The bat add the certificate to the trusted ones. The server did not provide a root certificate in the bat session: what to do

Safety of work in the program The Bat! can only be guaranteed if its version is 4.0 or higher. If the version of The Bat! 3.99.29 or lower, then it is not safe to use. We recommend installing mail client newer version.

Configure via IMAP protocol

To set up The Bat! via IMAP protocol:

4. On this page, enter the following information:

6. On the settings page that opens, enter the following information:

• To access the server, use the protocol - IMAP;
• Server for receiving mail - imap.mail.ru;

8. B this section provide the following information:

• User - full name your his mailbox in format [email protected];
• Password—the current password for your mailbox.

10. For better protection data you send and receive using mail program, you can enable encryption. To do this, in the window that appears, check the box next to “Yes” after the question “Do you want to check the remaining properties of the mailbox?” and click "Done".

11. In the menu on the left, select “Transport”, and in the “Sending mail” and “Receiving mail” sections, in the “Connection:” drop-down lists, select “Secure on a special port (TLS)”;

Check that the IMAP server port is 993 and the SMTP server port is 465.

12. Click “Authentication...” next to “SMTP server”, check the box next to “SMTP Authentication”, check the box “Use mail receiving parameters (POP3/IMAP)”, and also uncheck the box next to “POP before SMTP authentication” » click OK.

13. To make the list of folders in your mail program similar to the list of folders in your mailbox, click right click mouse to the name of the newly created one account and select Refresh Folder Tree.

14. Now you need to specify the folders in which all letters sent from the mail program, as well as letters from other system folders mail program. To do this, right-click on the name of the newly created account and select “Mailbox Properties...”.

15. In the window that appears, go to the “Mail Management” section, check the boxes next to “Sent Items” and “Trash”, select “Sent Items” and “Trash” in the drop-down lists, respectively.

16. Go to the “Delete” subsection and check the boxes next to “Place in the specified folder” in the “ Normal removal" and "Alternative deletion", by clicking the "Browse" button, select the "Trash" folder from the proposed lists.

17. Uncheck “Use alternative deletion for old emails”, and opposite “Mark deleted letters as read" set.

18. Click OK - the email program is configured!

Configure via POP3 protocol

To make email settings The Bat! via POP3 protocol, necessary:

1. B top panel in the “Mailbox” menu, select “New mailbox...”;

2. In the “Mailbox Name” field, enter any name, for example: Mail.Ru Mail.
Click Next.

3. On this page, enter the following information:

• “Your full name” - enter the name that will appear in the “From:” field for all messages sent;
• “E-mail address” - enter the full name of your mailbox.

4. On the settings page that opens, enter the following information:

• To access the server, use the protocol - POP3;
• Server for receiving mail - pop.mail.ru;
• The SMTP server address is smtp.mail.ru.
  Check the box "My SMTP server requires authentication."

6. In the window that opens, enter the following information:

• User - the full name of your mailbox in the format [email protected];
• Password—the current password for your mailbox.

7. Check the “Leave letters on the server” checkbox if you want to leave letters downloaded by the mail program in a mailbox on the server.

9. To better protect the data you send and receive using your email program, you can enable encryption. To do this, in the window that appears, check the box next to “Yes” after the question “Do you want to check the remaining properties of the mailbox?” and click "Done".

10. In the menu on the left, select “Transport”, and in the “Sending mail” and “Receiving mail” sections, in the “Connection:” drop-down lists, select “Secure on a special port (TLS)”.

Check that the POP3 server port is 995 and the SMTP server port is 465.

11. Click “Authentication...” opposite “SMTP server”, check the box next to “SMTP Authentication” and check the box “Use mail receiving settings (POP3/IMAP)”, click OK. The mail program setup is complete!

Change SSL settings

Safety of work in the program The Bat! can only be guaranteed if its version is 4.0 or higher. If the version of The Bat! 3.99.29 or lower , then it is unsafe to use it. We recommend installing a newer version of your email client.

To set up your TheBat! via secure SSL protocol:

4. If your email program is configured using the IMAP protocol.

In the “Sending mail” sections, in the “Connection:” drop-down list, select “Secure on a special port (TLS)”.

Check that the SMTP server port is 465.

If the above settings are already installed in your email program, then no changes need to be made.

Error: The TLS hello did not complete. The server name ("smtp.mail.ru.") does not match the certificate" or another error mentioning the inability to complete the connection using TLS.

It is possible that The Bat!'s root certificate database, required to work with a mailbox using the secure SSL protocol, is not up to date, in in this case you need to use Microsoft CryptoAPI, for this you need:

Please also note that for correct operation SSL protocol It is necessary that the correct date and time are set on your computer. You can check the date and time, as well as reset them, using our instructions.

send us

Error: “Unable to connect to server” or “TLS hello did not complete. The server name ("217.XX.XXX.XXX") does not match the certificate"

Please check your email client settings:

Follow all the steps described above and resend the email. If the problem persists, please send us your email client's sending log to diagnose the problem.

To get the dispatch log:

If you have problems setting up your email program, use our

Reception settings TheBat mail in an SSL connection

1. Download and save it locally (i.e. on your computer in some folder).

2. Go: mailbox -> mailbox properties -> general information -> certificates

3. -> import.

4. Select the saved certificate file cacert.pem. Open.

5. Click on the line that appears “Kinetics Certificate Authority”, then click “View”.

6. We see “This certificate is invalid.” Click "Certification Path".

7. Click on “Kinetics Certificate Authority” and “Add to trusted”.

6. Yes.

7. For self-test: the certificate must be valid. OK. OK. OK.

8. For self-test: in address book the "Kinetics Certificate Authority" entry should appear in the Trusted Root CA folder.

9. Select: mailbox -> mailbox properties -> transport -> connection
-> safe on special. port (995 should appear in the “Port” window).
That's it. After which the SSL connection will work.

Attention! In the mail field server value should be ns..85.127.69),
otherwise, with an ordered SSL connection, the mail client will not connect to the server at all.

When you connect to the server, you will see entries like this in your mailbox log:
date, time: FETCH - Receiving new mail
date, time: FETCH - Starting TLS hello
date, time: FETCH - Certificate properties: 02, algorithm: RSA (1024 bits), Valid from: 11/27/2012 9:40:26, to: 11/22/2032 9:40:26, for hosts in quantity 1 piece .: ns.site.
date, time: FETCH - Owner: RU, Novosibirsk, Institute of Chemical Kinetics and Combustion, IT-group, ns..nsc.ru.
date, time: FETCH - Root: RU, Novosibirsk, Novosibirsk, Institute of Chemical Kinetics and Combustion, IT-group, Kinetics Certificate Authority, nina@site
date, time: FETCH - TLS hello completed
date, time: FETCH - Connection to the POP3 server was successful
date, time: FETCH - Authentication successful (Normal method)

For reference: Kinetics Certificate Authority is an agency for issuing SSL certificates, created at the Institute of Chemical Control and Geology of the SB RAS.

For IMAP protocol everything is the same.

"The Bat!" is a program for operating system Windows designed to work with by email and written in Delphi. The program is relevant and currently enjoys authority, which is well deserved: many consider it the most secure client program for working with email.

Like any product this software periodically “fails”: they happen quite often, but in most cases the culprit of the problem is not the program itself, but the computer on which “The Bat!” installed. At the same time, the most “popular” error is “Invalid CA certificate”, due to which it is impossible to connect to the bat server.

What does the error “the server did not present the root certificate in the bat session” mean?

From the text of the error it is clear that the “stumbling block” was a certain program or process, the certificate of which is not verified or is suspicious (if we say “ in simple language"). Sometimes even reinstalling the operating system and then installing the program does not correct this situation (from the troubleshooting methods below it will be clear why this happens).

So, if the server has interrupted the connection the bat may help:

1. 1. Deleting the database of old certificates.

For this:

You are interested in the file “RootCA.ABD” or (“EBD”) - these are certificate stores;

• - after deleting old certificates, restart the program - it will automatically create new base data - check the functionality of the software;
• - if deletion does not help, try deleting the file “IntermCA.ABD”, it is located in the same file directory.

1. 2. In addition, there is a solution that is quite elegant in its simplicity - enabling “Microsoft CryptoAPI”. IN general case This is a set of functions for working with cryptographic operations (cryptoprovider).

So, in the program, open the “Properties” tab “S/MIME and TLS” and in the “Implementation of S/MIME and TLS certificates” section, check the “Microsoft CryptoAPI” line. Restart the program and confirm acceptance of the changes.

What should I do if it is still impossible to connect to the he bat server?

1. 3. Perhaps the error “the bat server did not provide the root certificate in the session” occurred due to the activity of an antivirus (for example, “Avast”). This is possible because the antivirus (especially Avast version 8 and higher) checks mail for SSL encryption, and the program “The Bat!” can't recognize this process, and the certificate “goes” into error.

Arises this failure due to the fact that the certificate stores of the program and the operating system are different, and after installing (or launching) a certain program previously unknown to The Bat!, the program simply “refuses” to work with unverified sources.

The solution is to simply add the issuer's certificate to the list of trusted ones:

First, you need to “obtain” this very certificate: to do this, press “Win ​​+ R” and enter the command “certmgr.msc” - the “Certificates” service will open;

• - in the “Trusted” section root certificates"Find the one where “avast” appears in the first or second column, then copy (import) it to your desktop or any other folder;
• - now in the program itself, open the “Box” tab - “Properties” - “ General information»;
• - in the window that opens, the parameter you need is the fourth tab “Certificates”: click the “Import” button, then select the previously saved “Avast” certificate from the list and click the “Add to trusted” button.

Here, in fact, are all the working ways to solve this error. It is worth paying close attention to method “2”: in most cases it is the one that helps to fix software glitch with the message “the server did not provide a root certificate in the bat session.”

In conclusion, it is worth dwelling on the advantages of the “The Bat!” program, of which there are many. For example:

• - ongoing support for developers;
• - encryption of the mail database and signature of letters;
• - instant blocking of suspicious images;
• - complete isolation from scripts and executable codes;
• - ability to create templates;
• - virtual folders;
• - letter sorter, backup and much more.

can only be guaranteed if its version is 4.0 or higher. If the version of The Bat! 3.99.29 or lower, then it is not safe to use. We recommend installing a newer version of your email client.

Configure via IMAP protocol

To set up The Bat! via IMAP protocol:

4. On this page, enter the following information:

6. On the settings page that opens, enter the following information:

• To access the server, use the protocol - IMAP;
• Server for receiving mail - imap.mail.ru;

8. In this section, provide the following information:

• User - the full name of your mailbox in the format [email protected];
• Password—the current password for your mailbox.

10. To better protect the data you send and receive using your email program, you can enable encryption. To do this, in the window that appears, check the box next to “Yes” after the question “Do you want to check the remaining properties of the mailbox?” and click "Done".

11. In the menu on the left, select “Transport”, and in the “Sending mail” and “Receiving mail” sections, in the “Connection:” drop-down lists, select “Secure on a special port (TLS)”;

Check that the IMAP server port is 993 and the SMTP server port is 465.

12. Click “Authentication...” next to “SMTP server”, check the box next to “SMTP Authentication”, check the box “Use mail receiving parameters (POP3/IMAP)”, and also uncheck the box next to “POP before SMTP authentication” » click OK.

13. To make the list of folders in the mail program similar to the list of folders in your mailbox, right-click on the name of the newly created account and select “Update folder tree”.

14. Now you need to specify the folders in which all letters sent from the mail program will be saved, as well as letters from other system folders of the mail program. To do this, right-click on the name of the newly created account and select “Mailbox Properties...”.

15. In the window that appears, go to the “Mail Management” section, check the boxes next to “Sent Items” and “Trash”, select “Sent Items” and “Trash” in the drop-down lists, respectively.

16. Go to the “Delete” subsection and check the boxes next to “Place in the specified folder” in the “Normal deletion” and “Alternative deletion” sections, by clicking the “Browse” button, select the “Trash” folder from the proposed lists.

17. Uncheck the “Use alternative deletion for old messages” checkbox, and check “Mark deleted messages as read” next to it.

18. Click OK - the email program is configured!

Configure via POP3 protocol

To configure the mail program The Bat! via POP3 protocol, necessary:

1. In the top panel, in the “Mailbox” menu, select “New mailbox...”;

2. In the “Mailbox Name” field, enter any name, for example: Mail.Ru Mail.
Click Next.

3. On this page, enter the following information:

• “Your full name” - enter the name that will appear in the “From:” field for all messages sent;
• “E-mail address” - enter the full name of your mailbox.

4. On the settings page that opens, enter the following information:

• To access the server, use the protocol - POP3;
• Server for receiving mail - pop.mail.ru;
• The SMTP server address is smtp.mail.ru.
  Check the box next to “My SMTP server requires authentication.”

6. In the window that opens, enter the following information:

• User - the full name of your mailbox in the format [email protected];
• Password—the current password for your mailbox.

7. Check the “Leave letters on the server” checkbox if you want to leave letters downloaded by the mail program in a mailbox on the server.

9. To better protect the data you send and receive using your email program, you can enable encryption. To do this, in the window that appears, check the box next to “Yes” after the question “Do you want to check the remaining properties of the mailbox?” and click "Done".

10. In the menu on the left, select “Transport”, and in the “Sending mail” and “Receiving mail” sections, in the “Connection:” drop-down lists, select “Secure on a special port (TLS)”.

Check that the POP3 server port is 995 and the SMTP server port is 465.

11. Click “Authentication...” opposite “SMTP server”, check the box next to “SMTP Authentication” and check the box “Use mail receiving settings (POP3/IMAP)”, click OK. The mail program setup is complete!

Change SSL settings

Safety of work in the program The Bat! can only be guaranteed if its version is 4.0 or higher. If the version of The Bat! 3.99.29 or lower , then it is unsafe to use it. We recommend installing a newer version of your email client.

To set up your TheBat! via secure SSL protocol:

4. If your email program is configured using the IMAP protocol.

In the “Sending mail” sections, in the “Connection:” drop-down list, select “Secure on a special port (TLS)”.

Check that the SMTP server port is 465.

If the above settings are already installed in your email program, then no changes need to be made.

Error: The TLS hello did not complete. The server name ("smtp.mail.ru.") does not match the certificate" or another error mentioning the inability to complete the connection using TLS.

Perhaps The Bat!'s root certificate database, required to work with a mailbox using the secure SSL protocol, is not up-to-date; in this case, you need to use Microsoft CryptoAPI, for this you need:

Please also note that for the SSL protocol to work correctly, you must have the correct date and time set on your computer. You can check the date and time, as well as reset them, using our instructions.

send us

Error: “Unable to connect to server” or “TLS hello did not complete. The server name ("217.XX.XXX.XXX") does not match the certificate"

Please check your email client settings:

Follow all the steps described above and resend the email. If the problem persists, please send us your email client's sending log to diagnose the problem.

To get the dispatch log:

If you have problems setting up your email program, use our

Error The Bat! " Unknown CA certificate":

The server did not present a root certificate in the session and the corresponding root certificate was not found in the address book.

This connection cannot be secret. Please contact your server administrator.

Occurs when The Bat! does not have the required SSL certificate when receiving mail.

This may occur in different situations and the reason is that, unlike most programs that use the Windows certificate store, The Bat! - yours. And if for some reason some program adds an important certificate using the “standard” method (only in the Windows storage), then The Bat! will not know about this and, focusing on its own, will produce an error " Unknown CA certificate".

RootCA.ABD and TheBat.ABD

The easiest way to try to overcome the error " Unknown CA certificate" - simply delete The Bat! certificate store so that it makes a new one the next time you boot. The files "RootCA.ABD" and "TheBat.ABD" are located in the main directory of The Bat!, which can be found by clicking/looking at " Properties - Settings - System - Mail catalog".

The TLS hello did not complete. Invalid server certificate (The chain provider for this S/MIME certificate was not found)

The first method may not help and you will get the same error" Unknown CA certificate", and in the mailbox log there will be something like:

>22.03.2013, 13:39:53: FETCH - Certificate properties: 16B0A68A00000000D49E, algorithm: RSA (2048 bits), Valid from: 21.12.2012 16:05:32, to: 17.01.2014 15:15:46, to hosts in quantity 17 pcs.: Yandex Mail Service, pop.yandex.ru, pop.yandex.com, pop.yandex.by, pop.yandex.kz, pop.yandex.ua, pop.yandex.com.tr, pop.narod.ru, pop.ya. ru, pop3.yandex.ru, pop3.yandex.com, pop3.yandex.by, pop3.yandex.kz, pop3.yandex.ua, pop3.yandex.com.tr, pop3.narod.ru, pop3.ya. ru.
>22.03.2013, 13:39:53: FETCH - Owner: RU, Russia, Moscow, Yandex, ITO, Yandex Mail Service, This e-mail address is protected from spambots; you must have Javascript enabled to view it.
>22.03.2013, 13:39:53: FETCH - Supplier: generated by avast! antivirus for SSL scanning, avast! Mail Scanner, avast! Mail Scanner Root.
!2013-03-22 13:39:53: FETCH - TLS hello not completed. Invalid server certificate (The chain provider for this S/MIME certificate was not found).

The main thing here for us:

Provider: generated by avast! antivirus for SSL scanning, avast! Mail Scanner, avast! Mail Scanner Root.

In particular, the problem is when "the certificate provider is unknown" (in our case - " avast! Mail Scanner Root") is obtained by those who use Avast versions 8 and newer, where he learned to check mail on SSL-encrypted connections, and The Bat! I don’t know about this (and about Avast).

To fix this, you need to add an issuer certificate" avast! Mail Scanner Root" to the trusted root certificates of The Bat!, because Avast itself added it to the trusted (trusted) only in the Windows certificate storage, and, as stated above, The Bat! has its own. To do this, run the command "certmgr.msc ", find and export " avast! Mail Scanner Root" from "Trusted Root Certification Authorities", or simply take the attached file here below (this is the Avast certificate).

Then we import this certificate into the right box. To do this, you will have to perform a long and non-obvious sequence of actions (hello to the vagabond writers!):

1. Add the certificate itself: Mailbox - Mailbox properties - General information - Certificates - Import - select the desired certificate (for example, avast!MailScannerRoot.cer)

2. Add the added certificate to the trusted ones (see picture): View - Certification Path - Add to Trusted

After this the error " Unknown CA certificate"will definitely disappear. Not forever - until next update Windows, The Bat! , antivirus or something else...