Pages: 1
RSS
Certificate expired - The Bat! Pro 6.24
 
Hello,

I've just run into a situation with The Bat! Pro v6.24 and Outlook.com (Hotmail).  It appears that the certificate has expired.  Is there a source where I can download and install a new certificate?

Following is the account log:

29/01/2014, 15:23:52: FETCH - Initiating TLS handshake
>29/01/2014, 15:23:53: FETCH - Certificate S/N: 1121E5D2F8EB30BEF32A61A5BF8D982FBE6F, algorithm: RSA (2048 bits), issued from 4/24/2013 8:35:09 PM to 4/24/2016 8:35:09 PM, for 4 host(s): *.hotmail.com, *.live.com, *.outlook.com, hotmail.com.
>29/01/2014, 15:23:53: FETCH - Owner: "US", "Washington", "Redmond", "Microsoft Corporation", "*.hotmail.com".
>29/01/2014, 15:23:53: FETCH - Issuer: "BE", "GlobalSign nv-sa", "GlobalSign Organization Validation CA - G2".
>29/01/2014, 15:23:53: FETCH - Root: "BE", "GlobalSign nv-sa", "Root CA", "GlobalSign Root CA"
!29/01/2014, 15:23:53: FETCH - TLS handshake failure. Invalid server certificate (This certificate has expired).

Thanks!

Jan
Edited: Jan Smoller - 29 January 2014 06:29:04
 
Seconded.
It's really frustrating.
 
Hello Alexandros,

As a temporary measure you can switch to the Microsoft CryptoAPI.  Options>S/MIME and TLS.  Click the radio button Microsoft CryptoAPI (Microsoft certificate store) then OK.  Hotmail/Outlook/Windows Live should work again.

Hope this helps.

Regards,

Jan
 
Same here, I cant connect to my local provider, it looks pretty the same (PL version):

>2014-01-28, 20:44:35: FETCH - Nr certyfikatu: 1121D8630149F15ACE3109ACD767B39FECDA, algorytm: RSA (2048 bitow), wazny od 2014-01-08 14:28:02 do 2017-01-08 14:28:02, dla 1 węzłów: post.pl.
>2014-01-28, 20:44:35: FETCH - Wlasciciel: "PL", "Domain Control Validated", "post.pl".
>2014-01-28, 20:44:35: FETCH - Wystawca: "AlphaSSL", "AlphaSSL CA - G2".
>2014-01-28, 20:44:35: FETCH - Glowny: "BE", "GlobalSign nv-sa", "Root CA", "GlobalSign Root CA"
!2014-01-28, 20:44:35: FETCH - Błąd fazy potwierdzania TLS: Niewazny certyfikat serwera (Ten certyfikat wygasl).

Its problably global problem, few others peoples:
http://thebat.pl/forum/viewtopic.php?id=1481&p=7


I tested it on version 5 and 6.
 
Quote
Jan Smoller wrote:
Hello Alexandros,

As a temporary measure you can switch to the Microsoft CryptoAPI. Options>S/MIME and TLS. Click the radio button Microsoft CryptoAPI (Microsoft certificate store) then OK. Hotmail/Outlook/Windows Live should work again.

Hope this helps.

Regards,

Jan
Thanks for replying Jan, it works indeed :)
I'd still prefer a permanent solution though - the way I see it, yours is just a workaround, isn't it?
 
Ok Alexandros,

Yes, this was temporary.  

Here is the procedure for a permanent solution.  This is from the Ritlabs Polish forum:

"There is no need to change the configuration of The Bat! because the cause of problem is the loss of validity of the certificate from GlobalSign Root CA, which quite often occurs as a principal in the paths of certification. Certificate expired on 28/01/2014, but it's new.

1 Download the new certificate file (. Crt), available at http://secure.globalsign.net/cacert/Root-R1.crt
2 Open the address book in The Bat!
3 Choose a Trusted Root CA certificates
4 Search the database entry "GlobalSign Root CA" and open the entry
5 In the "Certificates" button "Remove" to remove the old certificate valid until 28.01.2014
6 Import the new certificate from the downloaded file. "

I followed this procedure and it does indeed correct the expired certificate problem.  Don't forget to switch back to TB internal certificate processing.

Regards,

Jan
Edited: Jan Smoller - 31 January 2014 03:04:10
 
Quote
Jan Smoller wrote:
switch back to TB internal certificate processing.
Thanks, I was having this problem too and your advice solved it.

Just one follow-up question, as I am unfamiliar with certificate handling: how do I 'switch back to TB internal certificate processing' ?

Thanks.
 
Options>S/MIME and TLS, then click radio button Internal Implementation.

EZ...

Regards,

Jan
 
Jan, you're a life saviour :)
 
Quote
Jan Smoller wrote:
Options>S/MIME and TLS, then click radio button Internal Implementation.

EZ...

Regards,

Jan
Thanks - all sorted now.
 
Anyway, version 6.2.8 resolves this issue.
 
Unknown CA Certificate  -- The Bat Email Client (Professional Edition Version 3.0)

Anyone has success configuring the Bat with out receiving and sending a "Unkown CA certificate" via Yahoo.

Screen shot:
The server didn't provide a root certificate during the session, and there is no corresponding root certificate in your address book. this connection may not be secure. Please contact your server administrator. Continue anyway?


Account log:
FETCH - Initiating TLS handshake
FETCH - Certificate S/N: 0A50D3D2EFF8A56E0EDB2392CE8B38CB, algorithm: RSA (2048 bits), issued from 26 September 2013 to 24 November 2015, for 20 host(s): legacy.pop.mail.yahoo.com, pop.mail.yahoo.de, pop.mail.yahoo.fr, pop.mail.yahoo.it, pop.correo.yahoo.es, pop.mail.yahoo.com.ar, pop.mail.yahoo.com.br, pop.mail.yahoo.ca, pop.mail.yahoo.com.au, pop.mail.yahoo.co.id, pop.mail.yahoo.co.in, pop.mail.yahoo.co.th, pop.mail.yahoo.com.hk, pop.mail.yahoo.com.my, pop.mail.yahoo.com.ph, pop.mail.yahoo.com.sg, pop.mail.yahoo.com.vn, pop.mail.yahoo.co.kr, pop.mail.yahoo.com.tw, pop.mail.yahoo.in.
FETCH - Owner: US, CA, Sunnyvale, Yahoo! Inc., legacy.pop.mail.yahoo.com.
FETCH - Issuer: US, DigiCert Inc, www.digicert.com, DigiCert High Assurance CA-3.
FETCH - TLS handshake failure. Invalid server certificate (The issuer of this certificate chain was not found).


Otherwise it sends and receives...I see this message each time I send or receive ...I click OK to continue and it works fine.

Thanks,

Wendy
Edited: wendy - 07 February 2014 04:15:25
 
Quote
Alexandros wrote:
Jan , you're a life saviour
Super! work perpect
eLUXURY online store
 
I have been using TheBat! 3.0 Prof. forever without any problems.  Then, all of a sudden, I get the TLS handshake failure - unsupported certificate  .  I followed the instructions in post #6, but without success.  Anything else I should be looking at, any other suggestions??  I miss my email client!!  Thanks, in advance.  
Edited: space quakes - 26 April 2015 20:51:28
 
Thanks Jan Smoller (post #3), your solution works fine.
Pages: 1