How do I install a root certificate with Microsoft Entourage?

I'm trying to get Microsoft Entourage on my Mac to work with an SSL-based mail server, but every time I try to use it, I get errors about "unverified root certificate" or uninstalled root certificates. I've dug around on my SSL server and can't figure out what the heck Entourage wants. Help!

Dave's Answer:

it's surprisingly difficult to figure out how to install a root certificate in Microsoft's Entourage, actually, though I think the problem is generally just with security certificates, not Entourage, per se. I think I have it working on my system, however, and here's what I did.

First step was to log in to the SSL server -- in this case it's a Linux box running Apache -- and switch to root with the "su" command. Now, move into the directory /etc/mail/certs and you'll find a file with a strange numeric name like "0cf916dd.0". That's what you want. I suggest you copy that file to your own home directory and make sure you leave it accessible for later:

# cp 0cf916dd.0 ~taylor
# chown taylor ~taylor/0cf916dd.0
# ls -l ~taylor/0cf916dd.0
-r-------- 1 taylor taylor 863 Oct 17 07:24 /home/taylor/0cf916dd.0

Looks good. Now, quit superuser, then disconnect and reconnect with your SFTP client application (I certainly hope that you are NOT using FTP to connect. It's notoriously insecure), and download the copy of the security certificate you've left in an accessible place:

sftp> get 0cf916dd.0
Fetching /home/taylor/0cf916dd.0 to 0cf916dd.0
/home/taylor/0cf916dd.0 100% 863 0.8KB/s 00:00
sftp>

Now you need to add a new filename suffix to the file before you can proceed (an important step!). Click once on the new file's name, count to 10, then click again. You should be able to edit the filaname: add the suffix ".crt" to it. You'll need to verify the change:

Finally, it's time to open up a new Finder window and navigate into Applications --> Utilities. Now, drag the root certificate on top of the Keychain Access application:

Root Certificate Dragged Atop Keychain Access

Now the Keychain Access application itself will confirm you want to install the new security certificate:

Important step: Make sure that you specify you want it to be filed away as an X509 Anchor certificate, as shown. Click on "OK" and you're done!

Now, the next time you use Entourage in secure mode, you should be able to interact with your SSL-based secure server without a problem.

Categorized: Mac OS X Help (Article 6938, Written by Dave Taylor)
Tagged: mac os x, microsoft entourage, root certificate, security certificates
Previous: How can I broadcast a message to my MySpace friends?
Next: How do I add a Yahoo search box to my site?

Subscribe!

Never miss another Q&A article! Click to subscribe:

Comments

I'm having the same trouble only on a Microsoft Windows 2008 Server (running Exchange 2010 mail server)

What would be the procedure for obtaining the cert from a Windows server?

Posted by: New York Computer Support at April 17, 2010 12:54 AM

I found that when Entourage wants a mail server's security certificate, if the server is running Exchange, the easiest way to obtain the security certificate is to go to the Web page for that server's Outlook Web Access. For instance, if your mail account is based on an Exchange server with the Fully-Qualified Domain Name of "mail.domain.com", there is a good likelihood that OWA is running at "https://mail.domain.com/exchange"

Point Safari at that OWA address, and you should get a message that Safari can't verify the identity of the Web site. Click on "Show Certificate", put a check in the box to always trust the certificate, then click on Continue. It should then ask for your password so it can add it to your Keychain.

Posted by: Chip at January 10, 2011 7:38 PM

I have something to say, now that you mention it, but ...

I do have a lot to say, and questions of my own for that matter, but first I'd like to say thank you for all your efforts on this Web site by buying you a cup of coffee!

I do have a comment, now that you mention it!

How can I fix too little virtual memory in Windows?

How do I install Windows XP in Boot Camp on my Mac?

How do I download photos onto my Apple iPhone?

How do I convert WMA to MP3 audio files in Windows Media Player?

How can I add a Google search box to my site?

How can I put music on my Apple iPod?

How can I get my Nintendo DS to connect to the Internet?

How do I reset my Mac OS X administrator (root) password?

Recent Entries

How can I pair a bluetooth speaker with my MacBook Pro?

Is my copy of Windows 7 "activated" and genuine?

The Scoop on Merchant Services and Credit Card Processing?

How can I change my Windows PC computer name?

Introduction to Google Docs Spreadsheets

Add Po.st Social Media (Facebook, Google Plus) widgets to your blog?

I Need Help!

Even More Help

Apple iPad Help
Articles and Reviews
Auctions and Online Shopping
Blogs and RSS Feeds
Building Web Site Traffic
Business and Management
CGI Scripts and Web Site Programming
Computer and Internet Basics
d) None of the Above
Facebook Help
Google Plus Help
HTML and CSS
Industry News and Trade Shows
iPhone and Cell Phone Help
iPod, Sony PSP and MP3 Player Help
Mac OS X Help
Pay Per Click (PPC) Advertising
Search Engine Optimization (SEO)
Shell Script Programming
Tech Support Video Help
The Writing Business
Twitter, LinkedIn and Social Network Help
Unix and Linux Help
Video Game Tips and Help
Windows PC Help
WordPress Help

film blog - social media / blogging speaking - business blog - Colorado photography - free tech support

© 2002 - 2012 by Dave Taylor. All Rights Reserved.

Note: This web site is for the purpose of disseminating information for educational purposes, free of charge, for the benefit of all visitors. We take great care to provide quality information. However, we do not guarantee, and accept no legal liability whatsoever arising from or connected to, the accuracy, reliability, currency or completeness of any material contained on this web site or on any linked site.

business blog | sitemap | link to us!