Phone Lines icon GFI Support Home Sign in
Start a conversation
  1. GFI Support
  2. GFI Support - Security & SSL
  3. Articles

Trusting Self-Signed SSL Certificates on Client Computers and Mobile Devices

Overview

When accessing Webmail via browsers using a self-signed SSL certificate in Kerio Connect, you may get an invalid SSL certificate warning.

"Your connection is not private."

089.png

 This article provides information on how to resolve the above invalid SSL certificate warning.

Root Cause

A self-signed SSL certificate will appear as insecure because it is not signed by a certification authority; however, a self-signed certificate will allow for successful HTTPS connections.

 

Information

Follow the relevant process below to make SSL certificates trusted:

 

Windows:

  1. Navigate to the Kerio Connect Webmail URL. 
  2. Accept the security prompt that appears and proceed to the site.
  3. Click on the red padlock icon on the left side of the address bar > Certificate
  4. Select the Detail tab in the Certificate window > Copy to file and follow the wizard to export the certificate.
  5. Click the Chrome breadcrumb symbol > Settings.
  6. Search for SSL in the search bar.
  7. Select Manage Certificates.
  8. Click Import and follow the wizard.
  9. Within the wizard, please make sure to select to import into Trusted Root Certification Authorities.
NOTE: The above process is described for Google Chrome; however, it can be implemented similarly in Internet Explorer or Firefox.

 

macOS:

Refer to the article Making SSL Certificates Trusted in Safari.

 

Android:

  1. Navigate to the Kerio Connect Webmail URL.
  2. Accept the security prompt that appears and proceed to the site.
  3. Scroll down and click on Integration with device
  4. Select the SSL certificate and follow the wizard to download and install the SSL certificate.

 

iOS

  1. Navigate to the URL of Kerio Connect Webmail.
  2. Accept the security prompt that appears and proceed to the site.
  3. Scroll down and click on Integration with device.
  4. Select the SSL certificate and follow the wizard to download and install the SSL certificate.
  5. Go to Settings > General > About > Certificate Trust Settings.
  6. Under Enable full trust for root certificates, turn on trust for the certificate.
NOTE: This only applies to iOS 10.3 and later. In previous iOS versions, there is no option for enabling full trust for root certificates, as this feature was only implemented in iOS 10.3. 

 

Validation

The invalid SSL certificate warning is not being displayed. The red padlock icon next to the browser address bar is no longer there for Windows, macOS, Android, and iOS. The clients are not being prompted to confirm the identity of the server. 

Back o Top 

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments