Cox Secure POP Changes

This morning, I notice that my Android was showing a certificate error trying to check email on my Cox ISP account.   Android wouldn’t display the certificate error or even the certificate of the service I’m connecting to.   A manager at work had the same issue but on the iPhone which did allow you to view the certificate so I was able to eyeball the certificate and note that the dates were correct.

When I got home, I set up Thunderbird and immediately saw the problem.   I was checking mail at, and the certificate was for   In the past, Cox for whatever reason had the POP over SSL users have a different address.

Cox has simplified its server addressing scheme to and    While they say that will continue to work, they apparently forgot about

It is never a good idea to “click through” certificate errors.   This is particularly true when it is a new error on a frequently used connection.   In this case it turned out to be a provider induced error rather than a man in the middle attack, but it is better to be safe than sorry.


Comments are closed.