Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Does the FxOS email client trust StartSSL certificates?

  • 2 replies
  • 1 has this problem
  • 76 views
  • Last reply by nblumoe

more options

I have my own mail server, using a certificate from StartSSL. Information about the cert and the host can be found here: https://www.sslshopper.com/ssl-checker.html#hostname=mail.nils-blum-oeste.net

I don't have issues with that certificate in Firefox. However, in the Firefox OS email client I get the error: "Unable to esatblish a secure connection with "mail.nils-blum-oeste.net" There may be a problem with your network or the server.

Shouldn't the email client trust this cert? I am using Boot2Gecko 3.0.0.0-prerelease on a Mozilla Flame.

Chosen solution

I had to concatenate the CA chain bundle from startssl to make it work with the email client: https://www.startssl.com/certs/ca-bundle.pem

Everything is fine now. :)

As a remark: I think it's a bit weird, that Firefox, Firefox OS (FxOS) and the FxOS apps email and calendar treat ssl certificates so differently. There does not seem to be a shared trust policy across those products. Furthermore calendar and email seem to use different mechanics to get the certs. For the calendar it is fine to upload self-signed certs to the phone. The email app however seems to ignore those. Pretty inconsistent apparently.

Read this answer in context 👍 0

All Replies (2)

more options

It may not. You can try to set up an email account on an actual device or simulator for results.

more options

Chosen Solution

I had to concatenate the CA chain bundle from startssl to make it work with the email client: https://www.startssl.com/certs/ca-bundle.pem

Everything is fine now. :)

As a remark: I think it's a bit weird, that Firefox, Firefox OS (FxOS) and the FxOS apps email and calendar treat ssl certificates so differently. There does not seem to be a shared trust policy across those products. Furthermore calendar and email seem to use different mechanics to get the certs. For the calendar it is fine to upload self-signed certs to the phone. The email app however seems to ignore those. Pretty inconsistent apparently.

Modified by nblumoe