Windows 10 reached EOS (end of support) on October 14, 2025. If you are on Windows 10, see this article.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Repeated gmail problem with error message: "The certificate for imap.gmail.com:993 does not come from a trusted source"

  • 4 replies
  • 1 has this problem
  • 100 views
  • Last reply by Matt
  • Open

R N
R N

I have problems every time I try to fetch my imap gmail, with Thunderbird complaining that: "The certificate for imap.gmail.com:993 does not come from a trusted source".

As near as I can tell, imap.gmail.com:993 is still the recommended setting for

Version is Thunderbird 148.0.1 (64-bit). Adding an exception for the missing certificate does not seem to make a bit of difference.

I do not know if the use of Bitdefender as my security and vpn software is a factor. I notice that the certificate (exception certificate?) shown when I click on View Certificate in my gmail account settings appears to mention Bitdefender, so perhaps that's a factor. That certificate looks as follows:

Certificate Subject Name Common Name imap.gmail.com Issuer Name Country US Organizational Unit IDS Organization Bitdefender Common Name Untrusted Bitdefender CA Validity Not Before Mon, 02 Feb 2026 08:37:57 GMT Not After Mon, 27 Apr 2026 08:37:56 GMT Subject Alt Names DNS Name imap.gmail.com Public Key Info Algorithm Elliptic Curve Key Size 256 Public Value 04:2D:20:DA:19:33:1D:AC:28:91:52:02:EB:B8:7E:33:C0:B7:E4:F3:5E:4E:88:92:E5:7E:BB:30:0C:6C:E4:84:A8:3D:D7:49:9B:22:C8:C0:BB:01:80:4B:84:30:3A:3B:73:70:8F:AB:EB:C0:F0:D5:7B:8B:0B:64:1B:DC:76:67:41 Miscellaneous Serial Number 1A:50:ED:15:50:A1:A7:93:5D:05:8A:CD:85:A5:15:FD Signature Algorithm ECDSA with SHA-256 Version 3 Download PEM (cert)PEM (chain) Fingerprints SHA-256 12:8A:58:44:DF:B5:E1:E4:EF:CC:F7:35:09:BA:6E:88:86:16:15:78:F9:28:52:23:FC:0E:E9:69:D1:AF:21:86 SHA-1 A3:30:CB:65:39:51:46:9B:3B:BC:0B:B9:09:DD:26:40:A8:52:25:3D

I have problems '''''every''''' time I try to fetch my imap gmail, with Thunderbird complaining that: "The certificate for imap.gmail.com:993 does not come from a trusted source". As near as I can tell, imap.gmail.com:993 is still the recommended setting for Version is Thunderbird 148.0.1 (64-bit). Adding an exception for the missing certificate does not seem to make a bit of difference. I do not know if the use of Bitdefender as my security and vpn software is a factor. I notice that the certificate (exception certificate?) shown when I click on View Certificate in my gmail account settings appears to mention Bitdefender, so perhaps that's a factor. That certificate looks as follows: '''Certificate Subject Name Common Name imap.gmail.com Issuer Name Country US Organizational Unit IDS Organization Bitdefender Common Name Untrusted Bitdefender CA Validity Not Before Mon, 02 Feb 2026 08:37:57 GMT Not After Mon, 27 Apr 2026 08:37:56 GMT Subject Alt Names DNS Name imap.gmail.com Public Key Info Algorithm Elliptic Curve Key Size 256 Public Value 04:2D:20:DA:19:33:1D:AC:28:91:52:02:EB:B8:7E:33:C0:B7:E4:F3:5E:4E:88:92:E5:7E:BB:30:0C:6C:E4:84:A8:3D:D7:49:9B:22:C8:C0:BB:01:80:4B:84:30:3A:3B:73:70:8F:AB:EB:C0:F0:D5:7B:8B:0B:64:1B:DC:76:67:41 Miscellaneous Serial Number 1A:50:ED:15:50:A1:A7:93:5D:05:8A:CD:85:A5:15:FD Signature Algorithm ECDSA with SHA-256 Version 3 Download PEM (cert)PEM (chain) Fingerprints SHA-256 12:8A:58:44:DF:B5:E1:E4:EF:CC:F7:35:09:BA:6E:88:86:16:15:78:F9:28:52:23:FC:0E:E9:69:D1:AF:21:86 SHA-1 A3:30:CB:65:39:51:46:9B:3B:BC:0B:B9:09:DD:26:40:A8:52:25:3D '''

All Replies (4)

Matt
Matt
  • Top 10 Contributor

What part of this problem do you need help with

Untrusted Bitdefender CA

Just get rid of Bitdefender email scanning, or add them using the instructions that provide if you trust them explicitly with all your data. I do not trust any company with all my unencrypted data at this time. Each business has to get by with the minimum I allow them and Microsoft ask for nothing for email with Defender as they do not scan it. So they can not be compelled to release my information on the whim of some foreign nation where they operate.

For example Bitdefender is a multinational cybersecurity technology company dual-headquartered in Bucharest, Romania and San Antonio, USA, with offices in the United States, Europe, Australia and the Middle East. I am not sure I trust all of those nation states to access my information in an appropriate manner.

R N
R N Question owner

Turning off Bitdefender email protection and restarting Thunderbird seemed to do the trick.

Thanks also for the information about Bitdefender's multi-national status. I'm rapidly losing confidence in the safety of even U.S.-based companies, much less the others (of which I hadn't been aware previously). Not sure what I'll do for a replacement, but I'll need to start looking.

R N
R N Question owner

Actually, although I still appreciate the information about Bitdefender, turning it off and restarting unfortunately DID NOT solve the problem. I got fooled and prematurely posted that it had worked, because apparently Thunderbird hadn't yet attempted to contact the server when I'd first looked.

So, interference from Bitdefender may or may not have been eliminated. (I don't know yet if it's got its fingers into Thunderbird in more than one place, and will post again as I continue to try things on my own.)

Meanwhile, still looking for solutions if anyone has suggestions.

Thanks very much.

Matt
Matt
  • Top 10 Contributor

Have you contacted Bitdefender and asked them how to configure their product so you can get mail? This is not a Thunderbird issue. The complete failure of bitdefender is their issue not Thunderbird despite their product causing Thunderbird to fail.

You are looking for a solution to a bit defender caused problem in a Thunderbird forum. I simply do not use it but can confirm if you uninstall it the problem will go away permanently.

As I do not use bitDefender, I find Microsoft defender more than adequate, I googled the issue and their AI offered this.

Method 1: Exporting Certificate from Windows Store (Recommended) This method involves exporting the certificate Bitdefender has already installed in Windows and importing it into Firefox/Thunderbird. Locate the Certificate: Press Windows Key + R, type certmgr.msc, and press Enter. Navigate to Trusted Root Certification Authorities > Certificates. Look for a certificate issued by Bitdefender (e.g., "Bitdefender Personal CA. Net-Defender"). Export the Certificate: Right-click the Bitdefender certificate, select All Tasks > Export. Follow the wizard to export it as a Base-64 encoded X.509 (.CER) file and save it to your desktop. Import into Firefox/Thunderbird: Open Firefox or Thunderbird. Go to Settings/Options > Privacy & Security. Scroll down to Certificates and click View Certificates. Go to the Authorities tab and click Import. Select the .cer file you exported. Crucial: Check the box "Trust this CA to identify websites" (and email users, if in Thunderbird) and click OK.

The process as described appears sane, I can not vouch for anything bitdefender is said to have done.

Modified by Matt

Ask a question

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.