Results 1 to 5 of 5

Thread: SMTP SSL cert error: not trusted by the trust provider.

  1. #1
    Join Date
    Nov 2007
    Posts
    41
    Rep Power
    8

    Default SMTP SSL cert error: not trusted by the trust provider.

    I have installed a Geotrust cert in a Zimbra 4.5.9 open source install.

    I followed these instructions:
    Commercial Certificates - Zimbra :: Wiki
    And then i followed steps 3 and 4 here:
    Commercial Certificates - Zimbra :: Wiki

    ...but in Outlook I get the error:

    The server you are connected to is using a security certificate that could not be verified.
    A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
    Do you want to continue using this server?

    In Mac mail.app it won't connect at all.

    After reading around I tried this command with no luck:
    /opt/zimbra/bin/postconf -e 'smtpd_tls_CAfile = /opt/zimbra/ssl/ssl/geotrust.crt'


    Any ideas?


    Thanks,
    Kevin

  2. #2
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,322
    Rep Power
    13

    Default

    You should try to import the SSL certificate manually (using a browser for example) into the client computers.

  3. #3
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    10

    Default

    Quote Originally Posted by Klug View Post
    You should try to import the SSL certificate manually (using a browser for example) into the client computers.
    And if you're one of the unlucky ones doing this in Vista, it gets even more fun. Importing certs. is a whole lot more complicated on Vista than on older versions of Windows, I just discovered yesterday.

    First you have to go into the "content" tab of internet options and tell Windows that your site is a trusted site. If you don't do this, the option for importing the certificate doesn't even show up when you view the certificate. Next you have to go to the website (you may have to close & reopen IE 7 first), and when it comes up with the certificate error, you choose to view the certificate. Then you have to import the certificate, not to the default location, but to the "Trusted Root Certification Authorities" store. Otherwise you'll keep getting the errors.

  4. #4
    Join Date
    Nov 2007
    Posts
    41
    Rep Power
    8

    Default

    Thanks for the replies but the reason I bought a cert from Geotrust is so that users wouldn't have to muck around with this stuff.

    I ended up fixing it by appending the geotrust pem crt (downloaded from their site) to the end of my my.crt file.

    Zimbra really needs to get a handle on this - the complexity involved in adding a third party cert is completely unheard of among competing packages.
    Last edited by kevinpaz; 11-14-2007 at 04:07 PM. Reason: spelling mistake

  5. #5
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    21

Similar Threads

  1. server dropped connection
    By ferra in forum Installation
    Replies: 20
    Last Post: 10-06-2008, 05:32 PM
  2. [SOLVED] Tomcat ignoring new SSL cert?
    By gkra in forum Administrators
    Replies: 1
    Last Post: 09-07-2007, 11:44 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 08:46 PM
  4. Replies: 2
    Last Post: 03-25-2007, 10:40 PM
  5. IMAP/POP/SMTP SSL Cert warning
    By scottnelson in forum Administrators
    Replies: 8
    Last Post: 12-29-2006, 01:24 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •