• After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.

Help IMAP Cert problems are showstopper

L

LexD

Lurker
Connecting to my IMAPS server(from the Incredible) always fails . Prior threads recommend "SSL when available" as a solution. The DI does not offer that option.
Tracing the connection attempt with ssldump, shows that the client (DI) throws an "SSLalert" packet to the server after completing the SSL handshake and then closes the connection.

No message is presented to the user! The setup just stalls and never proceeds to the outbound server.

I am looking for the Cert store within Android, or methods to add my own Root cert to the store. My server works with browsers, iPhone, iPod Touch, and an older Motorola Droid.

I have 3 weeks to solve this or this puppy goes back to VZW.
 
Im not sure if this is what your looking for but you can try.

menu>settings>security>install from sd card
 
Agreed, I'm shocked this is a problem. The stock Android email has the option of SSL (accept all certificates), but the HTC version doesn't.

Our organization uses GoDaddy and the issuer of the cert is valicert.com. Anyone else having troubles with this combo?
 
not entirely sure if this is a solution, but you can try k-9 mail (it's based on the stock android mail client) and it lets you accept self signed certificates so it will probably prompt you to accept godaddy-valicert certs.

fwiw i did try the htc mail with a server that uses godaddy certificates and it worked fine. the server has to send the entire chain.
 
I worked with verizon tech support on this today. It has been bumped up to HTC because they were able to duplicate the issue with a test phone. I use ssl at work and after hitting next at the incoming mail server settings page, it just goes back to the page. That is with manual setup, with the wizard it errors out with a "no response from mail server" message. The mail setup worked fine on my eris and still does on my wifes eris ( we both work for the school system here) The incredible is not accepting the certificate for some reason. I told him we have about 20 days to solve or I'll have to go back to the eris. I really hope they fix it because this phone kicks the eris's ass in every other way.
 
At my place of work, neither of Verizon's HTC andriod phones work. I've tested with the Android emulator, version 1.6 and 2.1 and all is well. The latter two both have the SSL accept any certificate option whereas the HTC Sense ones do not.
 
btw- are the certificates in question wildcard certs?

i can see the problems with self-signed certificates. couldn't replicate this with regular godaddy or godaddy ucc certificates and htc mail app. don't have a server with wild card certs to test this out.
 
xyzsb said:
btw- are the certificates in question wildcard certs?

i can see the problems with self-signed certificates. couldn't replicate this with regular godaddy or godaddy ucc certificates and htc mail app. don't have a server with wild card certs to test this out.
Click to expand...

I can't say for sure, but I'm guessing ours is using wildcard certs. Our secure web sites and email use the same domain.
 
There was a similar thread and someone came up with a solution and posted on the HTC community forums. I'm pasting in my summary of the solution here:

There was another thread several days ago about this, and a solution was posted. I have a Dreamhost hosted domain for my e-mail, and wanted to use SSL authentication for encrypted communication with the server, and had a similar certificate problem. Basically, the solution is:
1. Connect your phone to the Internet via your Wifi router.
2. Unplug your cable/dsl modem from your Wifi router so you can't access the Internet.
3. Do the mail setup -- when Mail can't access the Internet to check your server settings, it will tell you, and you have the option to continue anyway. Do so.
4. Once mail setup is complete, plug your cable/dsl modem back into the Wifi router.
5. Launch mail. When it tries to connect using the settings you put in, it will now ask you if you want to accept the certificate. Once you accept, you'll never have to do it again.
It seems like the problem is just that the Mail app doesn't give you this option during the setup process. It doesn't even tell you why it won't accept your settings -- it just doesn't move on to the next step. Pretty annoying issue.


Here's a link to the thread where someone originally posted a solution: Sense Mail application does not accept self signed certificates? - DROID INCREDIBLE by HTC (Verizon) - Android Forums - HTC Community



Nick
 
I have my mail working. I went into Setting/Applications and then checked the unknown sources box. I went through my mail setup again and this time it prompted me with certificate acceptance warning. I accepted and all is well. I went back and unchecked the box and my mail works fine.
 
Heavi5IDe,

Much Thanks! Secure IMAP is now working as long as I stay on this side of the pond.

Let's Go!
 
This workaround is not working for me.
I can configure the IMAP account unpluging the DSL cable but when I plug it again and check it for incoming mails, the same warning that appeared during the setup (having pluged the DSL cable) appears now and even if I click on "continue" it remains warning me... :(
 
You must log in or register to reply here.
Back
Top Bottom