Welcome to Xfinity Help & Support Forums
Find solutions, share knowledge, and get answers from customers and experts

New to the Community? Start here.

5,872,120

members

1,462

online

28,719

topics

Top

bogus smtp SSL cert?

Regular Visitor

bogus smtp SSL cert?

I recently started receiving a certificate error when SSL handshaking with smtp.comcast.net port 465.  Despite spending over an hour on the phone with tech support, no one at Comcast could tell me whether the certificate, which I allegedly received from smtp.comcast.net was legitimate or not.  They could not verify the serial number.  They could not verify the thumbprint.  They could not tell me what the ip address(es) of smtp.comcast.net were.  Instead the 4 tech support agents [1]Did not know what a cert was, [2]Blamed windows, [3]Blamed outlook, [4]Told me to use webmail.  It is a sorry state when email users know more about security protocols than ISP tech support.

 

In the past, Comcast's smtp cert was signed by COMODO.  This suspicious cert is self-signed.  Is anyone else seeing this (below)?

 

-----BEGIN CERTIFICATE-----
MIIFYjCCA0oCCQCrw6Dc8GMeVjANBgkqhkiG9w0BAQUFADBzMQswCQYDVQQGEwJV
UzELMAkGA1UECAwCUEExFTATBgNVBAcMDFBoaWxhZGVscGhpYTEQMA4GA1UECgwH
Q29tY2FzdDETMBEGA1UECwwKQW50aS1BYnVzZTEZMBcGA1UEAwwQc210cC5jb21j
YXN0Lm5ldDAeFw0xODAzMTkxODQ4NDRaFw0yMzA5MDkxODQ4NDRaMHMxCzAJBgNV
BAYTAlVTMQswCQYDVQQIDAJQQTEVMBMGA1UEBwwMUGhpbGFkZWxwaGlhMRAwDgYD
VQQKDAdDb21jYXN0MRMwEQYDVQQLDApBbnRpLUFidXNlMRkwFwYDVQQDDBBzbXRw
LmNvbWNhc3QubmV0MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxoP9
vxcGHfXmS34zzWxuRmOBNHlwcqN7KIg0v9zUKgwh6BG1kysOqLJEG5QXP+ekp2iw
GMDT/bXHgZRpkkYONv92n9wRZjDHPf01apVIcT/12euTFrPPQX+jUiVMOWpKY8/0
H48meeZ8viSh4V1y37y7o0FxXjZU8KCYgtsoOuGbmo8MSL3w+B1qkmSIPfEAczEW
d5j00sHpapGvaR+jOeZTnkl2A/0Se3G5pxrMfJscPQv9YXAq0M/WPUz4X3TXjPix
3wPhyHd/EcQ7A3b1ihP0ypikLw99gNMopu0ILxXSRoy2BgNdwigM/Av+anXpNjZW
ttNRTkteoJYUof4jP6337zBITXNHZo/EtKtczb/3yTseP0477++SjkZ4zlvi3o8t
9s2Fh+gJUvFNsDGIvfffAHSImKy8gi7lyJ+gYOte/7euevLo70kjZNsRf9pSo/C6
aQZCuJ2w6MJGDIB9Lbzt0NMudQGjoPn00aKfPR7r9cautnG87CqYWhDcrL/hK4eq
bqZ5eykbvVSJszas8oBxWK79vQzGyzGLr0vrgzBm4n9j1VHv8z/AerAnR7hqfych
Ng7PULUumUN7zkFBveNC1r0DQUmxABmgNPXLGUfbYNweNo1tQtcA0ePsBHP90Y1d
XG6tdqV8b+1jTx9eN0+LjnGMn/ORpZZlC0bdmjsCAwEAATANBgkqhkiG9w0BAQUF
AAOCAgEAKQYGPoxZfjuDX2YkWIFrz+JaWxCpL02wlAjTdMmKpIPNkuVZ1x7CAYBg
HCkGNwli1KwOh6399omdCzM3DFezFJwL4S5Mlm2PbS5gkwT4VmWXWYWUTGu4fMe5
taPIn8v9U6S5gBG8K1p+xmFvuNPhxlGPe0M5wAATtnEa7YkvAimPSknTYg2KELzM
hvAJulVU5WlFt38Z6zkB88ImO1PloQwqimeefr5PuxdsU+U5gb+QEWl93Xxd+vZW
pFDFtPtnTMaM06XnPYFiXa+b8TcXi+iKf5oTDUZOuQXHViQGE2qNB6nSTG2+9EIJ
LuydnlG6EqKZHL4ixFazA49U2iq0KO5xAcxFMlqiCSXanJg+8BwKD22btKCglQSp
XhWtaUDc3eR5n8Ck4kTnPRESgZlK/EqTGLNzpV6cxpkr/GhuusGD6Wtua4C8j9TN
WfN7RDOUiH0fLKvsiFThlsx4DzzNqHzxs6FDnKH1vdUPS97c5GQhLBDK+RVBVQs5
TaYh7iQk0VxoAUxopky4R7eBxNsyAKempq1EgqYiOQHCXUBcODHg912uRQV4mpzu
p8NtpqgIyTSnMvsCE5/xgeUp/5SF6INH0VobnlwmAwxli8Wwym79GGgI+h+makSM
DKYWQ2Sjn3bUyJIPGFEW1CI064v4nXHoK+Px5arImVQalLg9LbE=
-----END CERTIFICATE-----

 

New Poster

Re: bogus smtp SSL cert?

Did you get any more information about this? We are getting a similar message when opening Outlook this morning. It worked earlier today.

Regular Visitor

Re: bogus smtp SSL cert?

Sort of...  I wiresharked a bunch of good SSL transactions.  The good cert chain involves 3 certs - COMODO CA, COMODO intermediate, and smtp.comcast.net leaf (attached below).

 

Since the error is intermittent, and at least one other person (you) has reported it, I am guessing it is not a MITM.  It is probably a badly-configured SMTP server that is being (infrequently) load-balanced into the transaction.  I did not add the cert to my trust store. 

 

-----BEGIN CERTIFICATE-----
MIIGCTCCBPGgAwIBAgIRAPCZ141YzdE5509dOjtN1TcwDQYJKoZIhvcNAQELBQAw
gZYxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTwwOgYD
VQQDEzNDT01PRE8gUlNBIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIFNlY3VyZSBT
ZXJ2ZXIgQ0EwHhcNMTYxMDEwMDAwMDAwWhcNMTgxMDEwMjM1OTU5WjCB+DELMAkG
A1UEBhMCVVMxDjAMBgNVBBETBTE5MTAzMQswCQYDVQQIEwJQQTEVMBMGA1UEBxMM
UGhpbGFkZWxwaGlhMRkwFwYDVQQJExAxIENvbWNhc3QgQ2VudGVyMRwwGgYDVQQK
ExNDb21jYXN0IENvcnBvcmF0aW9uMRgwFgYDVQQLEw9CdXNpbmVzcyBDZW50ZXIx
JjAkBgNVBAsTHUhvc3RlZCBieSBDb21jYXN0IENvcnBvcmF0aW9uMR8wHQYDVQQL
ExZVbmlmaWVkIENvbW11bmljYXRpb25zMRkwFwYDVQQDExBzbXRwLmNvbWNhc3Qu
bmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLkgKQUqw4MylCOb
wwzTyFkIoMN/NRNl6EY0zS+sjlYMFPplSULdfqs1tEcWZhCs+u1EkJN9+/juCtze
Z9c73yx8nTph0/KZ5ri9t55yu5xhtuDv2WsMJmqcTOHPXRSZt7abpsvNfxCb6IG2
YdPrBNqPyZPEJ6jnh3CY3qBbsreL4iR+UEGunSJAg2mRXHhx0/aYN3CTUetOcSBz
IwoFXPklptWCcm5VknK+BWqFtKlyt6nHW/o2qK74nLDgKNUgxR9pG/Bw48ZER1em
GsNlN2RVyOBtoAAG15x4vD2iFBVEe9A0q9HOJc9bGSNb6zuU4ZpCb+RpNq3kkqJC
pS6aJwIDAQABo4IB7DCCAegwHwYDVR0jBBgwFoAUmvMr2s+tT7YvuypISCoStxtC
wSQwHQYDVR0OBBYEFHz0nGUjqJ0rg0OQFz/hLkJ581OVMA4GA1UdDwEB/wQEAwIF
oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjBQ
BgNVHSAESTBHMDsGDCsGAQQBsjEBAgEDBDArMCkGCCsGAQUFBwIBFh1odHRwczov
L3NlY3VyZS5jb21vZG8uY29tL0NQUzAIBgZngQwBAgIwWgYDVR0fBFMwUTBPoE2g
S4ZJaHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBT3JnYW5pemF0aW9u
VmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNybDCBiwYIKwYBBQUHAQEEfzB9MFUG
CCsGAQUFBzAChklodHRwOi8vY3J0LmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdh
bml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3J0MCQGCCsGAQUFBzAB
hhhodHRwOi8vb2NzcC5jb21vZG9jYS5jb20wLQYDVR0RBCYwJIIQc210cC5jb21j
YXN0Lm5ldIIQc210cC54ZmluaXR5LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAFgSX
ls7EPDQkV8l4I2V/U+7NCXeqhQyaXzE9cwM9+LnbmXe6ABfpyNrMdVNJGQ2Y24Uq
pGGx56ouV/ppi8ZWyLs5C6HlXp/J8MZObwSdAT6ku3zeOikC6sehm7oA2taQvgJT
Hrw07eo11y4sJBnh0ZHL66fL87CdQYNSEEWKLmDAAbX2pIn7XQ/PleBJX3kcebWy
Zb4iJqXQfidU5MIsijtsdRmT0B3mHo5HaPUMvdM3wl63E0zpXrKa4ildfxS8zIZY
S1BkCzS6+RTRIJBLbhzbjZEUfQTt+ZTJizSmkF1xlkPOmSLK4Jy89RBWWqMM9GE3
4frXg/OP1EIlJyMgpw==
-----END CERTIFICATE-----

 

Official Employee

Re: bogus smtp SSL cert?

Are you still seeing these?




Community Icon
I am an Official Comcast Employee.
Official Employees are from multiple teams within Comcast: Product, Support, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am an Offical Comcast Employee.
Official Employees are from multiple teams within Comcast.
We ask that you post publicly so people with similar questions may benefit.
Was your question answered? Mark a Best Answer!solution Icon
Community Icon
I am a Comcast Employee.
Please post so people with similar questions may benefit.
Was your question answered?
Mark a Best Answer!solution Icon

Special Events
FIFA World Cup 2018 on Xfinity See More
Discussion stats
  • 3 replies
  • 219 views
  • 0 kudos
  • 3 in conversation