By default, Thunderbird attempts to communicate with mail servers using the SSL (Secure Sockets Layer) or the more recent TLS (Transport Layer Security) protocol. These protocols enable encrypted communication between Thunderbird and the mail server, which prevents messages from being intercepted by third parties and being read or tampered with.
To initiate an encrypted session, the mail server sends Thunderbird a digital certificate that is issued by a "certificate authority", a "trusted third party" that is publicly known. Thunderbird checks the validity of the digital certificate. If Thunderbird cannot confirm that the certificate is valid and correct, it will display an "Add Security Exception" dialog.
The problem usually arises when the mail server's certificate is invalid for some reason. Problems can include certificates expiring, being incorrectly named, or claiming a certificate authority that is not in Thunderbird's list of valid authorities. See SSL Security Error on the MozillaZine site for detailed information about the kind of errors that might occur.
Often this problem takes care of itself, in that the mail server provider will realize that they have made an error with their certificate and will replace it with a corrected version.
If the error persists you should contact the mail service provider and see if they have changed their connection settings. If they have, modify your account settings to match. Otherwise, you must make a judgement about whether you want to trust the mail server and create an exception (via the "Add Security Exception" dialog) or stop using the affected email account.
Modify account settings
In many cases you will need to modify your account settings for the mail server. See Configure an Account for instructions. The mail server provider should provide you with the connection information. (Also, see the ISP Configuration Settings page for connection information for some of the common mail providers. Note, though, that the settings described on these pages are not necessarily up to date and not necessarily applicable to each server in the domain.)
If the error occurs when you send messages, you must modify your Outgoing Server (SMTP) settings. If it occurs when you receive messages, you must modify the Server Settings for the email account.
Add security exception
Alternatively, you can add a security exception. Note that this means that communication between Thunderbird and the mail server is not encrypted, and messages can therefore be intercepted and read by third parties.
- In the menu bar, click the menu and select .Click the menu button and choose .
- Click the panel, then click the tab.
- Click , then click the tab.
- Click .
- Enter the server name and port as "https://[servername]:[port]"; for example https://pop.example.com:995 or https://smtp.example.com:465.