Certificate domain mismatch


#1

I have a user that has Outlook 2007 on Windows Vista, as his email client. He would like to get rid of the prompt about the domain mismatch. I have followed the steps outlined in http://wiki.dreamhost.com/Certificate_Domain_Mismatch_Error but it doesn’t offer any suggestions for Outlook users. It seems to me that the wiki used to offer steps to follow for Outlook but now I’m not seeing them.

I have tried editing the hosts file to include: 69.163.253.135 sub4.mail.dreamhost.com, as we’re on sub4. I also flushed the DNS cache and still outlook prompts about the mismatch.

Using Thunderbird would be SO much easier, but no one here likes change. LOL


#2

In the wiki article you linked follow the instructions in the section titled “connecting directly to your mail server”.

Basically you need to change from using “mail.yourdomain.com” in outlook to the correct “homie” name of your dreamhost mail server.

FYI - you’d get the same error on TB unless you did the same thing with the hostname.


#3

I did change the address to sub4.mail.dreamhost.com. Outlook still prompts every time. As noted in the wiki, TB creates an exception and once you’ve created the exception, it doesn’t ask you every time you connect.


#4

Not sure what’s wrong. What does it show when you view details of the error/warning? Is it still saying the certificate belongs to *.dreamhost.com? What domain does the error detail indicate is being contacted, that doesn’t match *.dreamhost.com?

I’m currently using Outlook 2013 which has a much different GUI than 2007, so posting a screenshot won’t help you. I’ve previously used Outlook 2007 however using the alternate host method. The fields in Outlook2013 that need to be changed are “Incoming Mail Server” and “Outgoing Mail Server (SMTP)”. They are in a dialog titled POP and IMAP account settings.

Did you completely restart outlook after making the change? Open task manager and make certain its not still running after closing the window (it usually is).

The cause of the warning is that mail.example.com doesn’t match who the certificate is issues to *.dreamhost.com. If you are getting the “Incoming Mail Server” and “Outgoing Mail Server (SMTP)” correctly updated, there should be no way for you to continue to receive the mismatch error.

In MY opinion, TB does it wrong if it lets you permanently accept a domain mis-match warning. That defeats the purpose of having a certificate. If you can permanently accept a domain mismatch warning, then the server on the other end could be anything.


#5

I’m getting this prompt in Outlook 2007, 2010, and 2013.

This is what i want to not see any more. I have the incoming server set as sub4.mail.dreamhost.com. Do I need to also use this as the outgoing server as well, in order to not see this prompt


#6

I answered my own question. using sub4.mail.dreamhost.com for both incoming and outgoing server addresses got rid of the prompt.


#7

Perfect.