Outlook security warning Server certificate


  1. Posts : 136
    Windows 7
       #1

    Outlook security warning Server certificate


    Hi,

    I use Outlook2010 as mail program.
    When I Start it to receive my mails I got a Internet Security warning.
    “Target Principal Name is Incorrect”
    What simply means that the URL of the certificate and the domain I connect to is not the same. Thats not a real problem as I know the cert is OK.

    The question is how do I tell outlook that it hast to trust this certificate?
    I already tried some ways to install it, but it seems that I'm missing something.
    Can somebody give me some help?
      My Computer


  2. Posts : 5,605
    Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
       #2

    Check if you have KB2524375 installed in your updates.
    Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing
    If not pick the one appropriate to your system.

    How to view: Windows Update - View Update History Details
      My Computer


  3. Posts : 136
    Windows 7
    Thread Starter
       #3

    Anak said:
    Check if you have KB2524375 installed in your updates.
    Microsoft Security Advisory: Fraudulent Digital Certificates could allow spoofing
    If not pick the one appropriate to your system.

    How to view: Windows Update - View Update History Details
    Is installed ...

    When I view the certificate I can also "install" it to some different locations.
    But it seems not to work.



    Some Info about the system:
    Windows 7x64 Prof always up to date.
    Office 2010 x64.
      My Computer


  4. Posts : 5,605
    Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
       #4

    Are you using any other email programs, whether web or client based?

    Go to:
    Outlook. Select "tools" > "Actions" > "Account Settings" > Double-click on your email address.

    Under Server information:
    Incoming Mail Server should be, pop.other email program.com
    Outgoing Mail Server (SMTP) should be, smtp.other email program.com


    There is also another KB compatibility problem (KB980436)
    You can either delete the Update or add a DWORD value to the registry.
    More information:
    https://blogs.msdn.com | Understanding Problems with MS10-049, KB 980436 and IETF RFC5746

    Near the bottom of this link it suggests to use the SSL protocols, especially 3.0, and to uncheck any TLS protocols.
    In IE8: Tools >Internet Options >Advanced Tab >Near the bottom of the Security Section.
    In FF 10.0.2: Tools >Options >Advanced Tab >Encryption Tab

    Using gmail I have all protocols checked in IE8, and in FF I have both SSL, and TLS checked, and I have no problems, but then I don't have KB980436 installed either.
      My Computer


  5. Posts : 136
    Windows 7
    Thread Starter
       #5

    Anak said:
    Are you using any other email programs, whether web or client based?
    Yes, I use(ed) also web interface.
    (In very former times I also used Thunderbird)
    But I have only Problems with Outlook 2010 x64.

    Anak said:
    Go to:
    Outlook. Select "tools" > "Actions" > "Account Settings" > Double-click on your email address.

    Under Server information:
    Incoming Mail Server should be, pop.other email program.com
    Outgoing Mail Server (SMTP) should be, smtp.other email program.com
    I do not understand why there should be "other email program"?
    In my case:
    imap.domain.at TLS Port 143
    smtp.domain.at TLS Port 25

    Anak said:
    There is also another KB compatibility problem (KB980436)
    You can either delete the Update or add a DWORD value to the registry.
    More information:
    https://blogs.msdn.com | Understanding Problems with MS10-049, KB 980436 and IETF RFC5746
    I propably will read through, but allready found:
    Again, this is only temporary. Fix the Server! OpenSSL, Apache etc.. all have fixes for this (see CVE-2009-3555 for links to your product).
    This does not sound like this refers to a local problem.
    I thought I only got a problem in the way outlook stores the certificate.
    I just want to say: "Hey, Outlook. I know the names don't mach (In the cert and the server I connecting to) but it is Ok, I trust the signing".

    Anak said:
    Near the bottom of this link it suggests to use the SSL protocols, especially 3.0, and to uncheck any TLS protocols.
    In IE8: Tools >Internet Options >Advanced Tab >Near the bottom of the Security Section.
    In FF 10.0.2: Tools >Options >Advanced Tab >Encryption Tab

    Using gmail I have all protocols checked in IE8, and in FF I have both SSL, and TLS checked, and I have no problems, but then I don't have KB980436 installed either.
    I do not realy see whats the connection between IE/FF and Outlook?
      My Computer


  6. Posts : 5,605
    Originally Win 7 Hm Prem x64 Ver 6.1.7600 Build 7601-SP1 | Upgraded to Windows 10 December 14, 2019
       #6

    MPREv said:
    Anak said:
    Are you using any other email programs, whether web or client based?
    Yes, I use(ed) also web interface.
    (In very former times I also used Thunderbird)
    But I have only Problems with Outlook 2010 x64.
    How do you think Outlook gets its emails? Through the Internet, and if your browser security protocols are not set right you will receive warnings.

    MPREv said:
    Anak said:
    Go to:
    Outlook. Select "tools" > "Actions" > "Account Settings" > Double-click on your email address.

    Under Server information:
    Incoming Mail Server should be, pop.other email program.com
    Outgoing Mail Server (SMTP) should be, smtp.other email program.com
    I do not understand why there should be "other email program"?
    In my case:
    imap.domain.at TLS Port 143
    smtp.domain.at TLS Port 25
    The "other email program" was to be a clue for you to type in the name of that web based email program.

    Lets say you have Yahoo because you have not been forthcoming about any of you system specs, and I am only using that as an example.
    Then
    imap.domain. should be reset to pop.yahoo.com, and
    smtp.domain. should be reset to smtp.yahoo.com

    MPREv said:
    I propably will read through, but allready found:
    Again, this is only temporary. Fix the Server! OpenSSL, Apache etc.. all have fixes for this (see CVE-2009-3555 for links to your product).
    This does not sound like this refers to a local problem.
    I thought I only got a problem in the way outlook stores the certificate.
    I just want to say: "Hey, Outlook. I know the names don't mach (In the cert and the server I connecting to) but it is Ok, I trust the signing".
    You do have a problem in the way Outlook accepts, and stores certificates that's why you are getting the warning. To the best of my knowledge there is no setting to just tell Outlook to ignore the warning.

    MPREv said:
    Anak said:
    Near the bottom of this link it suggests to use the SSL protocols, especially 3.0, and to uncheck any TLS protocols.
    In IE8: Tools >Internet Options >Advanced Tab >Near the bottom of the Security Section.
    In FF 10.0.2: Tools >Options >Advanced Tab >Encryption Tab

    Using gmail I have all protocols checked in IE8, and in FF I have both SSL, and TLS checked, and I have no problems, but then I don't have KB980436 installed either.
    I do not realy see whats the connection between IE/FF and Outlook?
    I only put that in there to help you find where the settings for SSL, and TLS were kept in those browsers, and to uncheck any TLS settings .

    If your browser security protocols are not set right you will receive warnings.



    Do you have KB980436 installed?

    You could run this to check for any security vulnerabilities: https://secunia.com/vulnerability_scanning/online/


    EDIT:
    You can also try this: Fix problems with programs that can't be installed or uninstalled
    Last edited by Anak; 18 Mar 2012 at 00:27. Reason: Found fixit
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 09:39.
Find Us