DigitalOcean

Report this

What is the reason for this report?
Question

SSL "root certificate not trusted" Ubuntu 12.04 x64, Apache, iRedMail

Posted on November 5, 2013
Nick Thompson

By Nick Thompson

So, I installed iRedMail successfully following this tutorial: https://digitalocean.com/community/articles/how-to-install-iredmail-on-ubuntu-12-04-x64

I also installed a RapidSSL certificate and everything works great when pull up the site in my browser (cognizemail.co). And this certificate checker says it’s installed correctly: https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=SO9556

I can send and receive mail just fine, but the issue I’m having is that I have to make a security exception every time I connect or set up an account in mail (OS X). It comes up saying the certificate location/province is GuangDong, China. WTF? That’s not the location I specified when I configured the certificate.

screenshot: http://cognizemail.co/mail.png

It seems to do this regardless of whether I use the www.

This has been driving me nuts! Does anyone have an idea of what could be going on here?

Thanks :)

Nick



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Nick Thompson
Nick Thompson
November 5, 2013

I put cognizemail.co.crt, cognizemail.key, intermediate.crt, and RapidSSL_CA_bundle.pem in /etc/ssl <br> <br>I have these lines in /etc/apache2/sites-available/default-ssl … <br>SSLEngine on <br>SSLProtocol all <br>SSLCertificateFile /etc/ssl/cognizemail.co.crt
<br>SSLCertificateKeyFile /etc/ssl/cognizemail.key <br>SSLCACertificateFile /etc/ssl/intermediate.crt <br> <br>The intermediate.crt is the CA Bundled one from here: https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&actp=CROSSLINK&id=AR1548 <br> <br>I tried a few other things like: “dpkg-reconfigure ca-certificates” and "update-ca-certificates

0
Kamal Nasser
Kamal NasserDigitalOcean Employee badge
November 5, 2013

Do you have RapidSSL’s ca-bundle configured in apache?

0
Nick Thompson
Nick Thompson
November 5, 2013

RapidSSL_CA_bundle.pem and intermediate.crt contain the same text. I think I just need intermediate.crt, but I’m not sure.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.