Hi,
after upgrading(?) from TB78 to 91.3, I have trouble accessing Imap accounts and sending email over SMTP. Those servers use self signed certificates. When trying to access them, TB says there is an error with the configuration and asks if I want to trust the certificate and make a permanent exception for it. (Which I did and it was already like that before too.)
But regardless of the exception, TB forgets it or ignores it, and from time to time (usually after reboots) it comes up again with asking for the certificate etc.
I have deleted all exceptions from certificate manager and re-added those exceptions, to no avail.
Is this a bug or something has changed in TB so self signed certificates are not trusted anymore or something? (Then why does it asks if it should use a permanent exception?)
Certificate exceptions not working
-
WaltS48
- Posts: 5141
- Joined: May 7th, 2010, 9:38 am
- Location: Pennsylvania, USA
Re: Certificate exceptions not working
Linux Desktop - AMD Athlon(tm) II X3 455 3.3GHz | 8.0GB RAM | GeForce GT 630
Windows Notebook - AMD A8 7410 2.2GHz | 6.0GB RAM | AMD Radeon R5
Windows Notebook - AMD A8 7410 2.2GHz | 6.0GB RAM | AMD Radeon R5
-
bsh
- Posts: 60
- Joined: June 20th, 2005, 11:10 pm
Re: Certificate exceptions not working
I doubt it. I can send and receive messages. It's just I regularly have to "make an exception" for the certificates, as if TB would forget about them being already added to exceptions.
-
tanstaafl
- Moderator
- Posts: 49647
- Joined: July 30th, 2003, 5:06 pm
Re: Certificate exceptions not working
Moved from Thunderbird bugs to Thunderbird support as its not discussing workarounds for a confirmed bug report.
Any possibility that a load balancing router changes what host you connect to in a pool of servers, so that your exception doesn't always apply? Exceptions are host specific.
Any possibility that a load balancing router changes what host you connect to in a pool of servers, so that your exception doesn't always apply? Exceptions are host specific.
-
Grumpus
- Posts: 13246
- Joined: October 19th, 2007, 4:23 am
- Location: ... Da' Swamp
Re: Certificate exceptions not working
In the process of dealing with this myself.
Go to Preferences and in the search block type certificate.
When it opens read the various panels, under the servers panel the certificate should be listed
Also when accepting the exception there should be another button under it which confirms it, make sure you check it.
Comcast appears to be having an issue with a Comodo cert and proclaims it does not match the smtp.comcast.net:465 server.
The exception cert appears to be good but the panel seems to spread a little else but concern.
Go to Preferences and in the search block type certificate.
When it opens read the various panels, under the servers panel the certificate should be listed
Also when accepting the exception there should be another button under it which confirms it, make sure you check it.
Comcast appears to be having an issue with a Comodo cert and proclaims it does not match the smtp.comcast.net:465 server.
The exception cert appears to be good but the panel seems to spread a little else but concern.
Doesn't matter what you say, it's wrong for a toaster to walk around the house and talk to you
-
bsh
- Posts: 60
- Joined: June 20th, 2005, 11:10 pm
Re: Certificate exceptions not working
I don't think so. The servers are mine.tanstaafl wrote:Any possibility that a load balancing router changes what host you connect to in a pool of servers, so that your exception doesn't always apply? Exceptions are host specific.
I did some further testing:
- same profile works on Windows 7 with TB91.3 32bit, but not on Win10 and TB 64bit
- other profile works on other Win10 machine, using same certificates.
So, maybe something is wrong with my profile, which is like 15 years old...? But it is working on win7? Dunno...
Any ideas how to debug this? Is there a way to move *everything* into a new clean profile, but excluding files that are probably not being used anymore?
-
bsh
- Posts: 60
- Joined: June 20th, 2005, 11:10 pm
Re: Certificate exceptions not working
figured it out. It was the antivirus not applying a setting to not try to scan SSL by injecting it's own crappy certificate. After fixing it all works as before. Strange it only happened on one machine, others are fine.tanstaafl wrote:Any possibility that a load balancing router changes what host you connect to in a pool of servers, so that your exception doesn't always apply? Exceptions are host specific.