Windows Mail & SSL: How to Install a Certificate?

J

Jason Dunn

Ok, I've searched and searched but can't find ANY information on this, so
I'm hoping someone here can assist me. I'm running on Vista.

On my dedicated server, the admin has set up IMAP to work on port 993 with
SSL turned on. After setting up Windows Mail to work with the server,
loading it up I see this error message:

"The server you are connected to is using security certificate that could
not be verified. A certificate chain processed, but terminated in a root
certificate which is not trusted by the trust provider. Do you want to
continue using this server?"

If I click YES for each of the two dialogues (not sure what there's two -
there's only one account) I can connect and everything works fine. What I
want, of course, is to not get prompted every time I load Windows Mail.

I have a certificate provided to me by my server admin (cacert.crt), and
when I installed it I left it at the defaults ("Automatically select the
certificate store based on the type of certificate"). It didn't help - I
still get prompted twice when I load Windows Mail.

I tried installing the cert again, this time selecting "Trusted Root
Certification Authorities". When I loaded up Windows Mail again, I get a new
error:

"The server you are connected to is using a security certificate that could
not be verified. The certificate's CN name does not match the passed value.
Do you want to continue using this server?"

I tried installing the cert again, this time selecting "Third-Party Root
Certification Authorities". When I loaded up Windows Mail again, I get the
same "CN name" error as above.

Any ideas? I'm having the same problem with Outlook 2007 on my other PC, but
I'm assuming that once I get this figured out the same solution will apply
to Outlook 2007.

- Jason Dunn
 
F

Frank Saunders MS-MVP IE,OE/WM

Jason Dunn said:
Ok, I've searched and searched but can't find ANY information on this, so
I'm hoping someone here can assist me. I'm running on Vista.

On my dedicated server, the admin has set up IMAP to work on port 993 with
SSL turned on. After setting up Windows Mail to work with the server,
loading it up I see this error message:

"The server you are connected to is using security certificate that could
not be verified. A certificate chain processed, but terminated in a root
certificate which is not trusted by the trust provider. Do you want to
continue using this server?"

If I click YES for each of the two dialogues (not sure what there's two -
there's only one account) I can connect and everything works fine. What I
want, of course, is to not get prompted every time I load Windows Mail.

I have a certificate provided to me by my server admin (cacert.crt), and
when I installed it I left it at the defaults ("Automatically select the
certificate store based on the type of certificate"). It didn't help - I
still get prompted twice when I load Windows Mail.

I tried installing the cert again, this time selecting "Trusted Root
Certification Authorities". When I loaded up Windows Mail again, I get a
new error:

"The server you are connected to is using a security certificate that
could not be verified. The certificate's CN name does not match the passed
value. Do you want to continue using this server?"

I tried installing the cert again, this time selecting "Third-Party Root
Certification Authorities". When I loaded up Windows Mail again, I get the
same "CN name" error as above.

Any ideas? I'm having the same problem with Outlook 2007 on my other PC,
but I'm assuming that once I get this figured out the same solution will
apply to Outlook 2007.

- Jason Dunn
Click to expand...

The message is pretty clear that the problem is on the server, not your
machine. Contact the people running the server.
 
J

Jason Dunn

The message is pretty clear that the problem is on the server, not your
machine. Contact the people running the server.
Click to expand...

Frank, all due respect, but that's a cop-out answer. *I'm* the guy running
the server, along with a tech that's helping me. The reason I posted was to
ask how/where to install the certificate, because this is my first time with
SSL IMAP...that's what I need help with, the client side of things. The old
"blame the server, not the software" response really doesn't help me much.
:)
 
G

Gary VanderMolen

Jason Dunn said:
Frank, all due respect, but that's a cop-out answer. *I'm* the guy running the server, along with a tech that's helping me. The
reason I posted was to ask how/where to install the certificate, because this is my first time with SSL IMAP...that's what I
need help with, the client side of things. The old "blame the server, not the software" response really doesn't help me much.
:)
Click to expand...

If I may speak for Frank, this newsgroup is really meant for end users
of the Windows Mail program. Server issues are beyond the scope of
what this newsgroup is about. That's no cop-out, that's the way it is.
 
J

Jason Dunn

If I may speak for Frank, this newsgroup is really meant for end users
of the Windows Mail program. Server issues are beyond the scope of
what this newsgroup is about. That's no cop-out, that's the way it is.
Click to expand...

But installing a certificate is an end-user, client-side question that
relates in no way to the server. I'm in no way asking for server-side
support, my question is just about how I install the cert in the software...
 
F

Frank Saunders MS-MVP IE,OE/WM

Jason Dunn said:
Frank, all due respect, but that's a cop-out answer. *I'm* the guy running
the server, along with a tech that's helping me. The reason I posted was
to ask how/where to install the certificate, because this is my first time
with SSL IMAP...that's what I need help with, the client side of things.
The old "blame the server, not the software" response really doesn't help
me much. :)
Click to expand...

See
news://msnews.microsoft.com/microsoft.public.vista/security

I don't know how to fix the server. Windows Mail does not have a problem,
the server does.
 
J

Jason Dunn

I don't know how to fix the server. Windows Mail does not have a problem,
the server does.
Click to expand...

Can you at least tell me if one of my attempts to import the certificate was
the right way? Perhaps which one? That's what I came in here asking - how to
properly import a certificate so I could nail down that the client was set
up properly and look to the server next.
 
F

Frank Saunders MS-MVP IE,OE/WM

Jason Dunn said:
Can you at least tell me if one of my attempts to import the certificate
was the right way? Perhaps which one? That's what I came in here asking -
how to properly import a certificate so I could nail down that the client
was set up properly and look to the server next.
Click to expand...

No. I don't know how to fix the server.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

My SSL/TLS is bad? 4
How to find and install this certificate 6
Encrypted Mail Set Up 0
The server you are connected to is using a security certificate 1
SSL Client certificate in IIS 6.0. Different root CAs? 2
The server you are connected to is using a security certificate 4
Vista "Mail" SSL/TLS issues 4
Using gmail with Windows Mail 15

Top