I'm experiencing a problem validating intermediate cert on our Stunnel
configuration.
We are using Stunnel to forward IMAP, POP and SMTP SSL ports from our
vpn server to our internal mail server. We originally used a self-signed
cert on the vpn server. When clients connect via Outlook, Outlook
Express, Thunderbird and various cell phone mail programs they received
a warning message (Unable to verify identity of xxx) about the
self-signed cert. To resolve this issue we purchased a SSL cert from
Verisign to install on the vpn server.
We generated the key and CSR and received the new cert from Verisign,
which also requires an intermediate cert for verification.
We have tried various methods to have the certs validated, combining the
key, intermediate cert and server cert in one file, pointing to the
CA_file, etc. but continue to see the Unable to verify identity message.
Has anybody else encountered this problem and found a way to resolve the
problem?
Thanks in advance.
Eric McCombs