Outlook secure SMTP certificate

[Ignatius]

One of the organisations with which I work voluntarily (a small workgroup rather than a domain) has changed their e-mail host recently. There's a secure SMTP server that uses port 465 and SSL rather than 25. Outlook 2003 is their e-mail client.

Whenever we send mail, a popup is presented which says:

"The server you are connected to is using a security certificate that could not be verified.

A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

Do you want to continue using this server?"

I know that, if I visit an https site that uses an insecure certificate and it has been self-generated, I am able to accept then install the certificate but there is no such option with Outlook. I've done some googling but haven't unearthed any way to install the certificate and avoid the popup.

Other than contact the e-mail host and ask for a copy of the certificate, does anyone have any ideas? I've disabled "Check for server certificate revocation" in Internet Options.

[Ignatius]

I hate to be impatient ... does anyone have any experience of secure SMTP certificates? Are they similar to SSL certificates?

[PiqueABoo]

They're essentially the same. Without seeing the cert myself there are two potential solutions:

1) Get the site to give you a copy of the CA cert and install it (double click & follow instructions, unless you're logged on as admin trying to fix this for everyone who uses a shared machine, in which case put it in the *machine's* trusted CAs).

2) Ensure the latest MS CA update KB is installed - this only applies if the cert was issued by some particular CAs e.g. I think IPSCA & GoDaddy both had installed-with-IE root CA certs expire in the last couple of years.

[Ignatius]

Thank you - it confirms my suspicion. I didn't want to approach the e-mail host and make myself look like an idiot!