SSL server mail.mac.com? Help

Discussion in 'Mac Basics and Help' started by eyedoc_00, Mar 1, 2007.

  1. eyedoc_00 macrumors regular

    Joined:
    Jun 25, 2005
    #1
    Can someone help me with this? Should I be worried? Can I choose continue?

    Thanks
     

    Attached Files:

    • ssl.jpg
      ssl.jpg
      File size:
      84 KB
      Views:
      25
  2. djdawson macrumors member

    djdawson

    Joined:
    Apr 28, 2005
    Location:
    Minnesota
    #2
    My guess is you're having keychain problems. If you open the "Keychain Access" app you should see a few certificates for Verisign in your "X509Anchors" keychain. If this is missing, that's why your system can't verify the "mail.mac.com" cert. As long as you're running Keychain Access, I'd suggest running the "Keychain First Aid" utility under the "File" menu (assuming you have Tiger - in previous versions of OS X I think it was in the /Applications/Utilities folder). This is like Disk First Aid for your Keychain, which is where certificates and other secure items like passwords are stored.

    If you do have Verisign certificates (I have 4 in my keychain), then I'd be suspicious. One of the obvious ways to hijack a site is to modify the local "/etc/hosts" file and/or your DNS server IP addresses to point at bogus servers. Either of these approaches would allow someone to redirect your traffic to their own site without your knowledge. As a test, do a "ping -c 1 mail.mac.com" in the Terminal and look at the IP address it tries (the ping will timeout, but that's OK - all we want is the IP address - you can use other utilities like "dig" if you're comfortable with them). FYI, the IP address I get is 17.250.248.152, which is probably what you should see as well. If you don't, then there could be something more nefarious going on.

    Personally, I suspect this is going to be a Keychain issue, but it's worth figuring out what it going on. If someone is hacking your system the risk is that they will be able to learn your mac.com username and password, so if that would be a problem for you I'd get to the bottom of this before clicking the "Continue" button.

    HTH - Good luck!
     

Share This Page