Certificate domain mismatch error when connecting to a DreamHost mail server

You may receive a "domain mismatch" warning or an error when connecting to a DreamHost mail server if you use your OLD DreamHost mail server subdomain. For example:

mail.example.com

The following information shows you how to resolve this situation.

Solution— Connect directly to your DreamHost mail server

In the past, it was possible to use mail.example.com to connect (where example.com is your actual domain name). Due to how modern mail clients handle security, this is now NOT recommended as it may throw connection errors. Please ensure you are only using your mail server name when connecting. This should be one of the following, depending on if you're using IMAP or POP to connect.

  • imap.dreamhost.com
  • pop.dreamhost.com

Trusting the certificate in Mac Mail or iPhone

On January 19, 2017, DreamHost updated the SSL certificates on all mail servers. Because the SSL certificate was updated, a message appears if you're using your site's mail subdomain (mail.example.com) instead of the mail server (as shown above).

You can either change the servername you use with the instructions above, or accept the new certificate in your mail app. This certificate is completely safe for you to accept. Once your mail client saves the new certificate, your email client functions normally again.

Mac Mail users: There have been a few reported issues with Mac Mail not saving the new certificate at first. You may need to accept the certificate several times with the 'Continue' button. Some users report that after a few tries, the certificate is saved. If it still cannot connect after these attempts, make sure you use the mail server name on your account (e.g., imap.dreamhost.com or pop.dreamhost.com).

iPhone (iOS) users: Open 'Settings > Mail > Accounts', tap the account and address, and then re-enter the hostname. If this doesn't work, try setting up email as a new account. Go to 'Settings > Mail > Accounts > Add Account'. If the message 'Cannot Verify Server Identity' appears, tap the 'Details' option below that message, and then tap the Trust button in the top-right corner:

IPhone7.fw.png

Be sure to save your changes. If needed, repeat this process 2–3 times to take effect permanently. You should also use your mail server name. Visit the setting up email on an iPhone for more information.

If you need further help

In rare cases, Mac OS may retain past SSL certificates despite the Mail account having been removed and Keychain Access being emptied of related certificates and passwords. If you find that any of the above steps do not resolve the issue, try removing your account completely from Mail, clear out Keychain Access of *mail.dreamhost.com certificates, and remove any saved passwords for your account. Then, reboot your Mac to flush any remaining configuration of the account from your system. Once the machine logs back in, you can proceed to re-add your email account in Mail.

Apple Support can provide the best assistance with Mac Mail issues. Apple technicians are the experts when it comes to Apple software.

See also

Did this article answer your questions?

Article last updated PST.