ON OR ABOUT JULYH 23, 2015 IN ITS *OWN* POP3 SERVER SECURITY CERTIFICATES???

I THANK *EVERYONE* WHO POSTED ADDITIONAL INFORMAITON IN THIS THREAD!

THANK YOU! THANK YOU! THANK YOU!

Funk4Crunk

Reply | Quote

certificates are worthless and a big pain

cant you tell it to ignore the message and just do the email function anyway

we just got a message that googles certificate was bad so we used duckduckgo so my wife would not freak out over the message but we could have continued to google and used it just fine no matter what the certificate status was

the only thing causing problems for users worse than certificates is useless passwords

Reply | Quote

For years I have used Eudora as my email client, receiving and sending mail via several other servers including gmail, comcast, earthlink and others. As of two days ago, I am unable to download from gmail’s pop server. I am still able to send using the smtp.gmail server and can both send and receive using all other servers.
The ssl error shows only “unknown error”. I show no untrusted certificates, and have verified all settings. Several other have reported the same problem on the Gmail Help Forum, but no help so far. Any ideas?
All help will be appreciated.

===============
Eudora failed to accept a certificate on a new computer but two older ones continued to work fine. Because I had a windows 10 upgrade trashed by Norton I took it off and replaced it with Windows security essentials. The two older computers had learned the Certificate BEFORE THAT but the new one (newly restored win 7) would not accept nor manage the cox cert in any way. Two days. Turned SSL off and it worked.

Then I turned MS security real time off, turned Eudora SSL on, ran email on both personalities and Eudora was happy. I then turned MS real time protection and Eudora was still happy.

I don’t follow this blog much but would be interested in hearing of similar experiences. I didn’t turn on member email, but moderator email is on. I do have one protected email, EDITED OUT. Keep it private please.

Mod EDIT: removed the email addy, profile can be set to accept email/PM’s.

Reply | Quote