We are currently transitioning our site to use HTTPS everywhere, and this includes the emails that we send to customers. On our internal testing environments, we are using IIS with SSL certificates signed by our own company-internal CA. This CA is implicitly trusted by having its cert installed into the Local Computer > Trusted Root Certification Authorities certificate store on all machines.
However, in any email we generate that contains links to images from servers using our self-CA-signed certs, those images show up as the standard missing images/red X in Outlook 2013. If I choose Actions > View in Browser in Outlook, IE opens the message with the images displayed correctly.
We've tried numerous things: the "Do not save encrypted pages to disk" setting, the Group Policy setting for the same, and various other hints and tips I've found via Google – none of which have made any difference.
Basically it seems that Outlook is refusing to trust our cert, even though its CA is trusted – almost as if it's using its own internal list of trusted CAs and not the local machine's. Is this the case and is there any way around this behaviour? If not, why is this happening and what can I do to get around it?
Best Answer
Globally valid Comodo certs are $9 from Namecheap. If you work for minimum wage (I'm betting you don't) and you've spent more than hour on this it's not worth your time. You might be able to "fix" your internal clients, but when mailing anyone outside your organization your images will be varying levels of broken.