Den här webbplatsen har begränsad funktionalitet medan vi utför underhåll för att förbättra din upplevelse. Om en artikel inte löser ditt problem och du vill ställa en fråga har vi vår gemenskap som väntar på att hjälpa dig på @FirefoxSupport på Twitter, /r/firefox på Reddit.

Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Läs mer

Cannot add Security Certificate (Security Exception) under the right server name

  • 1 svar
  • 1 har detta problem
  • 8 visningar
  • Senaste svar av aNDy

more options

In my home network I have an IMAP server (dovecot) running with a self-signed SSL certificate. When I want to sync the mail ("Get Messages") then a window pops up (correctly) warning me about the "incorrect" certificate. (The window title is "Add Security Exception" and the error is "Wrong Site"). Wat is strange is that the Location indicated, is not the same as as the Server Name as set in the server settings in Thunderbird. Example: suppose I have a server name set as a.b.c.com, then in the warning window it would say imap.c.com:993 (so a.b removed and replaced by the word imap). I have no idea why the address gets changed.

If I confirm the security exception and store it, then the correct certificate is stored (checked fingerprint), but it is added under the wrong server name (under imap.c.com). Subsequent "Get Messages" will trigger the warning again.

If I correct in the warning window the Location to a.b.c.com:993, then is says No Information Available. If I correct it to the address with the SSL port number removed (so only a.b.c.com) then I can store the Security Exception, but the wrong certificate is stored. What is stored is the certificate that belongs to my web (https) server and what can be reached at my domain name b.c.com .

In the past the same set-up did work form both local network and from outside (obviously with some earlier version of Thunderbird), the security certificate was stored in the right way in Thunderbird. I still have clients running using the certificate that was stored some years ago. In one client I accidentally deleted it, and now I cannot get it back.

The system is an up to date Fedora 33 system.

In my home network I have an IMAP server (dovecot) running with a self-signed SSL certificate. When I want to sync the mail ("Get Messages") then a window pops up (correctly) warning me about the "incorrect" certificate. (The window title is "Add Security Exception" and the error is "Wrong Site"). Wat is strange is that the Location indicated, is not the same as as the Server Name as set in the server settings in Thunderbird. Example: suppose I have a server name set as a.b.c.com, then in the warning window it would say imap.c.com:993 (so a.b removed and replaced by the word imap). I have no idea why the address gets changed. If I confirm the security exception and store it, then the correct certificate is stored (checked fingerprint), but it is added under the wrong server name (under imap.c.com). Subsequent "Get Messages" will trigger the warning again. If I correct in the warning window the Location to a.b.c.com:993, then is says No Information Available. If I correct it to the address with the SSL port number removed (so only a.b.c.com) then I can store the Security Exception, but the wrong certificate is stored. What is stored is the certificate that belongs to my web (https) server and what can be reached at my domain name b.c.com . In the past the same set-up did work form both local network and from outside (obviously with some earlier version of Thunderbird), the security certificate was stored in the right way in Thunderbird. I still have clients running using the certificate that was stored some years ago. In one client I accidentally deleted it, and now I cannot get it back. The system is an up to date Fedora 33 system.

Alla svar (1)

more options

Meanwhile I found an answer to my own question. It seems to be a bug under Thunderbird 78.6.0, but it has a workaround: - Accept/store the certificate when asked - Exit Thunderbird - In your Thunderbird profile (~/.thunderbird/<profile name>/, or C:\Users\<pofile_name>\AppData\Roaming\Thunderbird\Profiles\<profile_in_use>\ ) there is a file called Cert_Override.txt (or cert_override.txt). - Edit that file, and change the address of the wrongly named certificate and port number to the correct address and port number. - Start Thunderbird

Related support question: https://support.mozilla.org/en-US/questions/1315845 Bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=1665577