Back to Community Threads
2
Issues with Intermediate certificates...
Question asked by Eric Tykwinski - 9/16/2015 at 9:36 AM
Answered
This has become sort of a thorn in my side, so hoping someone else has an answer.
We've got a Positive SSL certificate which comes with 2 intermediate certificates.  My problem is that the third certificate (COMODO RSA Domain Validation) keeps getting installed in the Trusted Root Certification Authorities folder.  Normal web browsers are fine, but it breaks ActiveSync for Android phones.  It's easy to fix by just deleting the cert from the Root folder and rebooting, but it's happened now 3 times and I can't figure out why.
 
Any help would be appreciated...

5 Replies

Reply to Thread
0
Bruce Barnes Replied
9/16/2015 at 12:52 PM
Never trust the "auto install" certificate feature. Use the CERTIFICATE feature in MMC and install the cert in the proper category for the LOCAL MACHINE .
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
1
Henry Timmes Replied
9/17/2015 at 5:35 PM
Marked As Answer
Don't delete it, you need to disable it. 
 
1) Right Click on the Cert -- Select Properties. 
2) Check the box that says "Disable all purposes for this certificate"
3) Click Ok
4) Restart IIS or Reboot your PC
5) Thank Me :) 
 
 
Campaign Cleaner - The Ultimate Tool for Optimized, High-Performance Email Campaigns
0
Eric Tykwinski Replied
9/18/2015 at 5:55 AM
:laughs... Henry, thanks for the advice. I'll give it a shot next time it magically appears.
0
Eric Tykwinski Replied
9/22/2015 at 7:43 PM
Henry, Next time your in Philly, I owe you a beer... Worked like a charm post reboot.
0
Henry Timmes Replied
9/23/2015 at 5:58 PM
I'm glad it worked for you, I had a similar issue a few weeks ago and it frustrated the heck out of me. So that's why I knew how to correct it. I don't normally read the community posts - I was updating a ticket for Smartermail - I clicked on community button, instead of the ticket button on accident and seen your question on the front screen. So you have a guardian angel or something looking out for you to make that exact sequence happen at the right time, to get you the answer you were looking for. Or maybe my Beer Angel was looking out for me :)
Campaign Cleaner - The Ultimate Tool for Optimized, High-Performance Email Campaigns
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Automatic SSL Certificates on a New SmarterMail ServerSmarterMail > Server Configuration and Management
Troubleshooting SmarterMail Automatic SSL CertificatesSmarterMail > Troubleshooting
Integrating Existing SSL Certificates With SmarterMail Automated SSL CertificatesSmarterMail > Server Configuration and Management
Manually Securing SmarterMail Using Let's Encrypt and Certify the WebSmarterMail > Installation and Configuration
Understanding SNI in SmarterMailSmarterMail > Server Configuration and Management