Using InstantSSL Cert for TLS on an email firewall

A new vendor has noted that we are not using a “valid cert.” They are getting an invalid cert error and have sent us the following link asking if we can make any changed to resolve their problem connecting to us.

Specifically: We have a similar problem and have traced it to the client certificate containing the NetscapeCertType extension with the SSLServer bit set but not the SSLClient bit.

The problem goes away if the NetscapeCertType SSLClient bit is set in the certificate, or if the certificate does not use the NetscapeCertType extension (uses the X509v3 standard extension “Extended Key Usage” instead)

Hi gbayse,

Contact the support team…they have lots of fixes for this type of issue.

Also, you might want to checkout the knowledgebase at


We are having very similar problem with InstanSSL Cert for TLS secure connection. The application seems not to be able to connect to the InstantSSL Cert server. If we use SSL connection, the problem goes away… Could you help to point out some of the posible options…

Thank you


The options are various, ranging from configuration issues to something in the certificate that the software might not like.

Your issue is presently with our level 2 support people.