Sometime in the next 24 hours we'll be changing over the SSL certificate for to a new one. In theory, users shouldn't notice any change at all. However there are two changes in the new certificate that might affect some users.

  1. We're changing our SSL provider from
    Thawte to
    Digicert. Some users using older devices
    may have had to install the Thawte root certificate into their
    device to be recognised properly. Those devices may also be missing
    the Digicert root certificate. A copy of the Digicert root
    certificate can be downloaded from (It's actually a
    chained certificate, and the correct root to use is Most
    devices that don't recognise the Digicert certificate by default
    should allow you to install a root certificate from the above URL.
  2. We're changing from a pure certificate to a
    wildcard * certificate. Some old devices may
    not understand wildcard certificates properly. For those devices,
    we've included as a "server alternate name"
    in the certificate, which should work.

We've checked that compatibility with this new certificate should be good, but as always, there are edge cases and some users may have issues. If you do have any problems, please email me directly at with details of the device you're using and the error
you're getting.

The reason we're changing is that Digicert offer more flexibility with their SSL certificates, such as wildcard certificates with multiple "server alternative name" options.

Update: I rolled out the new certificate, and shortly afterwards had some reports of problems with Eudora/iPhone/Thunderbird/etc. I contacted Digicert support who were very helpful. Turns out I'd forgotten to RTFM fully, and hadn't included the chained certificate in the PEM file. I've now done that, so things should be better for Eudora/iPhone/Thunderbird/etc users that were having problems.

Update: Unfortunately for Eudora users, it seems Eudora does not come with the required root certificate built in. This means Eudora users will still see an error message with the new certificate. Fortunately, it's easy to fix this, just follow the directions here to add the list of trusted certificates in Eudora.