How to get rid of a fake certificate?

Discussion in 'macOS' started by Caezar, Aug 24, 2012.

  1. Caezar macrumors 6502

    Jun 9, 2004
    Between a rock and a hard place
    My mother is experiencing issues with Mail: she is constantly being told that the server is not verified.

    The certificate was issued by FortiGate CA, which is apparently not the right certificate for Gmail.

    When I check in the KeyChain, I do not find such a certificate. :confused: Thus, I do not know what do to. And I see that quite a few people faced the same issue, but no one posted a solution to get rid of it.

    I am thinking of reinstalling everything of her iMac. But before I do so, do you see another solution?
  2. ElectricSheep macrumors 6502


    Feb 18, 2004
    Wilmington, DE
    This is indicating a man-in-the-middle interecepting and possibly rewriting data between your mother and gmail.

    Now, Fortigate is a vendor for Firewall and Deep-packet-inspection security appliances. This could be legitimate behavior depending on the context.

    If you suspect that this is not the correct behavior, or that the should be no such security tool between your mother's iMac and gmail, then you should do some checks to make sure that someone isn't performing a malicious man-in-the-middle attack.

    The simplest thing you can check is the contents of /etc/hosts and /etc/resolv.conf for any suspicious IP -> hostname mappings or overriding DNS entries.

Share This Page