Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

TB imap account problem every other month "requested domain name does not match the server’s certificate"

  • 5 replies
  • 1 has this problem
  • 1 view
  • Last reply by christ1

more options

I am on TB 91.3.0 (64bit) with w10 and I have a mail server with 2 domains. Both domains use a Lets Encrypt certificate. Every other month TB complains that "a requested domain name does not match the server’s certificate" This mainly happens to the default account. The last time it happened was today on 11.11. and before that it happened on Sep. 01. The only solution that worked was to delete the account and set it up again which is quite a pain as I always need to tune the account settings and manually add all my identities. I tried to get the server cert and/or confirm a security exception but the option was greyed out.

I have no clue what makes TB complain about a mismatch of the server certificate in the first place.

I am on TB 91.3.0 (64bit) with w10 and I have a mail server with 2 domains. Both domains use a Lets Encrypt certificate. Every other month TB complains that "a requested domain name does not match the server’s certificate" This mainly happens to the default account. The last time it happened was today on 11.11. and before that it happened on Sep. 01. The only solution that worked was to delete the account and set it up again which is quite a pain as I always need to tune the account settings and manually add all my identities. I tried to get the server cert and/or confirm a security exception but the option was greyed out. I have no clue what makes TB complain about a mismatch of the server certificate in the first place.

All Replies (5)

more options

Please post a screenshot of the error message. https://support.mozilla.org/kb/how-do-i-create-screenshot-my-problem

more options

Unfortunately I did not make a screenshot before I re-added the account, so I will need to wait until the problem comes up again.

more options

My best guess is that the server FQDN Thunderbird is accessing isn't the same what's in the cert's subject or SAN field. This happens every time the cert is renewed automatically. When Thunderbird complains about the mismatch you create an exception, and then the same happens again upon the next renewal date.

more options

If a lets encrypt cert gets renewed I need to create an new exception in TB. That's the regular behaviour. The thing is, that every other month, the button to create an exception does not work. This happens mainly to the default account while the exception on my second domain can be set. I also use K9mail on my Android phone and there I do not have the problem to accept the new certificates.

more options
If a lets encrypt cert gets renewed I need to create an new exception in TB. That's the regular behaviour.

The regular behavior would be not to get prompted for a certificate exception.

Without an exact error code I'm not going to guess what's wrong.