Outlook 2016 Certificate

Hello, 

can u show me the Certificate tree. Please try creating a selfsigned certificate with DNS: imap.gmail.com (like the imap server) and try again. 

Regards 

Hello,

I have the same Problem.

Every time I start the Outlook client, I get the message below and I have to click Yes.  I have installed this certificate on every folder in User and Local Machine Cert Store.  What can I do so that I dont get this Warning every time I start Outlook.

How can I create a selfsigned certificate?

How can I include a selfsigned certificate in XG?

Thanks

Hello edfggliese,

Please share with use the certificate by clicking on "View Certificate". I would also recommend adding in trusted root certificate under local machine profile.

Hello,

yes, I have already tried to integrate the certificate by clicking on "View Certificate", but it doesn´t work.

Every time I start the Outlook client, I get this message.

What can I do?

Thanks!

edfggliese

Hello edfggliese,

Could you please confirm if the certificate is only stored under trusted root location under local machine profile and remove from other locations?

Hello,

yes I tried to store the certificate under trusted root location under local machine profile and remove from other locations...

But it doesn´t work!!!

Thanks!!!

edfggliese

Hello,

yes I tried to store the certificate under trusted root location under local machine profile and remove from other locations...

But it doesn´t work!!!

Thanks!!!

edfggliese

Hello edfggliese,

It does seem the certificate was not picked up when used with WindowsCertificate Manager.

Could you share the image again? It does seem the image is too small to understand the characters.

Ensure these steps are followed.

1. Open the Microsoft Management Console by typing "MMC" in the "Run" box.
2. Open Add or Remove Snap-ins by selecting FILE > ADD/REMOVE SNAP-IN...
3. Select Certificates from the list and click Add to display the Certificates Snap-in window.
4. Select the Computer Account and click Next.
5. Click Finish and close the list of snap-ins.
6. Click OK to add the certificates snap-in, which should now be visible in the Add/Remove Snap-ins window.
7. Expand the list of certificate containers, right click Trusted Root Authorities and choose All Tasks > Import to start Certificate Import Wizard.
8. Import the Certificate downloaded in step 2 using this wizard.

Hello,

i worked off your steps, but it's still the same.

Here's the new screenshot, hopefully much more readable now ...

As you can see I'm from Germany, so please excuse my bad english.

Thanks

edfggliese

I have another yet similar issue with outlook 2010 client and web e-mail provider and opened a discussion in the forum with my setup and what I tested so far here:

https://community.sophos.com/products/xg-firewall/f/email-protection/113318/outlook-2010-client-not-able-to-connect-to-provider/406176#406176

From the error message (posted in the discussion) I can only assume it has to do with SSL decrytion and outlook...

Another installation with Thunderbird as e-mail client is working perfectly.

I would heavily appreciate if someone could help to find a solution.

Thanks in advance!

Here the error message and translation again:

"your server does not support the required connectivity encryption type. Try to change the connectivity encryption type or contact yourt system administrator or e-mail provider."

All other details such as firewall and e-mail rules can be found in the discussion named above.

Update: eventhough I think it would be sufficient to install the CA certificate to the host trusted CA certificate store, I also configured the certificate to be rolled-out via AD group policy.

The certificate is in the trusted store, Outlook has been closed and reopened. The failure still persists.

Meanwhile I start assuming there's a bug in the XG's SSL scanning behaviour with Outlook e-mail client....