Entourage 2008 - Exchange root certificate

5/14/2010 12:04:21 PM

We have had the delight in trying to solve the issue of root certificates with Entourage 2008 and Exchange 2007 (Microsoft Small Business 2008)

Amazingly, with lots of people on the web with the same problem, no-one has posted a solution? As a small business we at Alpine hope this saves you the time and expense that we have incurred trying to solve this problem!

Here goes with the solution for how to install a root certificate on Mac OS X, Entourage 2008 and Microsoft Exchange:

First we need to create a certificate:

Error message: unable to establish a secure connection to XXX.XXX.XXX.XXX because a correct root certificate is not installed.

Within IIS console on SBS 2008

  • Server Certificates
  • Create self signed certificate i.e. mail.myserver.com or buy one!
  • SBS web applications
  • Bindings
  • Edit - where it says SSL certificate - ensure correct certificate is selected - or select view drop down menu.
  • View
  • Details
  • Copy to file
  • Next
  • Yes, export the private key
  • Next
  • Choose Personal Information Exchange
  • Tick boxes for;
  • "include all certificates in the certification path if possible"
  • and
  • "export all extended properties"
  • Give it a password
  • Save the certificate.
  • Go to location where you saved the file/certificate and email your users or put on an accessible network share.


Save certificate to your mac (desktop).

Installing the certificate on mac OS X.


We need to install the certificate in two places:

On mac
Open hard drive
Search for Microsoft cert manager (choose files to search) and open it
Import
Locate saved certificate - open
Enter password you gave to certificate earlier.
Certificate now imported.
Quit cert manager


Install certificate on Keychain login
Now search for "Keychain access"
Highlight login
File
Import
Browse for certificate
Make sure you are importing into login key chain
Enter certificate password

You should now have 2 certificates that you have imported. One is expandable.
On both certificates:
Double click
Expand trust
Under field "when using this certificate"
Choose "always trust"
Then enter MAC password

Now go to to Entourage 2008, connect to your exchange 2007 server.


Open entourage and note no certificate problems!

2 days - 3 people. This cost us a small fortune in work hours and I'm sure put doubt in our new customers mind as to our abilities.

But at Alpine we persevere and our customers problems truly are our problems.

comments powered by Disqus