I'm experiencing a problem validating intermediate cert on our Stunnel configuration.
We are using Stunnel to forward IMAP, POP and SMTP SSL ports from our vpn server to our internal mail server. We originally used a self-signed cert on the vpn server. When clients connect via Outlook, Outlook Express, Thunderbird and various cell phone mail programs they received a warning message (Unable to verify identity of xxx) about the self-signed cert. To resolve this issue we purchased a SSL cert from Verisign to install on the vpn server.
We generated the key and CSR and received the new cert from Verisign, which also requires an intermediate cert for verification.
We have tried various methods to have the certs validated, combining the key, intermediate cert and server cert in one file, pointing to the CA_file, etc. but continue to see the Unable to verify identity message.
Has anybody else encountered this problem and found a way to resolve the problem?
Thanks in advance.
Eric McCombs