How do I accept a new ssl certificate in Thunderbird?
7.15.15 I cannot get or send email on my laptop as of two days ago. - Neither of the "Configuration Options for Certificates" worked to bring in the certificate I use that allows sending/receiving email. Under "Digital Signing" or "Encryption" when I press "Select" to select a certificate, I get the pop-up message "Certificate Manager can't locate a valid certificate...". When I press "View Certificates" the certificate I use is listed under "Servers" and "Authorities" and is up to date. - Also, under Tools - Options - Advanced - Certificates for: "When a server asks for my personal certificate", I've selected "Ask me every time" and to the left of "Query OSCP responder servers to confirm...", the box is checked.
I believe this issue is related to accepting a new ssl certificate that was recently renewed. I've never had this issue before. How do I trigger accepting a new certificate?
Thank you.
Valgt løsning
No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.
The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)
In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.
Les dette svaret i sammenhengen 👍 1All Replies (7)
What kind of cert are you talking about? A user cert which you use to sign messages and what allows other people sending you encrypted messages? Or a server cert for your email provider server?
I've never had this issue before.
What is the issue in the first place?
Thanks for your response and questions. My answers: Kind of server I'm referring to: a server cert for my email provider server The issue: Not being able to send/receive emails
Can you post a screenshot of the error? http://support.mozilla.org/en-US/kb/how-do-i-create-screenshot-my-problem
I don't have a screenshot of an error because my email send/receive suddenly just stopped. I did look at the error console under Tools. Please see the image attached.
Thank you, again.
Valgt løsning
No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.
The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)
In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.
Thank you so much for being so knowledgeable and taking the time out of your day to provide the answer. So appreciated.
--UPDATE-- Following discussion here. it Looks like there is a workaround available.through installing an add-on.