Questo sito potrebbe offrire funzionalità limitate durante le operazioni di manutenzione per migliorare l'esperienza utente. Se un articolo non risolve il tuo problema e vuoi richiedere supporto, la nostra comunità di supporto è pronta ad aiutarti tramite @FirefoxSupport su Twitter e /r/firefox su Reddit.

Cerca nel supporto

Attenzione alle mail truffa. Mozilla non chiederà mai di chiamare o mandare messaggi a un numero di telefono o di inviare dati personali. Segnalare qualsiasi attività sospetta utilizzando l'opzione “Segnala abuso”.

Ulteriori informazioni

Questa discussione è archiviata. Inserire una nuova richiesta se occorre aiuto.

How to get Thunderbird 78 to accept self-signed certificate?

  • 4 risposte
  • 1 ha questo problema
  • 8 visualizzazioni
  • Ultima risposta di r.orrison

more options

Hi, I've just installed Thunderbird and got version 78.2.1. Now, when I try to connect to my server (which uses a self-signed certificate) instead of being prompted to confirm the exception it says "The certificate is not trusted because it is self-signed. The configuration related to my.server.com must be corrected." - but it doesn't say how. (This is for SMTP - IMAP is even worse and just seems to hang without any message.)

How do I get it to accept my self-signed certificate?

(I've tried various solutions on the web, but they all appear to related to older versions. E.g. Tools / Options / Certificate Manager / Add Exception ... but that seems to be looking for a web server and just says "Unable to obtain identification status for this site" which isn't surprising because it isn't a website.)

Hi, I've just installed Thunderbird and got version 78.2.1. Now, when I try to connect to my server (which uses a self-signed certificate) instead of being prompted to confirm the exception it says "The certificate is not trusted because it is self-signed. The configuration related to my.server.com must be corrected." - but it doesn't say how. (This is for SMTP - IMAP is even worse and just seems to hang without any message.) How do I get it to accept my self-signed certificate? (I've tried various solutions on the web, but they all appear to related to older versions. E.g. Tools / Options / Certificate Manager / Add Exception ... but that seems to be looking for a web server and just says "Unable to obtain identification status for this site" which isn't surprising because it isn't a website.)

Tutte le risposte (6)

more options

Replace "https://" in that dialog with the mail server's name address, e.g imap.myserver.com and smtp.myserver.com then hit the get certificate button to fetch the certificate. If memory serves me right, you could also use the ip address and port combination, e.g 172.16.0.6:993

more options

Sorry - should have been more clear. I was indeed removing the "https://" that is in the field to start with, and entering the name of my mail server with the appropriate ports per the various sites that directed me to that area of the settings. I tried "my.server.com:25" and "my.server.com:143" (which should work for SMTP and IMAP respectively using STARTTLS) and "my.server.com:993" and "my.server.com:587" (which should work for SSL). I did also try using the server's IP address. In every case it said "Unable to obtain identification status for this site" which is what made me think it was expecting a website.

Really, when setting up the account it should just say up front that it's a self-signed certificate and give the option to accept it. Even the old way (version 68 and earlier) of having to enter the details manually then try the connection to get it to ask to confirm the exception was a long-winded way to do it.

more options

Try using the Authorities tab to import the CA cert.

more options

r.orrison said

Really, when setting up the account it should just say up front that it's a self-signed certificate and give the option to accept it. Even the old way (version 68 and earlier) of having to enter the details manually then try the connection to get it to ask to confirm the exception was a long-winded way to do it.

How would it know upfront that the account you're adding, is a self-hosted mail server using a self-signed certificate, and which automatic settings to use? Automatic fetching of settings happens for domains that Thunderbird knows about (in its database of known providers) or can "guess" from known domains.

more options

I'll try importing the certificate, but it'll be tomorrow.

Stans said

How would it know upfront that the account you're adding, is a self-hosted mail server using a self-signed certificate, and which automatic settings to use? Automatic fetching of settings happens for domains that Thunderbird knows about (in its database of known providers) or can "guess" from known domains.

Changing my dummy domain a bit... My email address is me@mydomain.com, and my mail server (both IMAP and SMTP) is mail.mydomain.com. The autoconfiguration correctly guesses the server, even detects that it can use STARTTLS, but then fails saying the credentials don't work. The only problem with the autoconfigured setup is that it hasn't accepted the certificate - if it just asked that one question, it would work perfectly.

more options

I'll try importing the certificate, but it will be tomorrow.

Stans said

How would it know upfront that the account you're adding, is a self-hosted mail server using a self-signed certificate, and which automatic settings to use? Automatic fetching of settings happens for domains that Thunderbird knows about (in its database of known providers) or can "guess" from known domains.

(I'll change my dummy server name to make this clearer.)

My email address is me@mydomain.com and my server (both IMAP and SMTP) is mail.mydomain.com. The autoconfiguration correctly guesses the server name from my email address, and even knows that STARTTLS will work. However, it says that it fails (I'm not sure of the exact message because I'm not at the machine with v78 on at the moment). Everything has been configured correctly by the autoconfiguration wizard, the only problem is the self-signed certificate. If it just asked that one question, it would work perfectly.