‘Invalid certificate authority’ or ‘Unsigned certificate’ error when contacting kolabnow.com
Knowledge Base > FAQ's > ‘Invalid certificate authority’ or ‘Unsigned certificate’ error when contacting kolabnow.com
By Mads Petersen on January 20, 2020

As mentioned earlier, we just rolled over our digital certificates on Kolab Now in the beginning of January.  Some users however still get error messages when they try to connect; either to the webclient, or through a desktop client. Here is why..

The Kolab Now SSL/TLS certificates are validated through a Certificate Authority (CA) called Sectigo, formerly known as Comodo CA. The organization behind the Comodo CA changed ownership and reorganized itself through the year 2018. They renamed the certificate authority to Sectigo, and starting January 14th 2019, the certificate authority for the type of certificate Kolab Now uses changed to be ‘Sectigo RSA Domain Validation Secure Server CA’.

In the simple version of the story, a trust anchor is provided by the operating system or sometimes, the application. When connecting to the server (e.g. ‘https://kolabnow.com/’ or ‘imap.kolabnow.com’), the client application is provided the server certificate, along with the issuer chain, all the way up to a certificate (from an authority) that is included in the trust anchor. If there is a trusted certificate authority, the certificate is accepted as valid. If not, then the browser or the client application provides the user with an error message.

If your operating system or application is old, or has not been updated since mid-Januart 2019, it will not have received the new trust anchor that includes Sectigo, and your browser or client applications will then in turn void the certificate presented by the server.

The solution to the problem is to update your Operating System to the latest possible level.

Should you have any questions or concerns about this, then please Contact Support.