Hi,

  I use Outlook 2007, and from about 6 months ago, it started giving me a Trust Warning dialog for a mail account that resides on my own server.  The certificate on my server is self signed, and though I've added it to my Trusted Certificates list, I still get the warning.

  What do I need to do to stop this dialog from appearing?  Change to a different mail client?

Cheers

• Moved by George Hua -MSFT Friday, September 27, 2013 6:40 AM outlook product issue

Hi Cheers,

Thank you for your posting.

Office Development Forum is used to discuss questions about Office development technologies such as VSTO, VBA and OpenXML. For Outlook product specific questions, I'd like to move this thread on Outlook IT Pro Discussions forum for more efficient response.

What is the exact error in full?
Have you checked the Certificate Path to see if it is indeed trusted?
Have you verified the dates on the certificate? Self signed certificates can also expire.
Also check the names which are on the certificate and verify it against the names that you used to configure Outlook.

Otherwise, you'll have to provide more info about your configuration like mail server being used, mail account type and how you added your certificate.

Internet Security Warning
!    The server you are connected to is using a security certificate that cannot be verified.
The target principal name is incorrect.
[View Certificate]
Do you want to continue using this server?
[Yes][No]

From the dialog box, I used the [View Certificate] option, and installed it in the "Intermediate Certificate Authorities" list.
The details of the certificate, email, name, address, etc are as I specified @ creation, and the certificate itself expires in 2022.
The details of the certificate are correct, including the name.  It is a sha1 RSA certificate.

My server is running Ubuntu 10.04 LTS with a LAMP stack, and Postfix/Dovecot/Amavisd/SpamAssassin/ClamAV for its mail.  It requires authentication both for reading and sending mail.  I use virtual hosting for a couple domains I run.

It would be nice to have Outlook acknowledge my trusted certificate, and not have the dialog box show at all.  But frankly, Outlook should remember my answer ( [yes] ) and not show me the message again.

You must install the self-signed certificate in your Trusted Root Certification Authorities as there is no root yet to trust your certificate (which is why the intermediate store doesn't work).

It would be a security issue if Outlook would never prompt you again for untrusted certificates.

That makes me crazy too, so I wrote a little addin

Take look on this.