MozillaZine

v. 3 Help: Cannot Bypass Invalid Certificate Warning

Discussion about official Mozilla Thunderbird builds
lucite
 
Posts: 28
Joined: December 11th, 2003, 10:30 am

Post Posted April 28th, 2008, 12:27 pm

version 3.0a1pre (2008042803)

I've searched the forums & Google for 4 hours for a workaround, but no luck.

Help! :)

I'm trying to securely download mail from an account which uses a shared SSL certificate. Thus my IMAP domain name is different than the one the SSL certificate is authorized for, and TB rightly tells me so:

mail.mydomain.com:993 uses an invalid security certificate.
The certificate is only valid for the following names:
*nocdirect.com , nocdirect.com
(Error code: ssl_error_bad_cert_domain)

Problem is that whereas in v.2 of TB I can bypass/accept this; in v.3 it gives me no way to ignore this alert (and I fail to retrieve mail).

I really need to use v.3 for other stuff. I've tried adding an Exception for mail.mydomain.com in the Servers tab of the Certificate Manager, but that doesn't fix it.

Can someone kindly explain how to fix this - it appears to be a problem a number of people are having.

Thanks

kmc

User avatar
 
Posts: 332
Joined: October 19th, 2007, 3:01 am
Location: China

Post Posted May 26th, 2008, 3:04 am

Me too have the same problem, my University's mail server is changing and they didn't put a valid certificate in the new SSL location, so I cannot add an exception like before. Anyway I'm sure about the issuer, so can I bypass this check?

And will Thunderbird act like Firefox giving the "or add an exception" option to user when the same thing happens?

Thx
Growing up with Firefox

JoeS

User avatar
 
Posts: 2308
Joined: June 8th, 2003, 9:15 am

Post Posted May 26th, 2008, 5:33 am

See:
# 431819 [Core] - IMAP/POP/SMTP/LDAP with SSL client auth, Thunderbird repeatedly prompts for client certificate [All]
JoeS Testing current Thunderbird trunk builds WinXP SP2+
news://news.mozilla.org.mozilla.test.multimedia How to Post

therearenoteams

User avatar
 
Posts: 168
Joined: August 12th, 2004, 5:46 am
Location: Pittsburgh, PA

Post Posted June 8th, 2008, 8:47 pm

JoeS wrote:See:
# 431819 [Core] - IMAP/POP/SMTP/LDAP with SSL client auth, Thunderbird repeatedly prompts for client certificate [All]

The issue reported in this thread seems related but different. Thunderbird isn't trying to get my identity. When I enable SSL for this IMAP server and attempt to connect, I get:
Code: Select all
server:993 uses an invalid security certificate.
The certificate is not trusted because the issuer certificate is not trusted.
(Error code: sec_error_untrusted_issuer)
   [OK]

I can't set Thunderbird to accept this certificate (which, by the way, is from the School of Computer Science at Carnegie Mellon in the US). Seems Thunderbird needs the "Add an exception" UI that Firefox 3 now uses.

leepa
 
Posts: 32
Joined: April 12th, 2006, 9:45 am
Location: Poland

Post Posted September 22nd, 2008, 2:25 am

Using a hint from this post (thanks a lot bpat1434):

Go to Tools -> Options -> Advanced -> Certificates -> Show certificates -> Servers tab

Add an exception using your mail server name and port. In your example it will be
Code: Select all
server:993
without specifying the protocol (no http, https, imaps, etc) - just server address, colon and port number.

Confirm the security exception and it should work fine. It worked for me :)

PS. tested on Shredder 3.0a2
Leepa

Return to Thunderbird Builds


Who is online

Users browsing this forum: No registered users and 1 guest