Using our CA certificate

Doing this will get rid of the warning message for all SSL-enabled HCoop websites, as well as mail. It will also get rid of the warning for any HCoop member websites served via HTTPS that have opted to be signed by our CA certificate.

Using just the email certificate

If you don't want to install the CA certificate, then it is possible to install just the certificate for mail.

The easy way

In when the warning about the certificate comes up, drag the certificate icon to a folder. Then drag this into keychain access into the system keychain, or open it with keychain access and specify "system".

The hard way

When using webmail, MacOS X always warns you about the root certificate not found. does this as well. The solution for this problem is to do the following:

openssl s_client -showcerts -connect

In that output look for "BEGIN CERTIFICATE" and "END CERTIFICATE". Between those lines there is the certificate. Copy that to a pem file. Then do:

certtool i hcoopmail.pem k=/System/Library/Keychains/X509Anchors v

It will import this into the X509Anchors keychain, the 'v' is for verbose. It should also say it imported successfully. Now Safari should not warn you about this.