Thanks for the info. I actually had previously looked at that page as well and all of the relevant links on it (I had gotten to themachelpdesk site and article through the google cache, which still had the article), but they didn't help either and still didn't explain why, with a Verisign certificate, I am having this problem. To answer your question, I was running 10.3.7 and during the troubleshooting process upgraded to 10.3.8., and Entourage has all updates installed, including SP1.
Anyone else have any suggestions? I do appreciate all the help thus far; hoping someone can finally get this error to go away though! Peter -----Original Message----- From: [email protected] on behalf of Remo Del Bello Sent: Sat 3/5/2005 2:57 PM To: Entourage:mac Talk Cc: Subject: Re: Verisign root certificate problem On 3/4/05 12:18 PM, Daniledes, Peter deftly typed out: > A couple of things don't make sense to me: if we are using a Verisign > certificate, as far as I can tell after combing through Google, MS KB, > Entourage MVPS site, etc I shouldn't need to import a root certificate. But, > just to be sure, I downloaded and imported the appropriate Verisign root > certificate anyway and it didn't help. (I followed the well documented > procedure of dragging it onto Keychain Access and adding it to the X509Anchors > list and then adding it to the Microsoft Cert Manager.) So why is the root > certificate not being recognized? I'm no expert, so anyone is welcome to correct me on any of this, but here's my two cents... First of all, there are certificates for S/MIME (digital signature and message encryption) and certificates for TLS/SSL secure connections. They're not the same thing. From your post I gather that your goal is to have the latter (secure connections to the server). If that is a correct analysis on my part then you can forget about the link Diane provided (it's for setting up S/MIME) and the Microsoft Cert Manager (which I believe is only for managing S/MIME certificates). The page you want on the MVPs site is: <http://www.entourage.mvps.org/exchange/index.html> Which, in addition to other great information (Thanks Diane!), points to the articles " Working around SSL Root Certificate Errors with Entourage 2004 and Microsoft Exchange" and "How to Set Up Entourage 2004 with WebDav over SSL for Exchange Server Connections". The first one soundsexactly like what you need. Unfortunately, those links point to <http://www.themachelpdesk.com/> which doesn't appear to have the articles available anymore (that I could find). Have you installed SP1? It improved some of Entourage's SSL support. > Also, we have the Exchange server set to > require an SSL connection; this has been verified on the PC side but an > inability to get to the http OWA site, only https works, so how is it that the > secure connection between Entourage and the PC is working if Entourage says it > won't because it can't find the certificate? I'm guessing that Entourage is failing to verify the authenticity of the server's certificate, but *is* establishing a secure connection. You can verify this with tcpflow <http://www.entourage.mvps.org/troubleshoot/tcpflow.html>. What version of OS X are you running? It shouldn't matter since you say that you imported the Verisign CA, but Apple slips in some CA updates with OS updates. I'm afraid that I don't know enough to help much more than this. If you get hold of the articles above you may be able to get it all working. -Remo Del Bello -- 0110100100100111011011010010000001100001001000000110011101100101 0110010101101011 -- To unsubscribe: <mailto:[EMAIL PROTECTED]> archives: <http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/> old-archive: <http://www.mail-archive.com/entourage-talk%40lists.boingo.com/> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> archives: <http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/> old-archive: <http://www.mail-archive.com/entourage-talk%40lists.boingo.com/>
