On 28/09/17 04:19, Alice Wonder wrote: > With the current Thunderbird I can not connect to one of my IMAP servers > that uses a self-signed cert. Virtually identical IMAP servers that use > CA signed certs work > > I was a bit out of date when I updated to 7.4 and was running > Thunderbird 45.6.x and it worked. > > When I connected from evolution (which I do not like) it worked. > > When I connected with my laptop still running 45.6.x it works. > > so - I rebuilt thunderbird 45.8.0 from 7.3 updates (newest that isn't > 5x.x.x series) and did an --oldpackage update with RPM and it works again. > > When rebuilding the old thunderbird in mock I had to add the following: > > BuildRequires: dbus-glib-devel > > Either the build system used by CentOS automatically includes that, or a > build dependency use to pull that it but no longer does. > > Anyway if anyone is having a similar problem, that's a solution. > > -=- > > This is what I see in the mail server log when current CentOS > thunderbird tries to connect: > > Sep 25 20:17:49 librelamp dovecot: imap-login: Disconnected (no auth > attempts in 1 secs): user=<>, > rip=2600:1010:b064:f260:e83e:562d:2316:18df, > lip=2600:3c01::f03c:91ff:fee4:310c, TLS handshaking: SSL_accept() > failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown > ca: SSL alert number 48, session=<u7agQAlasK8mABAQsGTyYOg+Vi0jFhjf> > > --- > > Since it works with current evolution and with older thunderbird, I > assume it is a bug in current thunderbird when the server is using a > self-signed cert. > > Don't know if same thing happens on pop. > > I use IMAP on 143 using starttls I have no problem using a self-signed cert on my own private mail server, although admittedly I'm using POP, not IMAP. Have you imported your certificate(s) in thunderbird? Preferences > Advanced > Certificates