NHS.net Mail Certificates

A quick look at the NHSmail Certificate presented on STARTTLS over SMTP:

  > openssl s_client -starttls smtp -bugs -connect smtp.nhs.net:25 -showcerts
  CONNECTED(00000004)
  depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain
  verify error:num=20:unable to get local issuer certificate
  verify return:1
  depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain
  verify error:num=27:certificate not trusted
  verify return:1
  depth=0 /C=US/ST=California/L=Sunnyvale/O=Mirapoint, Inc./OU=MAS/CN=myname.my.domain/emailAddress=postmaster@myname.my.domain
  verify error:num=21:unable to verify the first certificate
  verify return:1

  [snip]

Emails to the Information Governance Team at Connecting for Health programme have, of course, been sent in.