Does the FxOS email client trust StartSSL certificates?
I have my own mail server, using a certificate from StartSSL. Information about the cert and the host can be found here: https://www.sslshopper.com/ssl-checker.html#hostname=mail.nils-blum-oeste.net
I don't have issues with that certificate in Firefox. However, in the Firefox OS email client I get the error: "Unable to esatblish a secure connection with "mail.nils-blum-oeste.net" There may be a problem with your network or the server.
Shouldn't the email client trust this cert? I am using Boot2Gecko 3.0.0.0-prerelease on a Mozilla Flame.
Chosen solution
I had to concatenate the CA chain bundle from startssl to make it work with the email client: https://www.startssl.com/certs/ca-bundle.pem
Everything is fine now. :)
As a remark: I think it's a bit weird, that Firefox, Firefox OS (FxOS) and the FxOS apps email and calendar treat ssl certificates so differently. There does not seem to be a shared trust policy across those products. Furthermore calendar and email seem to use different mechanics to get the certs. For the calendar it is fine to upload self-signed certs to the phone. The email app however seems to ignore those. Pretty inconsistent apparently.
Read this answer in context 👍 0All Replies (2)
It may not. You can try to set up an email account on an actual device or simulator for results.
Chosen Solution
I had to concatenate the CA chain bundle from startssl to make it work with the email client: https://www.startssl.com/certs/ca-bundle.pem
Everything is fine now. :)
As a remark: I think it's a bit weird, that Firefox, Firefox OS (FxOS) and the FxOS apps email and calendar treat ssl certificates so differently. There does not seem to be a shared trust policy across those products. Furthermore calendar and email seem to use different mechanics to get the certs. For the calendar it is fine to upload self-signed certs to the phone. The email app however seems to ignore those. Pretty inconsistent apparently.
Modified by nblumoe