Om de ûnderfining foar jo te ferbetterjen is tydlik de funksjonaliteit dan dizze website troch ûnderhâldswurk beheind. Wannear in artikel jo probleem net oplost en jo in fraach stelle wolle, kin ús stipemienskip jo helpe yn @FirefoxSupport op Twitter en /r/firefox op Reddit.

Sykje yn Support

Mij stipescams. Wy sille jo nea freegje in telefoannûmer te beljen, der in sms nei ta te stjoeren of persoanlike gegevens te dielen. Meld fertochte aktiviteit mei de opsje ‘Misbrûk melde’.

Mear ynfo

Dizze konversaasje is argivearre. Stel in nije fraach as jo help nedich hawwe.

How do I accept a new ssl certificate in Thunderbird?

  • 7 antwurd
  • 1 hat dit probleem
  • 22 werjeftes
  • Lêste antwurd fan Matt

more options

7.15.15 I cannot get or send email on my laptop as of two days ago. - Neither of the "Configuration Options for Certificates" worked to bring in the certificate I use that allows sending/receiving email. Under "Digital Signing" or "Encryption" when I press "Select" to select a certificate, I get the pop-up message "Certificate Manager can't locate a valid certificate...". When I press "View Certificates" the certificate I use is listed under "Servers" and "Authorities" and is up to date. - Also, under Tools - Options - Advanced - Certificates for: "When a server asks for my personal certificate", I've selected "Ask me every time" and to the left of "Query OSCP responder servers to confirm...", the box is checked.

I believe this issue is related to accepting a new ssl certificate that was recently renewed. I've never had this issue before. How do I trigger accepting a new certificate?

Thank you.

7.15.15 I cannot get or send email on my laptop as of two days ago. - Neither of the "Configuration Options for Certificates" worked to bring in the certificate I use that allows sending/receiving email. Under "Digital Signing" or "Encryption" when I press "Select" to select a certificate, I get the pop-up message "Certificate Manager can't locate a valid certificate...". When I press "View Certificates" the certificate I use is listed under "Servers" and "Authorities" and is up to date. - Also, under Tools - Options - Advanced - Certificates for: "When a server asks for my personal certificate", I've selected "Ask me every time" and to the left of "Query OSCP responder servers to confirm...", the box is checked. I believe this issue is related to accepting a new ssl certificate that was recently renewed. I've never had this issue before. How do I trigger accepting a new certificate? Thank you.

Keazen oplossing

No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.

The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)

In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.

Dit antwurd yn kontekst lêze 👍 1

Alle antwurden (7)

more options

What kind of cert are you talking about? A user cert which you use to sign messages and what allows other people sending you encrypted messages? Or a server cert for your email provider server?

I've never had this issue before.

What is the issue in the first place?

more options

Thanks for your response and questions. My answers: Kind of server I'm referring to: a server cert for my email provider server The issue: Not being able to send/receive emails

more options
more options

I don't have a screenshot of an error because my email send/receive suddenly just stopped. I did look at the error console under Tools. Please see the image attached.

Thank you, again.

more options

Keazen oplossing

No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.

The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)

In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.

more options

Thank you so much for being so knowledgeable and taking the time out of your day to provide the answer. So appreciated.

more options

--UPDATE-- Following discussion here. it Looks like there is a workaround available.through installing an add-on.