If a certificate is not accepted, it may have expired or it may be invalid for the way it’s being used. For example, some certificates may be used for establishing a secure connection to a server but not for signing a document.
The most common reason a certificate isn’t accepted is that the certificate authority’s root certificate isn’t trusted by your computer. To have your computer trust a certificate authority, you must add the certificate authority to a keychain and set the certificate trust settings.
-
If an app (such as Safari) displays the root certificate from the certificate authority as part of the message from the certificate authority. Drag the root certificate icon to the desktop.
-
Drag the certificate file onto the Keychain Access icon, or double-click the certificate file.
-
Click the keychain pop-up menu, choose a keychain, then click OK.
If you’re asked, enter the name and password for an administrator user on this computer.
-
Select the certificate, then choose File > Get Info.
-
Click the Trust disclosure triangle to display the trust policies for the certificate.
-
To override the trust policies, choose the trust settings you want to override from the pop-up menus.
For more information, see Certificate trust policies.
Posted in: EMAIL - FAQ's
