Recipients of encrypted mails are receiving warnings about untrusted pages and/or certificates when attempting to view messages. Looking up the MSG address using an SSL checker gives the following type of reply: "The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate."
The result from the SSL checker points to a missing intermediate certificate. This can be acquired from the Certificate Authority (CA) and added to the MSG server certificate using the instructions below:
Download the required intermediate certificate in PEM-format from your Certificate Authority
Download the MSG server-certificate in PEM-format from the appliance web UI: System -> Certificates -> Certificates, use the Download...-button to the right of the certificate
Open the PEM-file downloaded from the MSG-appliance in your text editor of choice
To the end of this file, add the content of the intermediate certificate PEM-file and save it as a new PEM-file
Import the new certificate file into the MSG-appliance: System -> Certificates -> Certificates, use the Import-button above the certificate list
Take the new combined certificate in use by distributing it to the master and agent(s): System -> Certificates -> Services