Security Certificate

Every-time my eM Client users open the application, they are presented with the following dialog box:
eM Client can’t verify identity of “[fill in my mail servers name here]”
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

It then says there might be some other server pretending to be my mail server (this is not the case) and gives them the option to “Connect”, “Do not connect”, or “Show certificate”.

I have on many occasions opted to show the certificate and when given the choice, install the certificate as trusted, but although I am informed the certificate was successfully installed, this dialog pops up each and every time your app is quit and started again.

I understand my security certificate is simply generated by my server (Apple Server 2.2.2) and is not authenticated by a service, but installing it should have eliminated this repeated pop-up dialog box.

Any ideas how I can get Windows trust center to actually allow eM Client to connect to my server without asking my users to trust the connection every time?

P.S. My windows clients are running Windows 7 Professional with all the latest updates. My eM Client software is the very latest and the problem has endured through at least 3 eM Client updates.

This was a pain for me as well. The work around I figured out was open up the web page for Apple Server on IE on the windows 7 machine.

mine is ht*tps://mail.domain.com

Click on the security report lock thing or if it pops up click view certificates. Then you have to go to Install Certificate… Click Next, then Click on “Place all certificates in the following store” Click on Browse then choose “Trusted Root Certification Authorities” Then click ok. Click next then click finish.

Depending on settings in Windows you may need to repeat the process for the Intermediate CA and Root CA that is generated from Apple Server. You can find the other two in the same window just under the Certification Path tab.

Once those are all installed when you open eM Client it shouldn’t pop up the can’t verify message.

Attempting to perform this work-around using IE, I ran into a roadblock in that I could never get an option to install the certificate. I could look at it, get details of every aspect, but not install.

On a hunch, I closed eM Client and opened it again. When I got the usual certificate warning, I again choose to install the certificate but this time instead of using the default location, I chose custom location and then I located and used the “Trusted Root Certification Authorities” location you specified, and now everything works! Thanks so much for the great hint.

Clarification: When using the Certificate Import Wizard of Windows 7, one is presented with a dialog box named Certificate Store. The options are to use:

  1. “Automatically select the certificate store based on the type of certificate” or
  2. “Place all certificates in the following store”.

Option 2 is where the needed “Trusted Root Certification Authorities” can be found.

Hi,

I am sorry for longer delay, anyway is everything working for u now?

Jan