The Remote Certificate Is Invalid According to the Validation Procedure
Q - In Elliott V8, I configure my mail server by using the internal NETBIOS name, which is "ts3" in this case. I choose to validate and enable the SSL. See sample screen screen below.
Then I click on the "Test" button to see if this configuration works. I then receive the following error message:
ERROR: The remote certificate is invalid according to the validation procedure.
What does this message mean?
A - If you enable SSL in the Elliott SMTP configuration, the "Server" name must match the name assigned on the SSL certificate. Otherwise, certificate validation will fail and you will get the "The remote certificate is invalid according to the validation procedure" error.
In this example, your SSL certificate could be issued for "ts3.netcellent.com." This name does not match the "ts3" you entered in the server name field, and thus the error. If that is the case, a possible solution is to change the server name to something like "ts3.netcellent.com." This will cause the certificate to match the server name and stop giving you this error message. However, you may encounter a NAT (Network Address Translation) IP address issue if you go with this approach.
Most of the organizations use NAT nowadays. If you host your own mail server, then the external IP address for "ts3.netcellent.us" may be something like 65.212.154.135. But internally, inside the organization's firewall, it may be 192.168.1.135 or 10.1.1.135.
Since the certificate you purchased is most likely for external access purposes, your DNS for ts3.netcellent.com will return the external IP address. But on the other hand, if Elliott is running inside your firewall, we expect to communicate with your mail server through the internal IP address, not the external IP address.
We are suggest two solutions to resolve this delimma:
(1) Don't enable SSL in Elliott V8 configuration
Since the SMTP communication between Elliott on each workstation and the mail server is on the internal LAN, you could consider not enabling SSL without much security risk.
(2) Allow alternative name with your certificate
For example, you can purchase one single certificate that will work for both:
ts3.netcellent.com
mail.netcellent.com
On your DNS server, mail.netcellent.com points to something like 65.212.154.135, which is for external use. For ts3.netcellent.com, it points to something like 192.168.1.135, which is for internal use.
Related Articles
Error with Payware Connect - The remote certificate is invalid according to the validation procedure
Release Date: 12/15/2017 Q - We started getting the following error on certain workstations yesterday when trying to pre-authorize a credit card with Payware Connect. Originally it was on the remote server, where some users worked and some didn't. We ...Feature - Warehouse Receiving Serial Number Validation
Release Date: 7/26/2016 When processing receipts through PO -> Processing -> Warehouse Receiving, the new feature will validate serial numbers that are entered/scanned for the item and prevent invalid serial numbers from being received into Elliott ...Feature - Country Validation
Release Date: 9/6/2022 Version: 8.5 and Above The feature allows the user to enable country validation. A new A/R Global Setup option has been added to enable this feature: Global Setup-> Acct-> A/R Global Control-> 32. Validate Country. 32. Validate ...Firearms Enhancement: FFL Validation System
'Release Date: 5/20/19 Update: 10/29/19 Version: 8.5 and up Introduction Accepting firearms drop ship orders from e-retailers opens up new business opportunities but it also presents potential business risks. This feature’s intention is to address ...Remote Desktop Workstation Name
Release Date: 6/19/17 Q - This is related to the Remote Desktop Configuration. I see that the system wants to set up a workstation ID for each user (local or remote). When the same user might work both from local and remote workstations, should the ...