|
|
10.3: Importing self-signed SSL certificates
The Apple KB article says:
Mail will continue to ask if you want to accept an SSL certificate each time it opens if the certificate is an expired server certificate or is signed by an unknown certificate authority. In other words, it won't work for self signed certificates. I tried, and even set it to always trust, but it still asks each time. I also had the mail crashing problem someone else reported, but to get around that I just downloaded the cert directly (it's from my server). I wish there was just a simple "always accept this" checkbox. John
10.3: Importing self-signed SSL certificates
the Keychain / X509Anchors tip above does not help with the actual SSL certificates but rather works for CA (Certificate Authority) Certificates - that is: certificates used to sign other certificates...
10.3: Importing self-signed SSL certificates
No, you don't.
Didn't work for me.
I imported the self-signed cert and I'm still getting the warning everytime I start mail.
Didn't work for me.
Me too.
Steps in KB article worked for me
The steps in the KB article add the self-signed cert to the list of root certs. Mail.app should not warn after following the steps in the article. At least, it didn't for the three machines I tried it on.
Steps in KB article worked for me
This really is the key point for getting Mail to stop complaining about self-signed SSL certificates.
What needs to be added to the x509Anchors file is the server root certificate and NOT the certificate used to actually encrypt the mail traffic. Having forgotten this while setting up my new desktop cost me a half hour of lost sleep...
10.3: Importing self-signed SSL certificates
I had this problem, too. That's because the "Common Name" field must match the host name you are trying to connect to...a lot of hints out there (err, including one of mine) suggest you use your own common name for that field when making a self signed certificate. However, if you enter the machine host name instead when prompted for Common name by openssl when creating the certificate (e.g., localhost or 127.0.0.1 or whatever) the certificate will be recognized as valid. That's a run on sentence, but hopefully you'll get the idea.
10.3: Importing self-signed SSL certificates
Ok - I'll bite. I have three certs from my company's PKI infrastructure:
10.3: Importing self-signed SSL certificates
I ran into the same problem where eventhough I had imported the self-signed cert into keychain access I was still getting prompted each time I accessed my mail. |
SearchFrom our Sponsor...Latest Mountain Lion HintsWhat's New:HintsNo new hintsComments last 2 daysLinks last 2 weeksNo recent new linksWhat's New in the Forums?
Hints by TopicNews from Macworld
From Our Sponsors |
|
Copyright © 2014 IDG Consumer & SMB (Privacy Policy) Contact Us All trademarks and copyrights on this page are owned by their respective owners. |
Visit other IDG sites: |
|
|
|
Created this page in 0.36 seconds |
|