| Table of Contents |
|---|
...
The following shows how to get the certificate chain for a given SSL service. Its linux oriented, There are two approaches, the first is automated, if there are problems, a manual approach is also given (linux oriented) if you use windows, ask your network administrator for the certificate chain.
Services
- Gmail - https://support.google.com/a/answer/176600?hl=en
- Office365 - https://support.office.com/en-US/Article/Settings-for-POP-and-IMAP-access-for-Office-365-for-business-or-Microsoft-Exchange-accounts-7fc677eb-2491-4cbc-8153-8e7113525f6c?ui=en-US
- Windows Live (eg @outlook.com) - http://windows.microsoft.com/en-GB/windows/outlook/send-receive-from-app
| Service | Example Host | Example Port |
|---|---|---|
| POP | pop.gmail.com | 995 (SSL) |
| IMAP | imap.gmail.com | 993 (SSL) |
| SMTP | smtp.gmail.com | 465 (SSL), 587 (TLS) |
| POP3 | outlook.office365.com | 995 (SSL) |
| IMAP4 | outlook.office365.com | 993 (SSL) |
| SMTP | smtp.office365.com | 587 (TLS) |
| POP3 | pop-mail.outlook.com | 995 (SSL) |
| IMAP | imap-mail.outlook.com | 993 (SSL) |
| SMTP | smtp-mail.outlook.com | 25 or 587 (TLS) |
CA Chain extraction: The Easy Way
JEMHC can extract an SSL certificates signing chain, and store them in JEMHC for later use to validate the SSL connection.
...
Testing the configuration can throw up a warning, shown below, which means the CA chain found a certificate that is already bundled with the default JAVA runtime, its less efficient to duplicate this by may be required when there are intermediate certs.
...
CA Chain extraction: The Linux Cmdline way
Issue the following command in a linux environment:
...