Configuring Microsoft Outlook Express for IMAP over SSL

After configuring Outlook Express for an IMAP connection, these instructions may be followed to set up a secure connection using TLS/SSL encryption. This ensures all communications between the email client and our email servers, including user names and passwords, are protected as they are transmitted over the internet.

Step One

OE IMAP SSL step 1

Right-click your IMAP account in the Outlook Express folder pane and choose "Properties".


Step Two

OE IMAP SSL step 2

Select the "Servers" tab in the Properties window that pops up. The server name in the "Incoming mail (IMAP):" field should be changed to the appropriate abihosting.com hostname. In this case it should be imap1.abihosting.com. Changing the server name will avoid name mismatch warnings when checking for email. This is due to the fact that the certificate used is for a specific name. This step is not neccessary; if you don't mind these warnings simply leave this field as is. When ready to continue, click on the "Advanced" tab.


Step Three

OE IMAP SSL step 3

Check the box for "This server requires a secure connection (SSL). Unfortunately, at this time Outlooks Express does not support the STARTTLS extension. Thefore, the port number for "Incoming mail (IMAP):" will be changed from 110 to 993. Some configuration of firewalls may be required for this setting to work. Such a topic is beyond the scope of this Knowledge Base. Please consult the proper documentation or your organization's IT staff if any issues arise.

The mail server uses a certificate signed by our own private CA (Certificate Authority). This does not lessen security in any way. However, the mail client will correctly warn you that it can not properly identify the cert. This is not a problem, and if you want to avoid these warnings in the future follow these additional steps.

Outlook Express and Internet Explorer share the same trusted certificate and Certificate Authority information. Therefore, we can use Internet Explorer to set up trust for the ABI Hosting private CA. To do so, visit https://imapwebmail1.abihosting.com/.


Step Four

IE SSL step 1

A warning similar to the image above should pop up. This is safe, and is the expected behavior. Click on the "View Certificate" button.


Step Five

IE SSL step 2

In the "Certificate" window that pops up, click on the "Certification Path" button. Highlight the top entry, "ABI Hosting Certificate Authority", and click on the "View Certificate" button again.


Step Six

IE SSL step 3

You should now see a window like the one above. To establish trust for our private CA, click the "Install Certificate" button.


Step Seven

IE SSL step 4

The above "Security Warning" window should now be displayed. Again, this is the expected behavior. Agree to the installation of the cert by clicking the "Yes" button.

At this point our certificate is installed. Neither Outlook Express nor Internet Explorer should display any warnings when accessing secure pages using certificates signed by our private CA.