Hello all,
We are having a very weird issue and wondered if anyone could help…
We are a web/email hosting company. We have a few email servers. Our main email server runs SmarterMail. We use a Wildcard Comodo SSL Cert. The Server is Win2008 R2 IIS7.5.
We have the *Cert for mail.domain.com & webmail.domain.com.
When accessing either domain from anything other than an Android device it is fine…be it using a browser or email application. However, when accessing from an Android device there is a certificate untrusted error.
The error using Android Mail is:
[b]Incoming mail server (IMAP): Invalid security (SSL) certificate. java.security.cert.CertPathValidatorException: Trust Anchor for certificate path not found.[/b]
The mail domain gets an ‘A’ using SSL Labs and shows no issues with Handshake Simulation for Android. The results can be found here - https://www.ssllabs.com/ssltest/analyze.html?d=mail.compucheckhosting.com&hideResults=on
Just to add, we do have the wildcard cert linked to two servers. Our main web server for our site and also the above mentioned email server. One is Centos Apache (web server) and the other is the IIS7.5 Mail server.
To get around the issue we can set the STARTTLS (Strict) to STARTTLS (Accept Any), however that only gets around the email and not browsing to the webmail. Plus obviously that’s a security issue.
Has anyone seen this issue before? If so any help would be gratefully received!
EDIT
Using https://www.bluessl.com/en/ssltest the cert is coming back with an error:
There is no trust the certificate. (27) The error may be due to the issue of internal CA. (no clients will accept this certificate)
It thinks it’s a self-signed cert?