Incorrect website security certificate


#1

I know that we have probably all had this problem; however, I cannot find out how to correct it.

Using IE 11 with Windows 8.1, when accessing my web mail I receive this error message:

There is a problem with this website’s security certificate.

The security certificate presented by this website was issued for a different website’s address.

Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

We recommend that you close this webpage and do not continue to this website.

Recommended Click here to close this webpage.

Not recommended Continue to this website (not recommended).

More information More information


Okay, so how do I eliminate this annoyance? If Dreamhost is too cheap to get a proper certificate, perhaps I should be looking elsewhere for a carrier.


#2

The problems is not that dreamhost is too cheap for a proper certificate.

In order to avoid the error reverse DNS has to return the same domain name, therefore dreamhost would have to issue an IP address for every single webmail domain. Under IPv4 this would actually add to the cost since they would have to buy many many huge blocks of IP’s to fill the need. Under IPv6 things could change, but we aren’t quite there yet.

To avoid seeing the error, use webmail.dreamhost.com and for user you must specify your whole email address user@domain.com


#3

So now that we have SNI and Let’s Encrypt, why can https://webmail.mydomain.tld not get its own certificate? A certificate that is not issued for the domain is simply invalid. Browsers have been displaying security warnings for years. Future browser versions will probably stop allowing users to click the warning away.