Sök i support

Akta dig för supportbedrägerier: Vi kommer aldrig att be dig att ringa eller skicka ett sms till ett telefonnummer eller dela personlig information. Rapportera misstänkt aktivitet med alternativet "Rapportera missbruk".

Läs mer

SSL Certificate Error from IMAP Server

  • 3 svar
  • 2 har detta problem
  • 1 visning
  • Senaste svar av Matt

more options

I am investigating this problem in the Dovecot mailing list as well as here.

Hopefully, there are users out there who are familiar with that IMAP server

For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are:

IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password

The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42

Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no

Those settings work fine in my old server.

When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps

At this point I prefer not having an SSL certificate on the Thunderbird side.

TIA

I am investigating this problem in the Dovecot mailing list as well as here. Hopefully, there are users out there who are familiar with that IMAP server For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are: IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42 Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no Those settings work fine in my old server. When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps At this point I prefer not having an SSL certificate on the Thunderbird side. TIA

Alla svar (3)

more options

Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

more options

Stans said

Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

Hi Stans:

I am attempting to have a minimum configuration (which worked fine for a long time) up&running. Dovecot allows fine-grained control. This is one the settings mentioned by the Dovecot expert:

protocol imap {

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

protocol submission {

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

Under some configuration, the server produces a certificate but the client does not. Presumably.

I will tighten the security settings later.

Thanks

Ändrad av Raymond H

more options

I think the clue here is you are using SSLV3 by the looks of the error you posted.

See https://support.mozilla.org/en-US/kb/thunderbird-78-faq#w_after-upgrading-to-thunderbird-78-i-cannot-get-or-send-email-messages

The minimum for encrypted connections is TLS V1.2