Gmail no longer accepts self signed certs for pop3/ssl

As six of December Gmail has ceased to accept self signed certs for pop3/ssl/tls I don’t really know why, the help url offered by them is http://support.google.com/mail/bin/answer.py?hl=en&answer=21291&ctx=gmail#strictSSL

Always use a secure connection (SSL) when retrieving mail

As of December 2012, Gmail uses «strict» SSL1 security. This means that we’ll always enforce that your other provider’s remote server has a valid SSL certificate. We made this change to offer a higher level of security to better protect your information.

What are the SSL certificate authority requirements?

We do not accept self-signed certificates. For a certificate to be valid it needs to chain up to a valid CA, like one in the Mozilla CA list.

So this means effective today I only check for mail on machines that are paying for a signed certificate from a recognized CA Authority meaning at this moment $$ and worse, no small amount, yes, there are some el cheapo providers, but again could happen that Gmail also don’t trust them… I just guessing what is going to do Dreamhost as they also use self signed certs, and by the way this will broke their offer for mail integration, and mos probably for a lot of SOHO users… and finally for myself as my set up for reading mail on the web is now totally messed up, maybe is time to return to use IMAP on Thunderbird for on the road reading… as on home I still use Thunderbird/pop3 for archiving and long term storage…

update: 14/12/2012 Google support forums had lots of threads talking about this, but two of them are getting real attention, cause affects a lot of schools & colleges[1], and also business users angry for not receiving notice to plan on beforehand [2].

[1] How can I force use of self-signed SSL certificate.
[2] Strict SSL – We could have been warned.

Esta entrada fue publicada en Debraye, General, planetalinux, sysadmin, Web. Guarda el enlace permanente.

2 respuestas a Gmail no longer accepts self signed certs for pop3/ssl

  1. Pingback: GMail deja de aceptar certificados autofirmados para cuentas POP3/SSL

  2. Pingback: Arcane solution to new problems | El Cuchitril

Deja una respuesta

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

Este sitio usa Akismet para reducir el spam. Aprende cómo se procesan los datos de tus comentarios.