from Hacker News

Is Private Internet Access injecting their own Google cert?

by vicken on 5/22/15, 1:13 AM with 5 comments

I noticed something really strange happen today. I'm getting an invalid certificate warning ("This certificate is not valid (host name mismatch") while sending email through Google's smtp server. I decided to disconnect from PIA and send the email and, low and behold, no certificate warning. I reconnected to PIA, tried to send a test email, and got the warning again.

Anyone else notice this? I've noticed this happen several times in the past, but I didn't pay much attention to it. The cert in question is for mx.google.com

  • by ammmir on 5/23/15, 6:28 AM

    would you mind providing some details, such as, the hostname you're using (mx.google.com doesn't resolve), the exact error message, and if possible, the certificate chain you're seeing?

    we absolutely are not injecting any certificates or otherwise modifying or inspecting traffic.

    (disclaimer: i am an employee of PIA)

  • by dangrossman on 5/22/15, 3:48 PM

    > low and behold

    It's "lo and behold". Lo is short for look (archaically loke).

  • by sharth on 5/22/15, 1:55 PM

    What is "Private Internet Access"?