Invalid certificate

Several protocols supported by Sandvox make use of certificates to secure your connection:

When connecting, Sandvox receives a copy of the server's certificate. To check if the server can be trusted, that certificate is evaluated for a number of criteria, including:

Generally, if any of these criteria fail to be met, Sandvox will refuse to go ahead with the connection. Such a failure can indicate the server has been compromised, or you're actually connecting to a different, malicious server.

Yahoo Web Hosting

One exception we make is for Yahoo Web Hosting. Yahoo now require the use of FTP with SSL/TLS for their hosting. Unfortunately, the host name for their server's certificate differs from that of your site, leaving Sandvox unable to automatically validate it.

If Sandvox detects this situation, you will be prompted to confirm that you are indeed publishing to Yahoo Web Hosting. From this panel you can see full details of the certificate in question to verify yourself if desired.

Both we and Yahoo recommend that you have your Mac remember this particular certificate to avoid prompting you every time you publish:

When prompted about Yahoo Web Hosting's invalid certificate:

  1. Click the "Show Certificate" button
  2. Make sure that Sandvox is complaining of "host name mismatch" and nothing else
  3. Turn on the "Always trust…" box
  4. Click the "Uses Yahoo Web Hosting" button
  5. Enter your account password when prompted

Your Mac will now remember the combination of your site with Yahoo's certificate. You should only be prompted again in the future if Yahoo replaces their certificate (e.g. with a newer one).

Reference: Yahoo Web Hosting Help


Keywords: ssl, tls, cert, certificate, certs, certificates, ftps, ftp, implicit, webdav, yahoo, web, hosting

How can we improve this page? Let us know.