Overview
When accessing Webmail via browsers using a self-signed SSL certificate in Kerio Connect, you may get an invalid SSL certificate warning Your connection is not private
. If you proceed further, then on the browser address bar, you see a Not secure
sign.
Solution
A self-signed SSL certificate will appear as insecure because it is not signed by a certification authority; however, a self-signed certificate will allow for successful HTTPS connections.
Prior to making the SSL certificates trusted in the below steps, verify that the SSL certificates in Kerio Connect are configured appropriately.
Windows:
- Navigate to the Kerio Connect Webmail URL.
- Accept the security prompt that appears and proceed to the site.
- Click on the red padlock icon on the left side of the address bar > Certificate
- Select the Detail tab in the Certificate window > Copy to file and follow the wizard to export the certificate.
- Click the Chrome breadcrumb symbol > Settings.
- Search for SSL in the search bar.
- Select Manage Certificates.
- Click Import and follow the wizard.
- Within the wizard, please make sure to select to import into Trusted Root Certification Authorities.
NOTE: The above process is described for Google Chrome; however, it can be implemented similarly in Internet Explorer or Firefox.
macOS:
Refer to the article Making SSL Certificates Trusted in Safari.
Android:
- Navigate to the Kerio Connect Webmail URL.
- Accept the security prompt that appears and proceed to the site.
- Scroll down and click on Integration with device.
- Select the SSL certificate and follow the wizard to download and install the SSL certificate.
iOS
- Navigate to the URL of Kerio Connect Webmail.
- Accept the security prompt that appears and proceed to the site.
- Scroll down and click on Integration with device.
- Select the SSL certificate and follow the wizard to download and install the SSL certificate.
- Go to Settings > General > About > Certificate Trust Settings.
- Under Enable full trust for root certificates, turn on trust for the certificate.
NOTE: This only applies to iOS 10.3 and later. In previous iOS versions, there is no option for enabling full trust for root certificates, as this feature was only implemented in iOS 10.3.