Resolving SSL/Server Identity Verification Errors in Email Clients
**Description:**This guide provides step-by-step instructions for resolving SSL certificate and server identity verification errors in email clients when connecting to your mailbox on Brixly shared hosting. It’s designed for shared hosting customers with basic technical knowledge and focuses on solutions you can implement without server admin access.
Table of Contents
- Introduction
- Why Do SSL/Server Identity Errors Occur?
- Quick Checklist
- Step-by-Step Troubleshooting
- Examples of Correct Settings
- Common Error Messages and Solutions
- Advanced: Checking the Certificate Manually
- Further Assistance
Introduction
SSL/Server Identity Verification errors in email clients (such as Outlook, Thunderbird, Apple Mail, or mobile apps) are common when your email client cannot confirm the identity of the mail server. This can happen after domain changes, migrations, or using incorrect settings. Resolving these errors ensures your emails remain secure and deliverable.
Why Do SSL/Server Identity Errors Occur?
- Your domain’s SSL certificate does not match the mail server’s hostname
- The mail server uses a shared SSL certificate (typical in shared hosting)
- You are using
mail.yourdomain.com, but the SSL is issued to the hosting server (e.g.,xxxxx.hostns.io) - DNS changes have not yet propagated
Quick Checklist
- [ ] Are you using the server hostname as the mail server address?
- [ ] Have you accepted/trusted the SSL certificate in your email client?
- [ ] Do your DNS records (MX, A) point to the correct hosting server?
- [ ] Is your domain’s SSL certificate valid and not expired?
Step-by-Step Troubleshooting
1. Confirm Your Email Client Settings
Check the configuration in your email client:
- Username: Your full email address (e.g.,
user@yourdomain.com) - Password: Set in cPanel for your email account
- Incoming Mail Server: Use the provided server hostname (see below)
- Outgoing Mail Server: Use the provided server hostname
- Ports:
- IMAP:
993(SSL/TLS) - POP3:
995(SSL/TLS) - SMTP:
465(SSL/TLS) or587(STARTTLS)
- IMAP:
- Authentication: Enabled for SMTP and IMAP/POP3
2. Use the Correct Server Hostname
**Important:**The SSL certificate is valid for the server’s hostname, not your domain.Find your server hostname in cPanel (usually in the right-hand sidebar or in your welcome email).
**Example:**If your server hostname is absinthe.hostns.io, use:
Incoming/Outgoing server: absinthe.hostns.io
How to change this in your client:
- Go to the account’s server settings
- Replace
mail.yourdomain.comwith your actual server hostname
3. Accept or Trust the Certificate
Most email clients will prompt you to accept or trust the certificate if there’s a mismatch.
- Click Trust, Accept, or Continue (wording varies by client)
- Optionally, check “Always trust” if available
> You should only do this if you are connecting to the official server hostname provided by Brixly.
4. Update or Remove and Re-Add the Account
If errors persist:
- Remove the email account from your client
- Add it again using the correct settings and server hostname
5. Check DNS and Propagation
If you recently updated DNS records or migrated your domain:
- Use tools like MXToolbox to check if MX and A records point to your Brixly server
- DNS changes can take up to 24 hours to propagate
Examples of Correct Settings
IMAP (Recommended):
Incoming Server (IMAP): absinthe.hostns.io
Port: 993
Encryption: SSL/TLS
Outgoing Server (SMTP): absinthe.hostns.io
Port: 465
Encryption: SSL/TLS
Authentication: Yes (use full email address and password)
Common Error Messages and Solutions
| Error Message | Solution |
|---|---|
| "The certificate does not match the host you are connecting to." | Use the server hostname as mail server address. |
| "Server identity cannot be verified." | Trust the certificate or update to the server hostname. |
| "SSL Handshake failed." | Confirm correct port, encryption, and hostname. |
| "Untrusted certificate" | Trust the certificate, or re-add account properly. |
Further Assistance
If you’ve followed all steps and continue to experience SSL/server identity errors:
- Double-check all settings and DNS records
- Try connecting via webmail to ensure the mailbox is working:
https://your-server-hostname/webmail - Consult our Email Hosting Knowledge Base
**Still having trouble?**Please open a support ticket with:
- The exact error message you receive
- Your domain name and email address
- The steps you’ve already taken
Our team will be happy to assist further!
By following these steps, most SSL and server identity verification issues with email clients can be resolved by updating your settings and using the correct server hostname.