firefox doesnt trust x10hosting security certificates

[jhw75]

firefox doesnt trust x10hosting security certificates: it says they are not signed by a trusted authority ( at least, one that it knows about ), so it warns me strongly not to use cpanel, and forces me to use a "security exception"

[Darkmere]

I think it is because the certificate is outdated, not sure.

[Corey]

What is the URL you are getting this at?

[descalzo]

https://chopin.x10hosting.com:2083/

and

https://69.175.6.67:2083/

Edit/Add

https://boru.x10hosting.com:2083/ also throws a security exception on FF

[henk506673]

it also does the same thing on starka but nothing to worry about

[leafypiggy]

I'm sure it will all be sorted out soon. In the meantime, there's no risk in using cPanel or any services your browser says don't have a valid SSL Cert.

[cyberneticsoldier]

I have no issues with FF on http://stoli.x10hosting.com:2082/ Not sure if that'll be of any use but I figured I might as well report it.

[jhw75]

What is the URL you are getting this at?

boru.x10hosting.com:2083 & boru.x10hosting.com:2096.

here is example firefox msg:

This Connection is Untrusted

You have asked Firefox to connect
securely to boru.x10hosting.com:2083, but we can't confirm that your connection is secure.
Normally, when you try to connect securely,
sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified.

What Should I Do?

If you usually connect to
this site without problems, this error could mean that someone is
trying to impersonate the site, and you shouldn't continue.

Technical Details

boru.x10hosting.com:2083 uses an invalid security certificate.
The certificate is not trusted because no issuer chain was provided.
(Error code: sec_error_unknown_issuer)

I Understand the Risks

If you understand what's going on, you
can tell Firefox to start trusting this site's identification.
Even if you trust the site, this error could mean that someone is
tampering with your connection.
Don't add an exception unless
you know there's a good reason why this site doesn't use trusted identification.

[Avegaille]

I get those messages too the first time I log into my cpanel, so I had to allow firefox to open it...

I also want to add to this that some people viewing my site says that my site is listed under an attacking site and that their firewall/anti-virus blocks my said site.

And even google has tagged it as an attacker site (according to them) but it isn't... so I'm wondering why... o__o

[jhw75]

additional info: when i tried to test fetchmail with my email account, fetchmail didnt like the certificate either:

fetchmail: Server certificate verification error: unable to get local issuer certificate
fetchmail: This means that the root signing certificate (issued for /C=US/OU=Domain Control Validated/O=*.x10hosti
ng.com/CN=*.x10hosting.com) is not in the trusted CA certificate locations, or that c_rehash needs to be run on th
e certificate directory. For details, please see the documentation of --sslcertpath and --sslcertfile in the manua
l page.
fetchmail: Server certificate verification error: certificate not trusted
fetchmail: Server certificate verification error: unable to verify the first certificate
fetchmail: Warning: the connection is insecure, continuing anyways. (Better use --sslcertck!)

apparently, what i need is the CA certificate for x10hosting's security certificates: where would i find this ?

suggestion: x10hosting either should use a well-known "trusted CA", as appearing in various "rootcerts" distributed by vendors such as mozilla, etc, or should publicize that they do not, and provide the necessary CA certificate and instructions for those who dont know what to do with it.