Tiger & Root Certificate

M

maynardco

Ever since upgrading to Tiger, Entourage gives the following warning
the first time I attempt to download emails from my ATT account:
"unable to establish a secure connection to
ipostoffice.worldnet.att.net because the correct root certificate is
not installed. warning."

Email appears to work fine after accepting the warning. But I would
like to fix the problem.

Thanks,
 
D

David Newman

Ever since upgrading to Tiger, Entourage gives the following warning
the first time I attempt to download emails from my ATT account:
"unable to establish a secure connection to
ipostoffice.worldnet.att.net because the correct root certificate is
not installed. warning."

Email appears to work fine after accepting the warning. But I would
like to fix the problem.
Click to expand...

I had the same problem concurrent with another problem in Tiger: My system
thought I was in GMT timezone, even after I'd set the correct timezone in
System Preferences.

Timezone is set in /etc/localtime, which is a symbolic link to the actual
timezone file. I deleted the symlink file and created a new symlink. That
fixed both my time and my mail error problem.

I have no idea why these two issues are connected, but at least for me
fixing the time issue also cleared the certs problem.

dn
 
M

maynardco

Thanks for the response David. May I ask a favor of you to walk me
through the deletion and recreation of the symlink? I found
/etc/localtime, but need instructions to move forward.

Thanks in advance.
 
D

David Newman

Thanks for the response David. May I ask a favor of you to walk me
through the deletion and recreation of the symlink? I found
/etc/localtime, but need instructions to move forward.
Click to expand...

Alas, I spoke too soon. I'm now having that cert problem with Entourage
again, even though I've resolved the GMT-only time issue.

You only need to fix the /etc/localtime symlink if, under System
Preferences/Date & Time/Time Zone, the system will accept any input but then
go back to GMT.

If that is the case (it was on my system after the Tiger upgrade), then do
this:

1. Open Terminal.app

2. cd /etc

3. ls -l localtime

you should see something like:

lrwxr-xr-x 1 root wheel 39 May 1 15:12 /etc/localtime ->
/usr/share/zoneinfo/America/Los_Angeles

where the file to the right of the "->" symbol is the target of the link.

4. Delete the symbolic link:

sudo rm /etc/localtime

NOTE: You MUST have sudo working on your system. I forget how that's set up
or indeed whether it requires additional steps. sudo will prompt you for
your password.

5. Restore the symbolic link:

sudo ln -s /usr/share/zoneinfo/America/Los_Angeles localtime

substituting your local timezone for
"/usr/share/zoneinfo/America/Los_Angeles" of course. You can browse the
/usr/share/zoneinfo directory tree to find the nearest timezone file.

dn
 
D

David Newman

I'm sorry to say my previous email about timezone problems was wrong. I
fixed the timezone problem and I'm still having the same issue as maynardco
reports -- I get network connection errors when trying to contact my local
IMAP and SMTP server.

This worked fine under Panther and I've changed nothing on the server side.

The server uses certs. Under Panther, I'd installed the root CA cert under
X509 anchors in Keychain Access, and the mail server's cert using the MS
Cert Manager. Again, no problems in Panther.

I should also mention that the server is NAT'd behind a firewall. I am now
having problems when I try to access the server on the same side of the
firewall. The problem clears when I change the account settings to point to
the server's IP address but that won't work outside the firewall because the
address is non-routable (changing settings also flushes all the IMAP
folders).

The mail server's cert is for the hostname visible outside the firewall.
However, we run split DNS here so the same hostname also resolves
internally.

Any idea how to fix this?

thanks

dn
 
M

maynardco

How did you know you had a timezone issue? What were the symptoms?

I am also following this issue via Apple's discussion sight. Apple's
iMail has the same certificate issue as Entourage.
 
D

David Newman

How did you know you had a timezone issue? What were the symptoms?
Click to expand...

My system time was always listed in GMT time, even after I'd reset the
timezone.

I thought this was related to the certs issue, but it's not. I'm still
having the same cert problem you are.

dn
 
M

maynardco

It appears my Safari, Entourage and iMail certificate problems were
related. Find the "Apple:Support:Discussion:Topi c:Safari for Tiger
not
letting me into password protected sites" discussion. The solutions
described by Makar and Rokkam (2 entries) worked for me.
 
Top