Thanks Michael ... but the problem is resolved.

The guy with our central IT who installed the new  certificates on central mailhost went to a conference ... and forgot to enable a nightly reboot of our mailhost. His colleague didn't know about and said, there are no problems at all. I tested with Outlook and Thunderbird and they didn't have any problems. Than I wrote this message to the forum thinking Pegasus was the problem.

The problem was not Pegasus ... it was the not rebootet mailhost. It holds around 40.000 IMAP-Sessions and some of them (which haven't died in iterim) did have the old certificate, the others the new one. So depending on the IMAP-prozess answering on Pegasus requsts, Pegasus got the old or the new certificate. Because we enabled fingerprint tracking, everytime when certificate changed randomly Pegasus asked if it should refresh. Didn't recognize this.

Pegasus handles SHA-2 certificates correctly.

Sorry for hastily writing the message!

    Olaf

The organization supporting german universities with internet and higher level certificates decided to have certificates with signing-algorithm SHA-2 in the future. Because the old certificate for mailserver was outdated, my university got a new one - with SHA-2.

Pegasus recognizes the new certificate,  asks for "refresh and continue" ... every time, the mailaccount is opended or mailbox refreshed. It seems Pegasus isn't able to handle SHA-2 certificates correctly. I know I could deactivate checking certificate - on risk - to supress the enervating popup, but that's no solution.

So - can I do anything else? Is there a quick solution? Is there any solution?

bye

    Olaf

[quote user="FJR"]So - can I do anything else? Is there a quick solution? Is there any solution?[/quote]

Olaf, I would recommend contacting David Harris directly.