Add Security Exception Pop-Up Query

User Help for Mozilla Thunderbird
Post Reply
dlpcap
Posts: 13
Joined: December 28th, 2016, 3:28 pm

Add Security Exception Pop-Up Query

Post by dlpcap »

When I added an account to TB, it generated an “Add Security Exception” pop-up box.

When I select “View” it brings up the supposedly invalid certificate, from a nominally safe provider site.

To get out of that “Add Security Exception” pop-up box, I selected “Confirm Security Exception”, BUT DID NOT SELECT “Permanently Store This Exception”.

The questions here are:
- is this non-permanent 'exception' stored somewhere; somewhere I can see it
- can I delete the non-permanent 'exception' at will?
- how does permanently storing the exception VS non-permanently storing the exception work?
- i.e. does the non-permanently stored exception last for a certain period of time? If so, how long?
- If after the non-permanently stored exception 'expires' and there is TB activity that might somehow 'access' the supposedly invalid certificate it was 'related to', would that trigger a pop-up of some kind to say yea or nay to confirm an exception again?

Thank you.
User avatar
tanstaafl
Moderator
Posts: 49647
Joined: July 30th, 2003, 5:06 pm

Re: Add Security Exception Pop-Up Query

Post by tanstaafl »

In version 91 tools -> preferences has a certificate manager available via the manage certificates button. If you select the servers tab in it there is a add exception button. I believe you can also delete exceptions there.

My impression is that all exceptions existed in memory only unless they were stored permanently.

Earlier versions have a certificate manager too, you just access it differently.
dlpcap
Posts: 13
Joined: December 28th, 2016, 3:28 pm

Re: Add Security Exception Pop-Up Query

Post by dlpcap »

I hope your impression is correct.
I guess you're saying that if you had 'confirmed' a non-permanent exception, when you close TB it would disappear, or at least when you rebooted or turned off/on the P.C.
If it weren't for that AOL 'security upgrade' where I had to delete my email account and re-add it back in in order to sync with their 'new' login protocol via 3rd party software (here, TB), I wouldn't be going through this exercise.
I hope 12/7/21 is not a disaster trying to use TB to login to AOL.... Maybe 12/8/21 would be the real test....
Maybe I'm the only person that this is concern/issue.
Thanx for your input Tan.
User avatar
tanstaafl
Moderator
Posts: 49647
Joined: July 30th, 2003, 5:06 pm

Re: Add Security Exception Pop-Up Query

Post by tanstaafl »

If you're worried add something like a Gmail IMAP account, add a multiple identity to it for your AOL email address and log into Gmail webmail and configure it to automatically fetch email from your AOL inbox (into the Gmail webmail inbox, where Thunderbird will be able to see it).

That way you have a workaround (if there is a problem with your AOL account) where you can read and send email using your AOL email address using your Gmail account. Unless somebody looks at the hidden headers they can't tell that you're not using the AOL server to do that.

http://kb.mozillazine.org/Replace_sever ... ne_account was written for somebody wanting to consolidate multiple accounts into one account but it provides more information if you want to try this workaround. Its sounds harder than it is.
Post Reply