1 Accepted solution
Welcome to the Community @gpg2. I'm hoping someone with a bit more technical chops can offer a public solution, and maybe help you personally as well. @JWingate2 have you helped clients with this?
This kind of techincal issue with mail, specifically SpaceMail, is outside of my expertise. (But I appreciate the tag @BérangèreL!) So here's what I'd do. I popped this into my Perplexity Pro account to see if anything cam back that made sense to me.
From HubSpot’s IMAP technical requirements and troubleshooting docs, the key expectations are:
- The IMAP/SMTP host you enter in HubSpot must match the certificate’s CN/SAN (e.g., if you type imap.spacemail.com, that exact hostname must appear on the cert).
- The certificate must be correctly chained: server cert → intermediate(s) → trusted root, with all required intermediates presented by the mail server.
- The cert must be signed by a trusted public CA and not be expired, revoked, or malformed.
- The port you use must support TLS/SSL (HubSpot supports TLS 1.0–1.2 and SSLv3 for IMAP/SMTP; no TLS 1.3 requirement yet)
(Sources: Technical requirements for connecting your inbox to HubSpot using IMAP and Troubleshoot errors when connecting an inbox with IMAP and SMTP )
HubSpot does not document a custom CA list for IMAP/SMTP, but the IMAP troubleshooting article makes it clear that servers must use “certificates signed by a trusted Certificate Authority” or you must deliberately allow a non‑secure certificate. Because HubSpot does not publish a definitive “CA allowlist” for IMAP/SMTP, only Support/Engineering can confirm whether a particular chain is trusted internally. With a free plan, you're limited so that's a bummer. But I don't think that's something you need to worry about based on the info there.
HubSpot does not expose low‑level TLS error logs (e.g., “unknown_ca,” “hostname mismatch”) in the IMAP connection UI. Unfortunately there is no supported way, even on paid plans, to see HubSpot’s raw TLS error string for IMAP/SMTP in the UI or logs.
While waiting on others to help, here's what I found I would try in your situation.
If your HubSpot account’s IMAP settings are configured centrally (Settings → Objects → Activities → Email logging → IMAP Settings), check if you can enable the option to “Allow non‑secure certificate” for that domain; this is exactly how HubSpot recommends working with untrusted/self‑signed certs. This will bypass strict TLS validation for that provider but still encrypt the traffic.
So it may not solve it completely, but hopefully this helped some.
Did my answer help? Please "mark as a solution" to help others find answers. Plus I really appreciate it!
I use all tools available to help answer questions. This may include other Community posts, search engines, and generative AI search tools. But I always use my experience and my own brain to make it human.
| |||||||||||||||||||
Welcome to the Community @gpg2. I'm hoping someone with a bit more technical chops can offer a public solution, and maybe help you personally as well. @JWingate2 have you helped clients with this?
This kind of techincal issue with mail, specifically SpaceMail, is outside of my expertise. (But I appreciate the tag @BérangèreL!) So here's what I'd do. I popped this into my Perplexity Pro account to see if anything cam back that made sense to me.
From HubSpot’s IMAP technical requirements and troubleshooting docs, the key expectations are:
- The IMAP/SMTP host you enter in HubSpot must match the certificate’s CN/SAN (e.g., if you type imap.spacemail.com, that exact hostname must appear on the cert).
- The certificate must be correctly chained: server cert → intermediate(s) → trusted root, with all required intermediates presented by the mail server.
- The cert must be signed by a trusted public CA and not be expired, revoked, or malformed.
- The port you use must support TLS/SSL (HubSpot supports TLS 1.0–1.2 and SSLv3 for IMAP/SMTP; no TLS 1.3 requirement yet)
(Sources: Technical requirements for connecting your inbox to HubSpot using IMAP and Troubleshoot errors when connecting an inbox with IMAP and SMTP )
HubSpot does not document a custom CA list for IMAP/SMTP, but the IMAP troubleshooting article makes it clear that servers must use “certificates signed by a trusted Certificate Authority” or you must deliberately allow a non‑secure certificate. Because HubSpot does not publish a definitive “CA allowlist” for IMAP/SMTP, only Support/Engineering can confirm whether a particular chain is trusted internally. With a free plan, you're limited so that's a bummer. But I don't think that's something you need to worry about based on the info there.
HubSpot does not expose low‑level TLS error logs (e.g., “unknown_ca,” “hostname mismatch”) in the IMAP connection UI. Unfortunately there is no supported way, even on paid plans, to see HubSpot’s raw TLS error string for IMAP/SMTP in the UI or logs.
While waiting on others to help, here's what I found I would try in your situation.
If your HubSpot account’s IMAP settings are configured centrally (Settings → Objects → Activities → Email logging → IMAP Settings), check if you can enable the option to “Allow non‑secure certificate” for that domain; this is exactly how HubSpot recommends working with untrusted/self‑signed certs. This will bypass strict TLS validation for that provider but still encrypt the traffic.
So it may not solve it completely, but hopefully this helped some.
Did my answer help? Please "mark as a solution" to help others find answers. Plus I really appreciate it!
I use all tools available to help answer questions. This may include other Community posts, search engines, and generative AI search tools. But I always use my experience and my own brain to make it human.
| |||||||||||||||||||
Hey, @gpg2 👋 My suggestion is to take these questions to HubSpot support. The specs questions you have are not ones our peer-based community can answer, but support should have those details or confirm what is and is not possible with your setup. — Jaycee
Hey @Jaycee_Lewis I'd completely agree, this sounds like it may be a technical issue between the two systems and not just a user or user setup issue.
Since the customer is on a free account do they have any options to contact HubSpot support?
| | Tom Mahon |
 | Did my post help answer your query? Help the community (and me) by marking it as a solution. |
Hey @gpg2, just wanted to check in on you, do you still need help? If yes, when following these instructions, where are you stuck, please?
Could you please let us know the steps you took and where you hit a roadblock so that we can take a look?
Also, if you have a screenshot (without sensitive data on it) that would be great, thanks!
Bérangère
 | Loop Marketing is a new four-stage approach that combines AI efficiency and human authenticity to drive growth. Learn More |
Hi @gpg2, I'd recommend following the instructions for how to deal with this in the article I shared above "Unauthorized - SSL Certificates not trusted".
I hope this helps!
Have a lovely weekend!
Bérangère
| Loop Marketing is a new four-stage approach that combines AI efficiency and human authenticity to drive growth. Learn More |
Hi @gpg2 and welcome, it's a pleasure to have you here!
Thanks for reaching out to the HubSpot Community!
I see that you are on a free plan, so let's check this together.
To start with, are you still not able to verify SpaceMail IMAP/SMTP SSL certificate?
Here are some resources that might help you:
- Technical requirements for connecting your inbox to HubSpot using IMAP
- Set up IMAP or Exchange settings
- Troubleshoot errors when connecting an inbox with IMAP and SMTP
- Troubleshoot SSL certificate errors
Also, the solution from @LSchmidt63 on this post "Unable to Connect IMAP Email – ‘SMTP Settings Incorrect’ Error" might point you in the right direction!
I'd love to put you in touch with our Top Experts: Hi @TomM2, @Humashankar and @danmoyle do you have any insights or tips to help @gpg2, please?
Have a lovely weekend and thanks so much for your help!
Bérangère
| Loop Marketing is a new four-stage approach that combines AI efficiency and human authenticity to drive growth. Learn More |
