none
How to disable Outlook for checking for IMAP/POP3 Certificate Name Mismatch? RRS feed

  • Question

  • I have outlook clients that are connected to an IMAP/POP3 server that's off-site provided by company A.

    Company A requires me to enter imap.companya.com for imap server address and 993 for the port.

    I must also enable SSL for the connection.

    When I do this, Outlook pops up an error message (shown below), that must be reacted to every time it checks for mail.

    The reason is that the certificate is for myserver.companya123.com and that's different than imap.companya.com but company A wont change it. They said I need to disable my email programs certificate check so it doesn't keep prompting me. Now I can do this with my iphone, and other email programs without incident. But I cannot find where to disable it in outlook.

    If I change the imap server address in my account settings for outlook to instead use myserver.company a123.com, outlook can't connect and as the vendor said I must use imap.companya.com as the imap server address.

    I need to be able to connect via SSL (so nobody can swipe my password over the wire) but not have to react 1000x a day to the certificate warnings.

    I don't want to use Eudora, or another email client that allows me to easily disable the warning. I want to use outlook. How do I set outlook so it doesn't keep popping up these certificate server name mismatch warnings?

    I spent days searching for a fix, and it seems there are fixes via the registry for just about every type of certificate issue, but NOT THIS PARTICULAR ONE.

    I am hoping someone knows exactly what I am talking about and knows of a easy fix. I must use SSL so please don't tell me to disable SSL.

    What I need is to disable outlook from presenting that alert. That's what I need to do. No other solution will suffice. I hope outlook does not have a product limitation that prevents such a thing from being done. I am ok with a registry fix if need be, but being able to disable outlook from presenting certificate name mismatch alerts is critical. Hope its possible! Thanks!


    • Edited by ACECORP Friday, April 24, 2015 8:03 PM
    Friday, April 24, 2015 7:54 PM

Answers

  • Hi,

    Sorry that it takes me so long to get back to you.

    We have performed lots of research on this, seems we cannot disable Outlook for checking for IMAP/POP3 Certificate Name Mismatch.

    Thanks for your understanding.

    Regards,

    Ethan Hua

    Forum Support


    Come back and mark the replies as answers if they help and unmark them if they provide no help.

    If you have any feedback on our support, please click here

    • Marked as answer by ACECORP Saturday, October 17, 2015 9:04 PM
    Friday, May 15, 2015 1:47 AM
    Moderator

All replies

  • Have you ever tried this registry key?

    System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\[version]\Outlook\Security]
    Value Name: SupressNameChecks
    Data Type: REG_DWORD (DWORD Value)
    Value Data: (0 = default, 1 = supress checks)

    Kapaal


    • Edited by Kapaal Monday, April 27, 2015 7:22 AM
    Monday, April 27, 2015 7:21 AM
  • The SupressNameChecks registry suggestion you made does not have anything to do with outlook disregarding server SSL certificates whose names do not match the name of the server.

    Your suggestion prevents outlook from performing a name check on a certificate that's applied to an email message (used for secure messaging) - which is totally different. See details here - https://support.microsoft.com/en-us/kb/276597

    I need to stop outlook from performing a name check on the server side certificate that's applied to the imap server to which I am connecting and making the suppressnamechecks  registry change does not fix that.

    I hope outlook does not have a product limitation that prevents such a thing from being done. That would make it very different from thunderbird and any other mail client that allows you to disable server side certificate name mismatch checking.

    Monday, April 27, 2015 1:33 PM
  • Hi,

    Thank you for your post.

    This is a quick note to let you know that we are performing research on this issue.

    Regards,

    Ethan Hua

    Forum Support


    Come back and mark the replies as answers if they help and unmark them if they provide no help.

    If you have any feedback on our support, please click here

    Wednesday, April 29, 2015 2:15 AM
    Moderator
  • Hi,

    I would suggest we try the registry key mentioned in this article (Method 4) to configure Outlook to allow the connection to the mismatched domain name, and see if it works:

    HKEY_CURRENT_USER\Software\Microsoft\Office\<var>xx</var>.0\Outlook\AutoDiscover\RedirectServers

    Let me know if this doesn't work.

    Regards,

    Ethan Hua

    Forum Support


    Come back and mark the replies as answers if they help and unmark them if they provide no help.

    If you have any feedback on our support, please click here

    Thursday, April 30, 2015 6:42 AM
    Moderator
  • Hello,

    Try this:

    View the certificate while you get alert message. then export it in a file on your local machine.

    open internet explorer tools-content-certificates-trusted root certificates

    then import the saved certificate file.

    Regards,

    TheHumanBot

    Thursday, April 30, 2015 7:03 AM
  • This isn't the solution. Importing a certificate into the trusted root store does not solve the problem of outlook poping up a certificate name mismatch error.
    Thursday, April 30, 2015 11:07 AM
  • There is no http endpoint nor is there an autodiscover since this is not a Microsoft exchange implementation. There is only an IMAP server address and an SMTP server address. I will try adding a registry key with the IMAP sever address and the SMTP server address but I don't know if that will work because it appears to be outside the bounds of this article. It may be several days until I am able to get back to where those machines are located to make the change but I'll let you know if that works or not when I do.
    • Edited by ACECORP Thursday, April 30, 2015 11:12 AM
    Thursday, April 30, 2015 11:11 AM
  • Hi,

    How is it going? Please let us know if you would like further assistance.

    Regards,

    Ethan Hua

    Forum Support


    Come back and mark the replies as answers if they help and unmark them if they provide no help.

    If you have any feedback on our support, please click here

    Wednesday, May 6, 2015 9:00 AM
    Moderator
  • That didn't work. I added a registry key on one of the client machines for the IMAP Entry so the name of the registry key matches the certificate which is "myserver.companya123.com" while the IMAP Settings inside the outlook clients continue to point to the server's other name which is "imap.companya.com" as KB 2783881 prescribes, (https://support.microsoft.com/en-us/kb/2783881). However, that does not solve the problem. The certificate name mismatch message still pops up every time outlook connects. Since the KB article specifically says the solution is for http/https protocol and autodiscover I don't think the article is relevant since neither http/https or autodiscover is involved in this imap/smtp connection. I simply need to disable outlook from notifying me that the certificate name is different than the server name and so far nobody seems to have a solution to stop the notification. Is this an outlook product limitation or bug that I can't disable this certificate mismatch message?

    Wednesday, May 6, 2015 2:12 PM
  • Hi,

    Sorry that it takes me so long to get back to you.

    We have performed lots of research on this, seems we cannot disable Outlook for checking for IMAP/POP3 Certificate Name Mismatch.

    Thanks for your understanding.

    Regards,

    Ethan Hua

    Forum Support


    Come back and mark the replies as answers if they help and unmark them if they provide no help.

    If you have any feedback on our support, please click here

    • Marked as answer by ACECORP Saturday, October 17, 2015 9:04 PM
    Friday, May 15, 2015 1:47 AM
    Moderator
  • With all the advancements to outlook that have happened since 2015, is there now perhaps a way to disable this or to create an exception like you can do in Mozilla Thunderbird?
    Monday, May 2, 2016 9:06 PM
  • Any fix for this yet?

    It's October 2018.

    By now there really needs to be a configuration option in outlook to allow users to permanently ignore these mismatches just like Mozilla Thunderbird and all the other email client software. 


    Sunday, October 7, 2018 10:19 PM
  • November 2018 and I have not yet found a resolution to this issue :( 
    strongly considering converting to Mozilla Thunderbird despite ~PAYING~ for outlook via office365... very disappointing.
    Friday, November 2, 2018 5:48 AM
  • Thanks. It works.
    It works all so without the version in the registry: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Security
    Tuesday, September 17, 2019 9:37 PM