Koozali.org: home of the SME Server

Solved - Windows Live Mail - Certificate Issue

Offline imcintyre

  • *
  • 609
  • +0/-0
Solved - Windows Live Mail - Certificate Issue
« on: August 23, 2011, 03:17:17 AM »
I obtained Startssl free cert with domain mydomain.ca and subdomain www.mydomain.ca I used this how to;  http://wiki.contribs.org/Certificate_Integration_startssl.com_Server_Certificate, to implement the certificate.

It works fine as I no longer get warning when accessing site thru https for server-manager and horde.

I set up Windows Live Mail using; http://wiki.contribs.org/SME_Server:Documentation:FAQ#Outlook.2FOutlook_Express_give_error_10060.2F0x800CCC90

I get this error message
Quote
The server you are connected to is using a security certificate that could not be verified.
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Do you want to continue using this server?

If I reply yes, everything appears to work ok.

Do I have to add the subdomain mail.mydomain.ca to the cert?

I would have to pay for the cert :shock:, to have more than one subdomain, so I wanted to understand the problem first.

Thanks in advance.
« Last Edit: August 23, 2011, 09:04:41 AM by imcintyre »

Offline imcintyre

  • *
  • 609
  • +0/-0
Re: Windows Live Mail - Certificate Issue
« Reply #1 on: August 23, 2011, 03:36:32 AM »
Perhaps I have a different problem. This morning I received this email,
Quote
/etc/cron.daily/conf-mod_ssl:

ERROR: Cannot create output file //home/e-smith/ssl.pem/server1.mydomain.ca.pem.7517 No such file or directory
 at /sbin/e-smith/expand-template line 45

Should my certificate been for server1.mydomain.ca instead of mydomain.ca


Offline imcintyre

  • *
  • 609
  • +0/-0
Re: Windows Live Mail - Certificate Issue
« Reply #2 on: August 23, 2011, 07:48:54 AM »
OK. I think I found the cause of the 2nd problem. In my infinite wisdom :lol:, after installing the startssl cert, I removed ssl.crt folder et al.

Found this port
Quote
http://forums.contribs.org/index.php/topic,32422.0.html

I put the three folders back.

Offline imcintyre

  • *
  • 609
  • +0/-0
Re: Solved - Windows Live Mail - Certificate Issue
« Reply #3 on: August 23, 2011, 09:06:19 AM »
Answered my own question, answer is yes to mail.server.ca

Offline Jean-Philippe Pialasse

  • *
  • 2,746
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Solved - Windows Live Mail - Certificate Issue
« Reply #4 on: February 06, 2020, 12:00:27 PM »
Not necessary to add mail.yourdomain.com as you can simply use yourdomain.com as mailserver adress.

However if you absolutly want to use mail subdomain, yes it has to be in the cert or your cert should be using a wildcard.

Alternatively check for let’s encrypt comtrib you will get a free certificate for as many domains as you want for free with auto renewall.