SSL Security Error
This article applies to Firefox, Thunderbird, Mozilla Suite and SeaMonkey.
"Security Error: Domain Name Mismatch" occurs if you make a secure connection to a server whose domain does not match the domain name in the certificate it uses. This is to inform you that the site you are trying to connect to may not be the site you wanted. It may also occur when a site changes their domain name but doesn't buy a certificate for the new domain.
"Security Error: Server Certificate Expired" occurs if the site's certificate expiry date is later than your system date. This may be caused by your system having the incorrect time, or by the certificate genuinely being expired.
In both cases, you should make a judgment as to whether you still want to trust the server for what you want to use it for. For example, it may not be a good idea to send your credit card information to a site with either of these problems, but it may be acceptable for posting on a forum. If you trust the server, you can can get rid of the alert by installing the Remember Mismatched Domains extension for Firefox, Thunderbird 2.x, or SeaMonkey. It adds a "Don’t warn me again about this certificate for this domain" checkbox to the Domain Name Mismatch and Server Certificate Expired warning windows. Thunderbird 3 supports adding a security exception.
Related bugs
- Support network-fetched cert import in Servers tab of Cert Mgr ("Add Exception" dialog)
- Add security exception" dialog is useless talks about the security exception not working due to a missing realhostname, and how you can get it to work by adding it.