This article provides Linux script to find issuer URI for all S/MIME certificates found recursively in the given folder. The following errors may show up in the Warning log:
[06/Aug/2019 08:21:41] S/MIME: Issuer (CN=winonant) was not downloaded. Content of URI http://winonant.domain.com/CertEnroll/winonant.domain.com_winonant.crt isn't valid certificate.
[06/Aug/2019 08:21:43] S/MIME: Issuer (CN=winonant) was not downloaded. Content of URI http://winonant.domain.com/CertEnroll/winonant.domain.com_winonant.crt isn't valid certificate.
Certificate files are contained in special connect folders and personal certificate stores inside the message store. Therefore, the message store and folders
sllcert needs to be scanned for all certificate files (
.p12) and then checked against issuer conditions. If the found certificate is not used, it can be deleted.
dump_certs_http.shfile (attached) and place it on the Kerio Store folder. Defaults are:
Make the file executable:
chmod +x dump_certs_http.sh
Execute the script and allow it some time to go through all the directory structure.
Delete all the unnecessary S/MIME files identified by the script.