If your email server uses self-signed certificates, or if the certificates used by the mail server are not in the default Java keystore, you can import certificates.

On Linux:

cd /directory/with/cert_files
 
JAVA_HOME=/usr/lib/jvm/java-8-oracle/jre/
KEYTOOL=$JAVA_HOME/bin/keytool
KEYSTORE=$JAVA_HOME/lib/security/cacerts
PASSWORD=changeit

$KEYTOOL -import -trustcacerts -keystore $KEYSTORE -storepass $PASSWORD -noprompt -alias some.ca -file ca.crt
$KEYTOOL -import -trustcacerts -keystore $KEYSTORE -storepass $PASSWORD -noprompt -alias some.sub.ca -file sub.ca.crt

Change JAVA_HOME to properly reflect the path to your JRE.
The default value will work for Oracle JRE, but for OpenJDK JRE it will be different.

Set -alias and -file to proper values for your CA.
(alias is just a description, you can set it to anything)

The default PASSWORD to the keystore is changeit, so only change that if you actually have a different keystore password.

After import, restart Unimus to load the new keystore.

On Windows:

cd C:\directory\with\cert_files
 
set JAVA_HOME=C:\Program Files\Unimus\jre8\
set KEYTOOL=%JAVA_HOME%\bin\keytool
set KEYSTORE=%JAVA_HOME%\lib\security\cacerts
set PASSWORD=changeit

"%KEYTOOL%" -import -trustcacerts -keystore "%KEYSTORE%" -storepass %PASSWORD% -noprompt -alias some.ca -file ca.crt
"%KEYTOOL%" -import -trustcacerts -keystore "%KEYSTORE%" -storepass %PASSWORD% -noprompt -alias some.sub.ca -file sub.ca.crt

Change JAVA_HOME to properly reflect the path to your JRE.
The default value will work for Oracle JRE, but for OpenJDK JRE it will be different.

Set -alias and -file to proper values for your CA.
(alias is just a description, you can set it to anything)

The default PASSWORD to the keystore is changeit, so only change that if you actually have a different keystore password.

After import, restart Unimus to load the new keystore.