The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL certificate for Windows 7 - email

Discussion in 'E-mail Discussions' started by opentoe, Feb 9, 2013.

  1. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    I let my dad use my outgoing email server for his email. I set it up using SSL port 465. When he sends out email (using Outlook - Windows 7) a screen pops up saying it cannot verify the host. Where can I make him a certificate where he can install it in Windows so this pop up doesn't keep coming back? Usually the certificate will end in a .CSR I think. And he can just import into his Windows certificate store and hopefully his email program will stop saying unknown host. Thanks!
     
  2. Greenhost

    Greenhost Well-Known Member

    Joined:
    Jan 22, 2013
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    Follow the following instruction:
    1. In Outlook 2007, go to Tools on the top bar and select Account Settings...
    2. Select the email account you want to check or edit and click Change...
    3. You'll now see the Internet E-mail Settings screen. From here you can check and edit any of the settings for your email account.
    4. Click on more sitting button
    5. Go to advance tab and check the setting and tick SSL server.
    01.PNG
    When you've finished editing the settings, click Next.

    Check the bellow links, I hope it helped you.

    How to check email settings in Outlook 2007.
    How to enable SMTP Authentication on Outlook 2007.

    Setup Microsoft Outlook 2007 to receive and send email.
     
  3. PlotHost

    PlotHost Well-Known Member

    Joined:
    Apr 29, 2011
    Messages:
    253
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    US
    cPanel Access Level:
    Root Administrator
    Twitter:
    Try using the server hostname as the mail server address in Outlook.
     
  4. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    I think we are confused.

    I know how to setup the mail client on Outlook just fine.

    When the outgoing server is used it prompts a pop up box saying it doesn't know the host certificate and should it be trusted? You can either hit yes or no. If you hit yes, then everything goes through fine. I want to be able to create a security certificate for my dad so this pop up doesn't keep happening. I know it must come from the host server, which is my VPS host through my cpanel, but I'm not sure how to actually make the certificate. With windows, the certificate is a file that ends in *.cer. I wanted to know how to create this *.cer file so I can import it into my Dad's computer to eliminate the security certificate pop up window.

    I attached the pop up screen so you can see what I mean.

    Thanks!
     

    Attached Files:

  5. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,450
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Have you checked your settings against the suggested settings displayed in your cPanel:

    cPanel > Mail > Email Accounts > to the right of the email account, there's a "More" menu. On it, a link to Configure Email Client.
     
  6. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    I'm sorry. I guess I'm not expressing my question properly and thought the screen shot would help. I've already got the email client setup with no problem. I've set it up with the proper incoming/outgoing servers as with any email client. I use Outlook 2013. Since I am using SSL for security my email program cannot verify the connection of my host. This is normal and expected. This is where that pop up box comes along when using the email connection. Outlook will send and receive email fine, but constantly pops up that message about it cannot verify the security certificate. I'm asking how do I create this security certificate through WHM? I need to input this certificate into my Windows certificate store so that pop up doesn't keep happening. If I have the certificate installed and then Outlook goes to use that connection again it will see I have the certificate and then no pop up that window anymore. My host is the only place I will be able to get this certificate from, but since I'm new to WHM I don't know how to produce/create the certificate. I have plenty of questions regarding configserver and all that, but I'm going slowly here, one day at a time.
    Hopefully my explanation is accurate and everyone understands.

    Thanks.
     
  7. JordanSmith

    JordanSmith Member

    Joined:
    Dec 28, 2012
    Messages:
    5
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    When you install cPanel/WHM it will install a self signed cert, you could get a SSL Cert and install it via WHM and you wouldn't get this error.

    If you go to WHM ---> Service Configuration ---> Manage Service SSL Certificates you will be able to see your mail server cert there.

    If you don't want to spend money and your web host doesn't offer free SSL certs then you could get a free one from startcom and then you can install it onto WHM then when Outlook connects to your mail server it won't ask about the insecure cert.

    Hope this has help you.
     
  8. Greenhost

    Greenhost Well-Known Member

    Joined:
    Jan 22, 2013
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
  9. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    I guess WHM is not able to create the physical certificate file. I'll just chalk it up to that being what it is.
    Thanks.

    - - - Updated - - -

    Thanks for the response, but as I stated in the post I'm using Outlook 2013. That is also referring to using Exchange.

    Thanks again
     
  10. AndyJames

    AndyJames Registered

    Joined:
    Dec 20, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    DataCenter Provider
    Basically the problem is that by default cPanel ships with Self-Signed certificates for WHM/cPanel, Exim (mail), Dovecot, and FTP.
    This is why when you login to whm through SSL ports, you will get a SSL warning also. Though completely secure, the certificate file itself is generated by the server and not an "approved" vendor, so there is no guarentee it can be trusted. There is a certificate in place, and the mail is secured and encrypted to the server.

    The only way to remove the message your dad is seeing when he attempts to send mail is to either, A) don't use SSL or B) purchase and replace all your service SSL certificates with a valid "approved" certificate from a real SSL vendor. You would generally purchase one that matches the servers Hostname, and this would be the hostname that you would use when configuring mail.

    You can also skip the whole purchasing one and get a free one from http://cert.startcom.org/ as Jordan stated. As far as I am aware, Startcom is approved by almost all mail clients and browsers nowadays, so the popup should vanish (will also get rid of the cpanel and whm ones to get a nice free cert from startcom). Its an extra little bit of work, but it will completely resolve the issue you are experiencing.

    Once you have your new fancy cert, this will show you where to install it.

    Manage Service SSL Certificates
     
  11. Greenhost

    Greenhost Well-Known Member

    Joined:
    Jan 22, 2013
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    So sorry, I didn't noticed :(
    I found the Microsoft guide to visit this link and this equire logon by using Secure Password Authentication (SPA).
    In additional contact your ISP, my be they have specific setting for 2013.
     
  12. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,450
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Internet Explorer and Outlook share the same certificates. Running IE as Administrator and then accepting the cPanel cert into your browser when accessing cPanel should get the cert into his system.

    If enabled in Feature Manager, in your cPanel you should have these tools as well:
    SSL/TLS Manager - cPanel Documentation
     
  13. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    Ok, I've kind of figured out the work around for this. Since I'm unable to produce the physical certificate/file from WHM I used Windows to make one for me. During the mail check when that pop up box tells me it is connecting to an UNverified connection I'm able to view some information about the certificate and also I'm able to COPY TO FILE. It won't let me import it because it isn't verified. At this point I'll export the data into a *.cer file. Then I have my certificate that connects me to my host. When I import this certificate DO NOT let Windows import it my itself. You have to make sure you tell it where to import it. Windows will try to import it into your personal cert store. You need to import it into your trusted store. Once that is all done, reset the computer and now no pop ups when connecting via SSL with email or the browser. No warnings anywhere. This file/certificate that I created with Windows is what I was looking to see if WHM could create. We can mark this as solved I guess and I won't be needing a free one I guess. I want to thank everyone who responded and tried to help.

    Also, the options in Outlook 2013 are almost identical in those of 2010. No changes are needed to the email program. Everything is taken care of when that certificate is installed into the trusted store.

    Thank you!
     
  14. opentoe

    opentoe Active Member

    Joined:
    Feb 6, 2013
    Messages:
    40
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Website Owner
    Sorry, I'm not asking how to setup the email client or anything like that. Thanks anyway.
     
Loading...

Share This Page