Kerio - Certificate installation

Immediately after being issued, your SSL certificate will be sent to you by email. It is also possible to download the certificate from the Control Panel. The file containing the certificate will have the same name as the domain name it is meant for (for example: www_sslcertificaten_nl.crt).

For the installation of your new certificate on Kerio, you need to login to the admin web interface of your Kerio Connect server.

  1. Go to section Configuration → SSL Certificates.
  2. Click on Import → Import Signed Certificate from CA.
  3. Select the chained file created in the Preparation step above
  4. To enable the server to use this certificate, select the certificate and click on the Set as Active button.


Now that the new certificate is installed on the Kerio connect server, it will be applied to the POPS, IMAPS, SMTPS services for your users. You can also bind it manually to the additional services supplied by your Kerio server, like the reverse proxy front end and the admin web interface.

Proxy server

When using the HTTPS reverse proxy service for your Kerio front end, you need to select your new certificate in the Configuration → Proxy Server pane.

Kerio certifcate installation

Web Interface

Under Configuration → Advanced options → Web Interface you want to select your certificate to make HTTPS access available for your admin portal. Make sure that your certificate matches the hostname of your Kerio hostname.

Kerio certifcate installation

All necessary steps to install your web server certificate have now been completed. Please make sure to adequately secure your certificate files, and to store a backup of your private key and web server certificate in a safe location. You should also install the root and intermediate certificates. Check whether the certificate is correctly installed with the SSLCheck and ensure an optimal configuration with these tips and settings.

Please do not hesitate to contact us if you encounter problems or error messages.


Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up