I have installed iRedMail on a server and have set it up with a bought SSL certificate from Comodo/ Sectigo. When I connect my users to the mail server with Outlook I get "The server you are connected to is using a security certificate that cannot be verified. The target principal is incorrect.". On the view Certificate button I see my valid SSL certificate, but on every operation in Outlook I get the same message. I have added the certificate as trusted, but that changes nothing. Can I disable this prompt, or what can the problem be?
Asked
Active
Viewed 472 times
1 Answers
0
The hostnames must match
The hostnames for incoming and outgoing mail server on the Server Information provided in the POP and IMAP Account Settings must match the hostname in the sertificate. If the certificate is for e.g. mail.example.com, you should use exactly that hostname instead of e.g. imap.example.com and smtp.example.com, despite they probably have the same A record (or CNAME to it) in DNS.
For the current versions of Outlook you can only access these settings through the Control Panel item "Mail (Microsoft Outlook)", Email Account...
The certificate chain must be complete
For the Comodo/Sectigo certificates you might need to make the server send the whole certificate chain up to the trusted root certificate. Please refer to the following documentations:
- Sectigo: How to Download & Install Sectigo Intermediate Certificates - RSA
- iRedMail: Use a bought SSL certificate, namely section Replace cert files. The
iRedMail.crt(orcombined.pemwith iRedMail easy platform) must include the full chain, referred asfullchain.pem.
Esa Jokinen
- 43,252
- 2
- 75
- 122