New COMODO SSL Cert on Poseiden -- Incompatible with Mozilla Products

[tinnel]

The SSL Cert on Poseiden was recently changed as the old one was expiring. Good. The old cert was provided by DigiCert. The new cert provided by COMODO. The new cert appears to have broken many applications. Bad.

The Mozilla products (Firefox, Thunderbird, and Sunbird) allow a user to get a cert from a site that has a mismatched domain (e.g., cert says nocdirect.com but site says tinnel.net) and tell it to use it anyway. This has ALWAYS worked before. However, when you try to retrieve the COMODO certificate to add the exception, the following dialog is displayed:

SSL-error.JPG

I have been trying to explain this error to tech support through the ticket system. However, all I get back is "you must use .nocdirect.com". They seem totally clueless about how these security exceptions are SUPPOSED to work and unwilling to try to determine why this new cert is incompatible with these widely used Mozilla products. What gives?

I should note that this all started because the client email app on my cell phone will no longer work with SSL - coincident with the new cert being installed. This is likely the same or a related problem.

Is anyone else experiencing any issues related to COMODO certs here at JaguarPC?

[Frank Broughton]

give me a secure url on your server and I will see if it works for me with ff

[JPC-Rizwan]

tinnel ,

I am double checking the settings on this server/account to see if something is out of place which is resulting in this behaviour for your domain as no other clients from any other server have reported any issues with the new certificate. I will update your ticket with my findings.

[tinnel]

Problem found and solved with the Mozilla apps -- thanks to JPC tech support.

Cell phone email client still doesn't work.

[Ron]

I complained in a ticket and on the forum that my browser was unhappy with the new cert, but it did allow me to store the new exception.

[tinnel]

There was an issue because I have a dedicated IP. In other words, "I'm special". They fixed it.

The cell phone web client, OTOH, is not fixed. The only guess I have at this point is that the OZ email client (owned by Nokia) doesn't like to play nicely with COMODO certs. Just don't have enough info to say for certain. But the email client on my husband's Android works just fine with it.

[Ron]

Yup, lately there have been a lot of non-notified changes going on.