On Tue, 2003-03-18 at 00:20, Stewart wrote:
Hey sluggers,
I'm running a UOW imap setup (on a mandrake box) for a client and recently got it working with SSL, port 993 and all that. Everything was working fine with a variety of client/OS combinations until the new windows XP machine turned up today and its Outlook started complaining about invalid server certificates. I haven't looked into the problem in detail yet but just wanted a heads up to see if anyone has had this problem.
I have a similar problem with courier-(imap|pop)-ssl. I don't think that outlook likes self signed certs.
If you point IE to https://yourmail.server:993, you can save the cert and in some versions that works.
Anyone else have anything?
Drop your site's self-signed Certificate Authority certificate on your website
http://www.example.edu.au/example-ca.cer
making sure you serve this with the MIME type
application/x-x509-ca-cert
Get your users to open this in IE and tell them to accept the certificate. The certificate should be good (eg: not expired).
Now when your Outlook seeks your site's IMAP server's certificate signed with your self-signed CA certificate it will be able to validate the certificate.
If you've made the IMAP server's certificate self-signed then you've made a mistake, as your users will need to download a certificate for each service from your site and add it to the CA database. You can either fix the error or get users to click on and accept the IMAP certificate as well.
You should probably install your site's self-signed Certificate Authority certificate as part of the machie installation or Ghost image creation.
Microsoft have really good documentation on their website discussing how it implements certificate handling.
For those not on the dark side, you'll need a recent Mozilla version, as certificate handling for IMAP was fluffed in earlier versions.
-- Glen Turner (08) 8303 3936 or +61 8 8303 3936 Australian Academic and Research Network www.aarnet.edu.au
-- SLUG - Sydney Linux User's Group - http://slug.org.au/ More Info: http://lists.slug.org.au/listinfo/slug
