 |
 |
Mail.app: Problems with self-signed certificate
|
|
|
|
|
Mac Elite
Join Date: Apr 2002
Location: Here and there
Status:
Offline
|
|
Unfortunately and all my trouble notwithstanding I had to switch back from Entourage to Mail (yes besson3c you heard what I said... this definitely ain't the last problem I'm gonna have with Mail.app) Anyhow, I'm fine with Mails duplicating themselves, kinda got used to it - guess there ain't nothing I can do.
Now I'm fighting another war though - a certificate war. My mailserver has self-signed SSL certificates and I'd like to import those into my keychain. It worked great for IMAP, imported the certificate into my X509Anchors keychain, it duplicated itself into my login keychain and everything works great - no more certificate warnings whem connecting to my IMAP server. However the same strategy does not work for my SMTP. It's the same server, same host address. I imported the proper SSL certificate into both, my X509Anchors and my login keychain yet it didn't help - I'm still getting the warning window the first time I try to send an email.
Interestingly enough there are two separate certificates - Mail.app gives the IMAP one a golden(ish) icon, the SMTP one a blue(ish) icon. It's been a while since I setup my server but as far as I remember that is correct, I had separate certificates for IMAP, POP and SMTP. Might be wrong though, don't really remember.
What's wrong here? Why does it work for receiving emails but not for sending emails?
|
|
"Life is not a journey to the grave with the intention of arriving safely in one
pretty and well preserved piece, but to skid across the line broadside,
thoroughly used up, worn out, leaking oil, shouting GERONIMO!"
|
| |
|
|
|
|
|
|
|
Mac Elite
Join Date: Apr 2002
Location: Here and there
Status:
Offline
|
|
Update: I just found out another thing: As soon as I import that SMTP certificate Mail.app starts to act up when receiving mails and syncing. It syncs half the folders, then stops and claims there is a problem with the mail server. This is reproducable (meaning it happens ~9/10 times) and it disappears completely as soon as I remove the two SMTP certificates (the blue ones on the second screenshot) from my keychain...
|
|
"Life is not a journey to the grave with the intention of arriving safely in one
pretty and well preserved piece, but to skid across the line broadside,
thoroughly used up, worn out, leaking oil, shouting GERONIMO!"
|
| |
|
|
|
|
|
|
|
Professional Poster
Join Date: Oct 1999
Location: :ИOITAↃO⅃
Status:
Offline
|
|
I don't know for sure, but I vaguely remember that even if you set a certificate's setting to Trust, if the certificate common name is different than the actual hostname using it, Mail.app will be unhappy.
You can also either use a Windows machine or (I think) Firefox to get ahold of the actual root certificate that was used to sign the problem certificate -- Keychain and Mail will be happier if you've added that root cert to the X509Anchors keychain.
|
|
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
 
|
|
|
Forum Rules
|
|
|
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
|
HTML code is Off
|
|
|
|
|
|
|
|
|
|
|
|
Top