Bug 3918 - Claws presents 1y old certificate as new and asks for exchange
Summary: Claws presents 1y old certificate as new and asks for exchange
Alias: None
Product: Claws Mail
Classification: Unclassified
Component: Other (show other bugs)
Version: 3.15.1
Hardware: PC Linux
: P3 normal
Assignee: users
URL: https://posteo.de/site/impressum
Depends on:
Reported: 2017-11-16 23:14 CET by codejodler
Modified: 2018-01-22 23:37 CET (History)
0 users

See Also:

Certifificate change request (claws popup) (106.46 KB, image/png)
2017-11-16 23:14 CET, codejodler
no flags Details
Cert update request when receiving POP (103.48 KB, image/png)
2018-01-21 20:17 CET, codejodler
no flags Details
Cert update request when Sending POP (111.33 KB, image/png)
2018-01-21 20:18 CET, codejodler
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description codejodler 2017-11-16 23:14:54 CET
Created attachment 1813 [details]
Certifificate change request (claws popup)

Claws version 3.15.1-dirty on Debian Linux buster/sid (testing)

POP account with defaults, and according to the posteo staff, correctly configured.

A couple of days ago, claws presented me with this popup (attachment). I verified the keys on the posteo homepage

To avoid confusion i should note that the dates in question are 2017-01-22 and 2018-01-22 (as in January 22nd).

A call back on the posteo staff turned out that they had no cert change recently, and the 2018-01-22 one is already in use since long.

I've no extra certs installed manually and i don't know why this is happening.
Comment 1 Paul 2017-11-17 09:35:46 CET
For whatever reason, it appears that the posteo.de server presented you with an old certificate.
Comment 2 codejodler 2017-12-08 20:32:31 CET
Well, i exchanged several mails with them and they still insist that they really, really didn't.

What are my options to get behind this ?
Comment 3 Paul 2018-01-18 14:45:27 CET
There's nowhere to go with this. Claws Mail gets the certificate from the server. posteo say they didn't offer an old cert, so that's a stalemate.
Comment 4 codejodler 2018-01-21 20:17:56 CET
Created attachment 1837 [details]
Cert update request when receiving POP
Comment 5 codejodler 2018-01-21 20:18:36 CET
Created attachment 1838 [details]
Cert update request when Sending POP
Comment 6 codejodler 2018-01-21 20:27:46 CET
I agree it's a stalemate.

I got the same issue todasy and asked the provider again about it.

A couple of weeks ago, i asked Posteo if some weird type of man-in-the-middle could be involved, but they can't imagine. 
Do you think there could be something like this going on ?

But i'm ok with closing the bug (for now).
Comment 7 Paul 2018-01-21 20:54:22 CET
Your 2 latest screen shots don't show the same issue. They both look entirely expected - posteo have replaced the cert that expires on 22-Jan-18 with a new cert which expires on 22-Jan-19.
Comment 8 codejodler 2018-01-22 23:37:50 CET
Ah, uh ... sorry, apparently my mistake.

At least now we know how it looks normally ... ;| 

Anyway, provider's launched now a regular 'cert change' page on their site, probably for hypocrites like me ...