Ssl error when try to send emails

1

From today I cannot send any invoices from my account, I just getting an An error occurred while attempting to establish an SSL or TLS connection. The server’s SSL certificate could not be validated for the following reasons: • The server certificate has the following errors: • An incomplete certificate revocation check occured.

I asked domain master to update ssl certificate, which they did; we deleted email address on their side as well as on Manager and recreated the email address on both sides, we disabled anti-virus as other users suggested, but still no luck to get the email to work. Please help as I am way beyond desperate

Regards

Leo

2

Hello @Leo_Visser,

This is frustrating indeed.

We need more information in order to help:

  1. What Version and Edition of Manager are you using?

  2. What is your email host?

  3. What error message do you get exactly? Share a screenshot of the error message along with your Email Settings in Manager

3

Good morning Ebrahim

The answers to your questions are as follows:

  1. The version is the desktop version Idownloaded yesterday): V25.5.8.2317
  2. Protocol SMTP: Hostname: mail.jwainc.co (see screenshot attached) Even if I click on “Do not verify TLS certificate”, it still gives the same error
  3. The Error An error occurred while attempting to establish an SSL or TLS connection. The server’s SSL certificate could not be validated for the following reasons: •
    The server certificate has the following errors: • An incomplete certificate revocation check occurred

Kind regards

Leo

(attachments)

Screenshot 2025-05-21 at 3.22.47 PM.png
Screenshot 2025-05-21 at 3.22.47 PM.png710×788 35.9 KB

4

Have you tried either of the following settings:

  • Port: 587 with TLS on

  • Port: 25 and check Do not verify TLS certificate

5

I tried all but with no avail

6

When I change the port to 25, and click on the do not to verify TLS, then I get a timeout error as per attached screenshot

(attachments)

Screenshot 2025-05-22 at 1.53.05 PM.png
Screenshot 2025-05-22 at 1.53.05 PM.png575×492 21.2 KB

7

the 25 port gives timed out, and 465 and 587 both gives error:

An error occurred while attempting to establish an SSL or TLS connection. The server’s SSL certificate could not be validated for the following reasons: •
The server certificate has the following errors: • An incomplete certificate revocation check occurred

Regards

Leo

8

A quick search gave me this:

An incomplete certificate revocation check means that the process of verifying whether a digital certificate is still valid has failed to complete. This can happen if the certificate authority’s revocation information is not available or accessible, or if there’s an issue with the client’s ability to reach those resources.

Here’s a more detailed breakdown:

Certificate Revocation

Certificates can be revoked by their issuing authority if they are compromised, or for other reasons. This revocation status is meant to be checked to ensure the certificate is still valid before it’s trusted.

Revocation Mechanisms

Certificate authorities publish information about revoked certificates, typically in the form of Certificate Revocation Lists (CRLs) or using the Online Certificate Status Protocol (OCSP).

Incomplete Check Causes

  • CRL or OCSP unavailability: If the client can’t reach the CRLs or OCSP responders of the certificate authority, or if the CRLs are not current or available, the revocation check will fail.

  • Network issues: The client may not be able to access the internet, or there may be network blocks preventing access to the revocation information.

  • Server or cache issues: Server configuration or caching issues can also interfere with the revocation check.

  • Time synchronization: If the client’s time is not synchronized with the CA’s, it may be unable to determine the validity of the CRLs.

  • Incorrect CA: The client may be checking the revocation status against the wrong CA.

  • Missing or incorrect intermediate certificates: If the certificate chain is incomplete, it can lead to revocation check failures.

Consequences

An incomplete check can mean the system cannot determine if the certificate is valid, and may deny access or generate security warnings.

Troubleshooting

  • Check network connectivity.

  • Verify that the client’s time is synchronized.

  • Clear server caches.

  • Ensure the correct intermediate certificates are installed.

  • Test access to the CRLs and OCSP responders.

This appears to an error to be resolved by the host, except for the highlighted points.

Since you are using Desktop version, I’d first start with ensuring that your system date and time are correct.

Second step would be to clear your browser cache and restart your computer.

9

Hi Ebrahim

After struggling the whole day, I changed the server name from mail.jwainc to cpanel27mywebserver, which they also shared with me some years ago, now the emails work 100% again.

Thank you for trying to assist, it is most appreciated

Kind regards
Leo

1 Like
10

I’m glad you got this sorted out