Re: POP3, SSL, Outlook Express and certificates

From: Whoever (nobody_at_devnull.none)
Date: 05/23/03 

Date: Fri, 23 May 2003 04:57:55 GMT

On 21 May 2003, Angus wrote:

> Nico Kadel-Garcia <nkadel@verizon.net> wrote in message news:<WLJya.39206$zt.29570@nwrdny01.gnilink.net>...
> > Angus wrote:
> > > For some reason, at the beginning of a new Outlook Express session,
> > > when I first try to pop from a Linux RH7.3 pop server (using SSL),
> > > running ipop3d, I get:
> > >
> > > The server you are connected to is using a security certificate
> > > that could not be verified.
> > > A certificate chain processed, but terminated in a root
> > > certificate which is not trusted by the trust provider.
> > >
> > > I don't really know where the problem is between the 2 systems that
> > > this is happening. So what is it, and what do I do about it?
> >
> > You haven't paid the money for a root-signed certificate. A lot of us
> > don't bother, since what we're worried about is traffic-encryption
> > rather than site authentication sworn to by a company that can't tell
> > your technical contact from your billing address and often mixes them
> > up, and especially because they only seem able to handle one address per
> > company even if you have worldwide offices with different departments
> > that need signed certificates.
>
> It sounds like you are saying I should goto an OE-relevant group,
> and ask what to do there, for which if there is a solution, it would
> be a hack to cancel that stupid dialogue. I'm used to a different kind
> of nonsense from usoft.
>
Actually, it is pretty simple. If you have the CA certificate in the right
format (either PEM or binary), with the correct extension (can't remember
what but it is either .bin or .cer), then just double click on it and let
Windoze load it in whatever default place it considers appropriate. After
that OE, O and IE will all accept certificates that are signed using the
CA certificate without complaint.

Loading