Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 11 replies
  • Answers 3 answers
  • Subscribers 31 subscribers
  • Views 32082 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Outlook 2016 Certificate

Tayfun Ozcan

I have Sophos XG SFOS 17.0.1 MR-1 installed on a regular PC.  

I am using Outlook 2016 to access my gMail via IMAP.

Every time I start the Outlook client, I get the message below and I have to click Yes.  I have installed this certificate on every folder in User and Local Machine Cert Store.  What can I do so that I dont get this Warning every time I start Outlook.

 

 

 

Thanks,



This thread was automatically locked due to age.
Parents
  • 0

    Hello, 

    can u show me the Certificate tree. Please try creating a selfsigned certificate with DNS: imap.gmail.com (like the imap server) and try again. 

    Regards 

  • 0 in reply to n33dfull

    Hello,

    I have the same Problem.

    Every time I start the Outlook client, I get the message below and I have to click Yes.  I have installed this certificate on every folder in User and Local Machine Cert Store.  What can I do so that I dont get this Warning every time I start Outlook.

     

    How can I create a selfsigned certificate?

    How can I include a selfsigned certificate in XG?

     

    Thanks

     

Reply
  • 0 in reply to n33dfull

    Hello,

    I have the same Problem.

    Every time I start the Outlook client, I get the message below and I have to click Yes.  I have installed this certificate on every folder in User and Local Machine Cert Store.  What can I do so that I dont get this Warning every time I start Outlook.

     

    How can I create a selfsigned certificate?

    How can I include a selfsigned certificate in XG?

     

    Thanks

     

Children
  • 0 in reply to edfggliese

    Hello edfggliese,

    Please share with use the certificate by clicking on "View Certificate". I would also recommend adding in trusted root certificate under local machine profile.

  • 0 in reply to Aditya Patel

    Hello,

    yes, I have already tried to integrate the certificate by clicking on "View Certificate", but it doesn´t work.

    Every time I start the Outlook client, I get this message.

    What can I do?

     

    Thanks!

    edfggliese

  • 0 in reply to edfggliese

    Hello edfggliese,

    Could you please confirm if the certificate is only stored under trusted root location under local machine profile and remove from other locations?

  • 0 in reply to Aditya Patel

    Hello,

    yes I tried to store the certificate under trusted root location under local machine profile and remove from other locations...

    But it doesn´t work!!!

     

    Thanks!!!

    edfggliese

  • 0 in reply to edfggliese

    Hello edfggliese,

    It does seem the certificate was not picked up when used with WindowsCertificate Manager.

    Could you share the image again? It does seem the image is too small to understand the characters.

    Ensure these steps are followed.

    1. Open the Microsoft Management Console by typing "MMC" in the "Run" box.
    2. Open Add or Remove Snap-ins by selecting FILE > ADD/REMOVE SNAP-IN...
    3. Select Certificates from the list and click Add to display the Certificates Snap-in window.
    4. Select the Computer Account and click Next.
    5. Click Finish and close the list of snap-ins.
    6. Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
    7. Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks > Import to start Certificate Import Wizard.
    8. Import the Certificate downloaded in step 2 using this wizard.
  • 0 in reply to Aditya Patel

    Hello,

    i worked off your steps, but it's still the same.

    Here's the new screenshot, hopefully much more readable now ...

     

    As you can see I'm from Germany, so please excuse my bad english.

     

    Thanks

    edfggliese

  • 0 in reply to edfggliese

    I have another yet similar issue with outlook 2010 client and web e-mail provider and opened a discussion in the forum with my setup and what I tested so far here:

    https://community.sophos.com/products/xg-firewall/f/email-protection/113318/outlook-2010-client-not-able-to-connect-to-provider/406176#406176

     

    From the error message (posted in the discussion) I can only assume it has to do with SSL decrytion and outlook...

    Another installation with Thunderbird as e-mail client is working perfectly.

     

    I would heavily appreciate if someone could help to find a solution.

    Thanks in advance!

     

    Here the error message and translation again:

    "your server does not support the required connectivity encryption type. Try to change the connectivity encryption type or contact yourt system administrator or e-mail provider."

     

    All other details such as firewall and e-mail rules can be found in the discussion named above.

  • 0 in reply to nicolebaumeler

    Update: eventhough I think it would be sufficient to install the CA certificate to the host trusted CA certificate store, I also configured the certificate to be rolled-out via AD group policy.

    The certificate is in the trusted store, Outlook has been closed and reopened. The failure still persists.

    Meanwhile I start assuming there's a bug in the XG's SSL scanning behaviour with Outlook e-mail client....