Add Security Exception

This article is no longer maintained, so its content might be out of date.

By default, Thunderbird attempts to communicate with mail servers using the SSL (Secure Sockets Layer) or the more recent TLS (Transport Layer Security) protocol. These protocols enable encrypted communication between Thunderbird and the mail server, which prevents messages from being intercepted by third parties and being read or tampered with.

To initiate an encrypted session, the mail server sends Thunderbird a digital certificate that is issued by a "certificate authority", a "trusted third party" that is publicly known. Thunderbird checks the validity of the digital certificate. If Thunderbird cannot confirm that the certificate is valid and correct, it will display an "Add Security Exception" dialog.

The problem usually arises when the mail server's certificate is invalid for some reason. Problems can include certificates expiring, being incorrectly named, or claiming a certificate authority that is not in Thunderbird's list of valid authorities. See SSL Security Error on the MozillaZine site for detailed information about the kind of errors that might occur.

Often this problem takes care of itself, in that the mail server provider will realize that they have made an error with their certificate and will replace it with a corrected version.

If the error persists you should contact the mail service provider and see if they have changed their connection settings. If they have, modify your account settings to match. Otherwise, you must make a judgement about whether you want to trust the mail server and create an exception (via the "Add Security Exception" dialog) or stop using the affected email account.

Modify account settings

In many cases you will need to modify your account settings for the mail server. See Configure an Account for instructions. The mail server provider should provide you with the connection information. (Also, see the ISP Configuration Settings page for connection information for some of the common mail providers. Note, though, that the settings described on these pages are not necessarily up to date and not necessarily applicable to each server in the domain.)

If the error occurs when you send messages, you must modify your Outgoing Server (SMTP) settings. If it occurs when you receive messages, you must modify the Server Settings for the email account.

Add security exception

Alternatively, you can add a security exception. Note that this means that communication between Thunderbird and the mail server is not encrypted, and messages can therefore be intercepted and read by third parties.

  1. In the menu bar, click the Thunderbird menu and select Settings.Click the menu button Fx89menuButton and choose Settings.
  2. Click the Advanced panel, then click the Certificates tab.
  3. Click View Certificates, then click the Servers tab.
  4. Click Add Exception.
  5. Enter the server name and port as "https://[servername]:[port]"; for example https://pop.example.com:995 or https://smtp.example.com:465.

These fine people helped write this article:

Illustration of hands

Volunteer

Grow and share your expertise with others. Answer questions and improve our knowledge base.

Learn More