I use Claws Mail and I get repeated warnings that the gmail pop3 certificate has changed. During the past week i received three different certificates all claiming to be the pop.gmail.com certificate, each with a different fingerprint:
MD5: 77:2E:83:46:B7:FA:A7:8E:16:30:20:BC:32:4A:B7:5D
SHA1: 7E:FE:1A:5A:FD:15:1F:63:70:B9:81:9A:C9:EA:EF:EC:4A:42:59:46
MD5: 4B:8B:1C3:A8:4D:84:30:9D:C9:C7:47:61:C2:CF:86
SHA1: 7F:C7:46:5F:50:4E:2A:84:6B:E8:C6:4F:37:B6:34:52:34:B8:BF:77
MD5: C7:A6:CA:35:34:8A:EC:1E5:B4:91:88:C4:16:25:99
SHA1: 32:C89:C3:FA:34:A1:0C:7F:21:EB:6C:A1:7B:F3:75A:95:9E:93
Maybe gmail uses several certs but I decided to make sure. I got nowhere on the gmail questions forum so I looked in the Claws mail cert folder and found there is one of the gmail server certs and also a certificate chain which shows the root certificate is Geo Trust Global CA so I looked at the root certificates on the GeoTrust site. The fingerprints on the GeoTrust Global CA root certificate on that site do not match the fingerprints on the certificate chain I have.
Can anyone tell me is there something wrong here or not ?
I tried to upload the cert chain in its original format but that would not work so I attached it as a text file
MD5: 77:2E:83:46:B7:FA:A7:8E:16:30:20:BC:32:4A:B7:5D
SHA1: 7E:FE:1A:5A:FD:15:1F:63:70:B9:81:9A:C9:EA:EF:EC:4A:42:59:46
MD5: 4B:8B:1C3:A8:4D:84:30:9D:C9:C7:47:61:C2:CF:86
SHA1: 7F:C7:46:5F:50:4E:2A:84:6B:E8:C6:4F:37:B6:34:52:34:B8:BF:77
MD5: C7:A6:CA:35:34:8A:EC:1E5:B4:91:88:C4:16:25:99
SHA1: 32:C89:C3:FA:34:A1:0C:7F:21:EB:6C:A1:7B:F3:75A:95:9E:93
Maybe gmail uses several certs but I decided to make sure. I got nowhere on the gmail questions forum so I looked in the Claws mail cert folder and found there is one of the gmail server certs and also a certificate chain which shows the root certificate is Geo Trust Global CA so I looked at the root certificates on the GeoTrust site. The fingerprints on the GeoTrust Global CA root certificate on that site do not match the fingerprints on the certificate chain I have.
Can anyone tell me is there something wrong here or not ?
I tried to upload the cert chain in its original format but that would not work so I attached it as a text file