Error with imap ssl connection

vhable · Post by **vhable** » March 29th, 2005, 3:13 am

Hello!
When I want to connect to my imap server via ssl connection using thunderbird (German 1.0 because 1.0.2 isn't yet available) I always get error -12195. But the server seems to accept ssl, because with Outlook it works out. Has anyone some suggestions?
Thanks and best regards from Germany,
Volker

tocson · Post by **tocson** » September 1st, 2005, 4:19 am

I've got exactly the same problem with Thunderbird 1.0.2 english. It seems to come from the fact that i've got a certificate stored in thunderbird. Thus, when Thunderbird tries to initiate the SSL handshake, it sends my own certificate to the server after the server sent its certificate, which results in error code -12195.

Is there a way to enforce thunderbird not to send my own certificate to the imap server?

tocson · Post by **tocson** » September 1st, 2005, 4:25 am

The same problem occurs with the last version of thunderbird (v1.0.6) for information

Post by **tanstaafl** » September 2nd, 2005, 6:17 am

Why are you sending your own certificate when making a SSL connection to a IMAP server? I believe the servers certificate is used for the SSL encryption and to verify who they are. Unless your IMAP server requires you to have a client certificate to prove to it who you are (rather than supplying a username and password) its not clear why you installed a client certificate (unless you have it for digital signing and/or encrypting of messages via S/MIME or the enigmail extension). I have SSL connections to two different email providers IMAP servers and don't have any certificates.

http://www.mozilla.org/projects/securit ... slerr.html states:
SSL_ERROR_UNKNOWN_CA_ALERT -12195
"Peer does not recognize and trust the CA that issued your certificate."

which might mean your certificate is rejected because the IMAP server doesn't recognize that certificates Certificate Authority (CA). Perhaps it was self-signed?

vhable · Post by **vhable** » September 2nd, 2005, 6:21 am

tanstaafl wrote:Why are you sending your own certificate when making a SSL connection to a IMAP server?

We dont't want to send our own certificate to the server, what tocson means, that TB does this as a bug, when you have installed your own certificate to sign and decrypt e-mails.

Post by **tanstaafl** » September 3rd, 2005, 3:12 am

https://bugzilla.mozilla.org/show_bug.cgi?id=257182
https://bugzilla.mozilla.org/show_bug.cgi?id=288195

You might want to add a comment or vote for it being fixed.

vhable · Post by **vhable** » September 3rd, 2005, 3:20 am

Hi!
Thanks for the information! I just changed my votes. ;-)

Many greetings,
Volker

vhable · Post by **vhable** » September 28th, 2005, 3:41 am

Hello!
If you have the problem still, too, please vote for the bugs, as they want to close them.
Cheers, Volker

jirimach · Post by **jirimach** » October 26th, 2005, 1:01 pm

I have the same problem (it is the same when using the POP3 server through the SSL).

The Thunderbird is trying to use your Personal Certificate to comunicate with the POP3 or IMAP server. When your Certification Authority certificate is not installed on the mail server, the error -12195 occurs.

Try this "semi" solution:

Find the file "prefs.js"

On my computer is located in:

C:\Documents and Settings\User Name\Application data\Thunderbird\Profiles\ut5smrk2.default\prefs.js

Be careful the "Application data" folder is hidden. You have to allow showing hidden files at first! The "User Name" is the name of the user name you are working in.

Add this line on the end of the prefs.js file:

user_pref("security.default_personal_cert", "Ask Every Time");

The Thunderbird now will ask which certificate to use every time it is comunicating with the mail server. CLIK ON THE CANCEL!!! And you will recieve the emails.

The bad thing is - you have to click on the Cancel every time...

Keep in touch, I am working on a better solution...

Error with imap ssl connection

Error with imap ssl connection

thunderbird -12195 error