Community Discussions and Support
Mercury and SSL

The encryption library used by Mercury for SSL can apparently only handle certificates that were created by the program itself at present. As Peter said, this is an important issue that will need to be addressed in future releases.

/Rolf 

<p>The encryption library used by Mercury for SSL can apparently only handle certificates that were created by the program itself at present. As Peter said, this is an important issue that will need to be addressed in future releases.</p><p>/Rolf </p>

Hi,

is it possible to import a certificate signed by a Certificate Authority into Mercury?

There is an Import button on the configuration screen of the Mercury IMAP4 server, but it's deactivated.

 

Thanks in advance,

Juergen

 

<P>Hi,</P> <P>is it possible to import a certificate signed by a Certificate Authority into Mercury?</P> <P>There is an Import button on the configuration screen of the Mercury IMAP4 server, but it's deactivated.</P> <P mce_keep="true"> </P> <P>Thanks in advance,</P> <P>Juergen</P> <P mce_keep="true"> </P>

No.  Currently it is only possible to use Mercury's own self-signed certificates.  (Also it is recommended to use a separate certificate for each service you need SSL/TLS - SMTP, IMAP, etc.

If you must use another certificate, some of us have used stunnel http://www.stunnel.org as a SSL wrapper in front of Mercury, and it may be possible to use a authoritive certificate with that. 

<P>No.  Currently it is only possible to use Mercury's own self-signed certificates.  (Also it is recommended to use a separate certificate for each service you need SSL/TLS - SMTP, IMAP, etc.</P> <P>If you must use another certificate, some of us have used stunnel <A href="http://www.stunnel.org/">http://www.stunnel.org</A> as a SSL wrapper in front of Mercury, and it may be possible to use a authoritive certificate with that. </P>

Hi,

is it possible to export the SSL certificate in a usable format?

I'd like to import them into my mobile phone so it won't complain each time I check my mail that the cert is untrusted.

However, neither the phone nor a standard windows system can read the certificate.

Which format is it in, and how can I convert it to something readable?


Thanks,

Arne

 

<p>Hi,</p><p>is it possible to export the SSL certificate in a usable format?</p><p>I'd like to import them into my mobile phone so it won't complain each time I check my mail that the cert is untrusted.</p><p>However, neither the phone nor a standard windows system can read the certificate.</p><p>Which format is it in, and how can I convert it to something readable?</p><p> Thanks,</p><p>Arne</p><p> </p>

Not without using SSL tunnelling and a real certificate.  That said, I've never had a problem when I've told the mail client to accept the certificate always.  Does your mobile not allow yuo to do this?

 

<p>Not without using SSL tunnelling and a real certificate.  That said, I've never had a problem when I've told the mail client to accept the certificate always.  Does your mobile not allow yuo to do this?</p><p> </p>

> Does your mobile not allow yuo to do this?

Nope, unfortunately not, at least not for the e-mail client. It's a Nokia N82.

It does have the option of importing certificates from a file though.

Or maybe I just need to look for a better e-mail client. It is Symbian S60, so there should be something available.

 
Thx.
 

<p>> Does your mobile not allow yuo to do this? </p><p>Nope, unfortunately not, at least not for the e-mail client. It's a Nokia N82.</p><p>It does have the option of importing certificates from a file though.</p><p>Or maybe I just need to look for a better e-mail client. It is Symbian S60, so there should be something available.</p><p>  Thx.  </p>

This is a bitter complaint.  I cannot overstate how ridiculous it is to code an Import button with no functionality.  It even has an adjacent misleading prompt about importing from an authority.  I've wasted many $$ and hours on a GoDaddy certificate only to find that I've been mislead.  Nowhere in the manual does it state that an authority certificate will not work.  And the self-signed certificates are clearly sub-funtional.  Outlook Express doesn't like them.

This is a bitter complaint.  I cannot overstate how ridiculous it is to code an Import button with no functionality.  It even has an adjacent misleading prompt about importing from an authority.  I've wasted many $$ and hours on a GoDaddy certificate only to find that I've been mislead.  Nowhere in the manual does it state that an authority certificate will not work.  And the self-signed certificates are clearly sub-funtional.  Outlook Express doesn't like them.

Yes, this is an area that need be addressed. Major players are beginning to demand encrypted channels, and having to use third party products to comply or keep up, is a no no for the future. This is the very reason David has taken on the path of making the next release able to run as a native service, and we will most likely see more professional features coming.

Yes, this is an area that need be addressed. Major players are beginning to demand encrypted channels, and having to use third party products to comply or keep up, is a no no for the future. This is the very reason David has taken on the path of making the next release able to run as a native service, and we will most likely see more professional features coming.

[quote user="ahk"]

> Does your mobile not allow yuo to do this?

Nope, unfortunately not, at least not for the e-mail client. It's a Nokia N82.

It does have the option of importing certificates from a file though.

Or maybe I just need to look for a better e-mail client. It is Symbian S60, so there should be something available.

 
Thx.
 

[/quote]

 Maybe this procedure (and mentioned tool) could be adapted to provide a solution also for Mercury/32:

 

http://www.hmailserver.com/forum/viewtopic.php?f=12&t=13953

 

[quote user="ahk"]<p>> Does your mobile not allow yuo to do this? </p><p>Nope, unfortunately not, at least not for the e-mail client. It's a Nokia N82.</p><p>It does have the option of importing certificates from a file though.</p><p>Or maybe I just need to look for a better e-mail client. It is Symbian S60, so there should be something available.</p><p>  Thx.  </p><p>[/quote]</p><p> Maybe this procedure (and mentioned tool) could be adapted to provide a solution also for Mercury/32:</p><p> </p><p><a href="http://www.hmailserver.com/forum/viewtopic.php?f=12&t=13953" title="http://www.hmailserver.com/forum/viewtopic.php?f=12&t=13953" mce_href="http://www.hmailserver.com/forum/viewtopic.php?f=12&t=13953">http://www.hmailserver.com/forum/viewtopic.php?f=12&t=13953</a></p><p> </p>

I was just trying to figure out a procedure for Mercury/32 in order to make working for you the things I posted previously. So I just installed Mercury/32 and had a look at the SSL settings there. But now I'm at a lost with that. I can't find one important thing: Private Key File.

Could someone give me a headsup on where that can be specified? The Help talks along about certificates. But there's not one mention about the Private Key.

Thanks!

 

 

<p>I was just trying to figure out a procedure for Mercury/32 in order to make working for you the things I posted previously. So I just installed Mercury/32 and had a look at the SSL settings there. But now I'm at a lost with that. I can't find one important thing: Private Key File.</p><p>Could someone give me a headsup on where that can be specified? The Help talks along about certificates. But there's not one mention about the Private Key.</p><p>Thanks!</p><p> </p><p> </p>

[quote user="MP3Freak"]

I was just trying to figure out a procedure for Mercury/32 in order to make working for you the things I posted previously. So I just installed Mercury/32 and had a look at the SSL settings there. But now I'm at a lost with that. I can't find one important thing: Private Key File.

Could someone give me a headsup on where that can be specified? The Help talks along about certificates. But there's not one mention about the Private Key.

Thanks!

 

 

[/quote]

 

Sorry for reiterating, but... no ideas about this?

 

[quote user="MP3Freak"]<p>I was just trying to figure out a procedure for Mercury/32 in order to make working for you the things I posted previously. So I just installed Mercury/32 and had a look at the SSL settings there. But now I'm at a lost with that. I can't find one important thing: Private Key File.</p><p>Could someone give me a headsup on where that can be specified? The Help talks along about certificates. But there's not one mention about the Private Key.</p><p>Thanks!</p><p> </p><p> </p><p>[/quote]</p><p> </p><p>Sorry for reiterating, but... no ideas about this?</p><p> </p>
live preview
enter atleast 10 characters
WARNING: You mentioned %MENTIONS%, but they cannot see this message and will not be notified
Saving...
Saved
With selected deselect posts show selected posts
All posts under this topic will be deleted ?
Cancel
Delete
Pending draft ... Click to resume editing
Discard draft