Voters are finally learning more about Hillary Clinton’s use of a personal email server during her tenure as secretary of state. Many of the revelations, contained in a report released by the Office of Inspector General assigned to the State Department, do not reflect well on the near-certain Democratic candidate for the presidential election.

Clinton’s greatest vulnerability as a candidate is the perception among a large segment of the voting public that she cannot be trusted. The report’s findings only exacerbate that perception. Clinton alone is to blame.

Her first mistake was to use a private and potentially vulnerable server for official email correspondences. Her second mistake was not releasing her official communications upon leaving office, instead waiting until forced into compliance. Most troubling, perhaps, was the third misstep: Clinton’s efforts to spin the issue, using evasive language or outright falsehoods in an effort to minimize its importance.

No evidence emerged in the report from Inspector General Steve A. Linick showing that Secretary Clinton’s use of the private server compromised national security, though it suggests that potential exists. As for whether the conduct of Clinton or her State Department rose to the level of criminality, that awaits the result of the FBI review.

Clinton has repeatedly stated that while using a private server “was a mistake,” the State Department approved. “What I did was allowed. It was allowed by the State Department. The State Department has confirmed that,” she told the Associated Press.

Instead the Inspector General found that Clinton never requested guidance or approval to conduct official business by way of a personal email account on a private server. Information technology and security officials within the State Department told investigators they “did not — and would not — approve her exclusive reliance on a personal email account to conduct Department business.”

Top State Department officials knew of the secretary’s decision to operate outside of official policy. The IG investigation suggests a willful ignorance. When two officials in the record-keeping office raised concerns in 2010, a superior “instructed the staff never to speak of the secretary’s personal email system again.”

As for State Department rules, they were clear, notes the IG, referencing the “obligation to use department systems … and identifying the risks of not doing so.”

Clinton has pointed to the lack of any evidence the arrangement compromised State Department information, but has conveniently left out troubling details.

On Jan. 9, 2011, a non-State Department technical adviser utilized by Clinton shut down the server because “someone was trying to hack us.” So concerned was the Clinton inner circle at State that instructions were sent out not to email “anything sensitive” to the secretary. Despite regulations to the contrary, no one reported the concerns about the integrity of system to Information Resources Management.

Throughout the primary process Clinton reassured voters that she would fully cooperate with investigations of her use of a private server because she had nothing to hide. That certainly sounded better than telling reporters she would not answer any questions from an inspector general, which was in fact the case. She rejected his request for an interview, reported the IG, as did several of her top aides.

As for adhering to the Federal Records Act, Clinton has said she has been fully transparent, but we note there was some kicking and screaming involved. Under the records act, Clinton should have provided her official email communications to State when leaving office in January 2013. Instead, that process did not happen until late 2014, with Republicans in Congress pressuring the State Department for emails connected to the 2012 attack in Benghazi, Libya, in which four American were killed.

What motivated the secretary to operate outside the lines? Clinton has said it was a matter of convenience. That never sounded right. The report suggests something else, a desire to protect her turf after a quarter-century of battling in politics as played at the highest levels.

In a November 2010 email discussion, Deputy Chief of Staff for Operations Huma Abedin, who remains a close Clinton confidant, suggested it was time to “talk about putting you on state email or releasing your email address to the department …”

“Let’s get separate address or device but I don’t want any risk of the personal being accessible,” Clinton replied.

This reflexive tendency toward secrecy would not bode well for a Clinton administration.

We urge the FBI to expeditiously conclude its investigation so voters have all the facts. For her part, Clinton needs to forthrightly face her errors and stop trying to rationalize them away.