Ask a question

    Reply
    Posted Feb 10, 2013
    5:45:42 PM
    View profile
    Recently getting SSL Certificate error for inbound.att.net - bad signature

    The topic says it - starting a few weeks ago, every attempt to fetch pop3 mail gets me a popup with the following error:

    -----

    SSL Certificate check for inbound.att.net:

     

    Issuer:            CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
    Subject:           CN=inbound.att.net,OU=att.net Mail,O="AT&T Services, Inc.",L=Southfield,ST=Michigan,C=US
    Fingerprint:       3e:13:32:42:87:cb:12:f7:2b:84:bd:a7:56:27:3c:8c
    Signature:         BAD

    Do you wish to accept?

    -----

    I am retrieving mail just fine from a different email account on a different PC with similar settings (although with different email app).
      In this case, I am using Evolution under Ubuntu Linux.  Everything was working fine until a few weeks ago.  I know I could just accept the certificate, but I would really love to understand what the problem actually is before I sweep it under the rug.

     

    Thanks for any suggestions, preferably not pointing out I'm using "unsupported" software....

    Recently getting SSL Certificate error for inbound.att.net - bad signature

    3,332 views
    9 replies
    (0) Me too
    (0) Me too
    Post reply
    View all replies
    (9)
    0
    (0)
    • Rate this reply
    View profile
    Feb 11, 2013 8:52:07 AM
    0
    (0)
    Moderator

    ostroffjh,

     

         I have included a few links that will hopefully be of help.

     

    I'm having trouble with POP mail but it used to work

     

    Email server settings (POP and SMTP)

     

     

         If your still having trouble please feel free to send a private message to one of our ATTCustomer care specialists by using the following link. Please include your name, email address, phone number and the best time to be contacted. An ATT representative will reach out to you within 48 hours.

     

    Private Message

     

    James

    Did a post have a solution that worked for you? Help other people find solutions faster by marking posts that helped you as an "Accepted Solution". Learn about accepted solutions here.

    I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s position, strategies or opinions.

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    2 of 10 (3,298 Views)
    0
    (0)
    • Rate this reply
    View profile
    Feb 11, 2013 3:27:34 PM
    0
    (0)
    Contributor

    James,

     

    Thanks for the response, but netither of the links you provided were helpful.  I have not changed password recently, and the problem is collecting my sbcglobal.net email via pop, not using att/yahoo to collect other email.

     

    However, based on a bunch more searching, I am becoming more convinced that although AT&T/Yahoo might have made some recent change, the reason I am getting the error is likely due to a problem with the way Evolution is handling the SSL Certificates, and not with the certificate itself.  I'll pursue that path a bit further before I use your link for sending a private message.  One way or another, I'll post a follow-up when I have more information.

     

    Jack

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    3 of 10 (3,289 Views)
    0
    (0)
    • Rate this reply
    View profile
    Feb 14, 2013 9:50:50 AM
    0
    (0)
    Moderator

    ostroffjh,

     

         Yes a follow up post would be great, not only for myself but for many others that might encounter an issue like this as well.

     

     

    James

     

    Did a post have a solution that worked for you? Help other people find solutions faster by marking posts that helped you as an "Accepted Solution". Learn about accepted solutions here.

    I am an AT&T employee and the postings on this site are my own and don’t necessarily represent AT&T’s position, strategies or opinions.

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    4 of 10 (3,257 Views)
    0
    (0)
    • Rate this reply
    View profile
    Oct 25, 2013 5:30:56 AM
    0
    (0)
    Contributor

    Here we are 8 months later and I'm now having the same issue. Specifically, I've been using pop.att.yahoo.com for inbound on my Samsung Galaxy S (Verizon) cell. About a week or two ago I stopped getting my messages to the cell, although they are picked up by Outlook on the desktop. When I try changing it to inbound.att.net it says "cannot safely connect to server. org.bouncycastle.jce.exception . Could not validate certificate."  ATT says SENDING  is a "known issue" but my problem is receiving. Seems like it's been going on for quite a while...

     

    Any ideas? Does ATT know about this? ( I just sent them a private note...)

     

    Ed

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    5 of 10 (2,725 Views)
    0
    (0)
    • Rate this reply
    View profile
    Oct 25, 2013 5:49:07 AM
    0
    (0)
    Contributor
    Seems I'm not able to send either....

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    6 of 10 (2,722 Views)
    0
    (0)
    • Rate this reply
    View profile
    Mar 22, 2015 10:48:36 PM
    0
    (0)
    Contributor

    Same thing began happening to me on just one of the ATT_yahoo email accounts I use, all three in the same email client.  The other two (SBCglobal, also in ATT) connect fine as usual, but the att.net account with the server INBOUND.ATT.NET suddenly stopped checking mail, won't pass the SSL handshake and connect.  It gives a message that the CERTIFICATE is bad; "name on the destination host does not match the name on the certificate."  (Shows a big text box of info on that cert with a YES or NO choice as to trust it.)

     

    Knowing that Superfish was recently found in some namebrand tablet PCs, and that it contains the Komodia redirector crapware to pass SSL connections through untrusted parties, I don't choose to trust that cert.  After finding no actual answer on this forum I tried callling ATT support again for a simple YES or NO as to whether the CERT INFO shown is correct for their named server (name not shown on cert), or not to trust it.  Seems like a simple yes/no answer for ATT to reply as to a valid cert, but ...  no dice unless I buy paid support contract on pretext that my Eudora client (which works FINE otherwise) is the problem because it raised a flag. 

     

    I'll have to stifle any comments about the webmail interface and the interface on this forum which has lost/dumped my previous comments.  You can guess what I think, and all of us need to guess whether our SSL email connections are being monitored by (?) third parties or not.

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    7 of 10 (1,216 Views)
    0
    (0)
    • Rate this reply
    View profile
    Mar 23, 2015 10:24:47 AM
    0
    (0)
    ACE - Guru

    Not a clue if this helps any, but my understanding is, certificates do expire over time, and have to be renewed to keep them valad.

    Could be, someone in  thier it simply dropped the ball, and forgot to send the check, or for whatever reason, the certificate was altered.

     

    The bit of the NSA and other third parties snooping is a discussion for another venue.

    *The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    8 of 10 (1,202 Views)
    0
    (0)
    • Rate this reply
    View profile
    May 18, 2015 4:54:30 PM
    0
    (0)
    Tutor

    Same problem once again... 

     

    Server inbound.att.net certificate Verisign Class 3 Secure Server CA - G3 valid period 4/23/14 to 4/25/15. Now getting Internet Security Warnings in Outlook 2010 due to the expired certificate. 

     

    Tried to report it through UVerse Support Chat, but was told by Adolf to "take it to Microsoft"... couldn't even get them to refer it to Tier 2 were it would eventually be addressed. They told me they provide NO support for any email clients - I should use the Web Mail! Unbelievable!!!

     

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    9 of 10 (892 Views)
    0
    (0)
    • Rate this reply
    View profile
    May 18, 2015 8:13:43 PM
    0
    (0)
    Contributor
    You wrote:

    >Server inbound.att.net certificate Verisign
    >Class 3 Secure Server CA - G3 valid period
    >4/23/14 to 4/25/15. Now getting Internet
    >Security Warnings in Outlook 2010 due to the expired certificate.?
    >
    >?

    Yes, I had the same disgusting problem for 2
    months, and ISP's support was basically clueless
    other than telling me the [same] name settings to
    reach the mailserver --but problem was server
    certificate altho I don't think it was
    expired. (The CA name &type above rings a bell).

    Finally, I found a recent post on a blog that
    showed how to fix it, to people who have stuck
    with Eudora 7 email client (we are a fiercely
    loyal bunch!). However I haven't attempted the
    same approach yet in my wife's Outlook client-- I
    don't know the right Outlook menu/clicks. In
    either case I think it is the same in principle:
    need to drill down until you find the valid cert
    that the PC doesn't trust, then add that cert
    type to the recognized "certificate store" so
    that the PC will trust it. Maybe my terminology is a bit misapplied, but....

    To see good instructions for the process as it
    works in Eudora, see this blog page (assuming the
    link survives the moderators):
    http://blog.timeoff.org/rick/2015/01/07/eudora-and-ssl-certificate-failures/comment-page-1/#comment-52120

    Hope it helps, and that you can find how to apply
    it in Outlook. Incidentally, the cert I finally
    added to fix inbound.att, was listed as: US,
    Symantec Corporation, Symantec TrustNetwork,
    Symantec Class 3 Secure Server CA - G3 [It needs more than just the name.]

    In this situation, Symantec seems good enough to
    trust, --unlike Hong Kong Post Office.
    --D

    Re: Recently getting SSL Certificate error for inbound.att.net - bad signature

    10 of 10 (876 Views)
    Share this post
    Share this post