Mac Mail: Set up trust for the SSL certificate
When connecting to an HIS mail server with SSL enabled, MacMail will issue a warning because the certificate's domain name (*.his.com) won't match your mail server's domain name. (The infamous Certificate Domain Mismatch Error.)
To fix this problem, you can tell Mail to ignore the discrepancy. Here are 3 methods to do so:
Method 1
- Quit your Mail app
- Open Keychain Access
- Locate the certificate in the keychain (search for "his")
- Find the *.mail.his.com certificate.
- Double-click the certificate
- Expand the "Trust" settings
- Change the "When using this certificate" option to "Always Trust"
- Quit Keychain Access
- Launch Mail
Method 2
- Quit your Mail app
- Open Keychain Access
- Locate the certificate in the keychain (search for "his")
- Find the *.mail.his.com' certificate.
- Right-click that certificate and delete it.
- Launch Mail
- Try sending an email. You should get a message from Mail saying "Mail can't verify the identity of...".
- Click "Show Certificate"
- Check the box marked "Always trust *.mail.his.com"
- Click "Connect"
Method 3
- Open the Mail app
- Go to Mail -> Preferences...
- From the "Outgoing Mail Server(SMTP)" drop-down, select the "Edit Server List..." option.
- Select the proper outgoing mail server, then click on the subtract(-) button in the bottom-left corner to delete those outgoing mail settings
- Click on the add (+) button to re-add the outgoing mail setting.
- Enter "Description" and "Server Name:", then click on the Advanced tab.
- Select: Use the default ports(25, 465, 587)
- Use Secure Socket Layer (SSL) should be checked.
- At this point you will get a message from Mail saying "Mail can't verify the identity of...".
- Click "Show Certificate"
- Check the box marked "Always trust *.mail.his.com"
- Click "Connect"
- Back to the settings, "Authentication" should be set to "Password". The username is your full email address.
- Save your changes, then try to send a test email.