We have created a Secure SSL certificate for you to install into your system and programs that will allow your system to trust the certificates that we create. It is issued by DreamHost’s very own “New Dream Network Certificate Authority”, hereafter the NDN CA, because we love acronyms!
Download the certificate here (Make sure to right click and select "save link as"). You will now have a
Firefox and Thunderbird share the same certificate store. Changes in one will affect the other.
- Open Firefox or Thunderbird, then click on Firefox > Options (Firefox) or Tools > Options (Thunderbird)
- Then Select the Advanced Tab, select the Encryption (Firefox) or the Certificates (Thunderbird) tab and then click on View Certificates
- You will then need to click on the Authorities tab and click Import. Find that cert you saved, and hit OK! When it will ask you what you want to trust the cert for, check everything except code signing one.
- ALL-IMPORTANT: In
about:config(Firefox) or Tools > Advanced > General > Config Editor (Thunderbird), enable
When you import the certificate into Internet Explorer it does it for Windows as a whole, and thus anything which hooks in to that uses it. (The entire office suite, for example.)
- Open up Internet Explorer and click on Tools > Internet Options
- Click on the Content tab and select Certificates...
- You must pick Trusted Root Authorities then on Import and go through the prompt and choose the NDN Cert you downloaded earlier.
- The certificate will download as a text (.txt) file. Find it and change the file extension to .crt
- Open Keychain Access, this is in your Appplications -> Utilities folder.
- Select File->Import, Select the cert and X509Anchors, click OK. When prompted, enter your password.
- Click Tools > Options
- Click the Advanced tab.
- Click Security from the left-hand menu and then hit the Manage certificates button.
- Click the Authorities tab and then the Import button. Follow the instructions to import the certificate.
- When prompted with the Install authority certificate dialog, click the View button.
- Uncheck the Warn me before using this certificate checkbox and press OK to close all dialogs and save the settings.
Email Domain Mismatch
This is taken from This DreamHost Status Post, but to get it all in one place, here it is.
Why don’t these instructions work for Apple Mail?
For Apple Mail follow these instructions: http://wiki.dreamhost.com/Mac_OS_X_Mail_10.4#Instructions
Why not get a REAL certificate signed by someone widely trusted?
As of May 2013 Dreamhost has a certificate signed by USERTRUST (Comodo) which is used for POP and IMAP email connections.
Do I have to install the NDN CA certificate?
No! Just click to accept the *.mail.dreamhost.com certificate permanently and it shouldn’t bother you until we renew or change the certificate. Installing the CA certificate would allow us to renew the certificate transparently.
Not quite standards compliant
The certificate is installed, now, however some astute readers have alerted me to the fact that this new certificate isn’t actually X.509 specification compliant. We’re going to stick with it, since it does help a subset of our users, and will consider some alternatives for the future!