搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

SSL Certificate Error from IMAP Server

  • 3 个回答
  • 2 人有此问题
  • 1 次查看
  • 最后回复者为 Matt

more options

I am investigating this problem in the Dovecot mailing list as well as here.

Hopefully, there are users out there who are familiar with that IMAP server

For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are:

IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password

The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42

Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no

Those settings work fine in my old server.

When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps

At this point I prefer not having an SSL certificate on the Thunderbird side.

TIA

I am investigating this problem in the Dovecot mailing list as well as here. Hopefully, there are users out there who are familiar with that IMAP server For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are: IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42 Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no Those settings work fine in my old server. When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps At this point I prefer not having an SSL certificate on the Thunderbird side. TIA

所有回复 (3)

more options

Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

more options

Stans said

Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

Hi Stans:

I am attempting to have a minimum configuration (which worked fine for a long time) up&running. Dovecot allows fine-grained control. This is one the settings mentioned by the Dovecot expert:

protocol imap {

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

protocol submission {

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

Under some configuration, the server produces a certificate but the client does not. Presumably.

I will tighten the security settings later.

Thanks

由Raymond H于修改

more options

I think the clue here is you are using SSLV3 by the looks of the error you posted.

See https://support.mozilla.org/en-US/kb/thunderbird-78-faq#w_after-upgrading-to-thunderbird-78-i-cannot-get-or-send-email-messages

The minimum for encrypted connections is TLS V1.2