When someone sends me a msg, it displays along with the HTTP equivalent? Trying to figure out what setting is out of Wack such that I ses the HTTPS display of the messag… (read more)
When someone sends me a msg, it displays along with the HTTP equivalent? Trying to figure out what setting is out of Wack such that I ses the HTTPS display of the message? Thanks
Hi, I’m using Thunderbird on Windows and recently ran into a certificate warning that I can’t safely interpret, even after searching the web and using AI tools (which ga… (read more)
Hi,
I’m using Thunderbird on Windows and recently ran into a certificate warning that I can’t safely interpret, even after searching the web and using AI tools (which gave me inconsistent answers).
Thunderbird tries to connect to the iCloud contacts server p123-contacts.icloud.com (CardDAV). When it does, I get a “wrong site” certificate error. When I click “View certificate”, Thunderbird shows a valid certificate, but not for Apple/iCloud – it’s for login.kraftcom.de (issued by DigiCert / GeoTrust TLS RSA CA G1). I did not accept the exception.
From what I can see online, p123-contacts.icloud.com is a legitimate Apple domain, but it is also mentioned in some phishing / scareware contexts, which makes me even more unsure how to interpret this combination (Apple host + Kraftcom certificate). I’m also not sure whether this is simply a captive-portal / ISP login interception effect or something that should worry the wider community.
My questions:
Is this behavior expected in any scenario, or does it indicate a misconfiguration / MITM situation that Thunderbird should treat as a serious security issue?
Is there anything I should check or change on my side (Thunderbird config, network, ISP, certificates)?
Is there any additional diagnostic information I can provide (logs, screenshots) that would help you assess whether this is a Thunderbird issue or a network/ISP issue?
I specifically did not confirm the certificate exception and I would like to keep my setup secure, but I also want to make sure the community is aware if this is a broader problem.
Thanks in advance for any guidance
I have 4 emails in Thunderbird, one of those I also have on my phone, it is receiving mail, on my desktop, two of the emails have no email today, and two I have only one … (read more)
I have 4 emails in Thunderbird, one of those I also have on my phone, it is receiving mail, on my desktop, two of the emails have no email today, and two I have only one email, all should have 10 to 20 or more emails. I do have the emails on the website, but they are not loading onto Thunderbird. I get this message, "The certificate for imap.knology.net is not valid for the server. Someone could be trying to impersonate the server and you should not continue.
Can you offer any help?
I generated a CSR file via the instructions at https://support.mozilla.org/en-US/kb/instructions-smime-certificate-using-csr#thunderbird:linux:tb145 . After submitting a… (read more)
I generated a CSR file via the instructions at https://support.mozilla.org/en-US/kb/instructions-smime-certificate-using-csr#thunderbird:linux:tb145 . After submitting and receiving a certificate from a CA, importing it the People tab of the Certificate Manager does not do anything: nothing new appears in the Your Certificates tab.
Where are the private keys associated to the generated CSRs stored? How can I access them to resolve this?
Running 140.5.0esr via flatpak on Fedora 43 Kinoite.
I have 2 emails provided by my ISP (knology), I have received no emails since 7:30 on 12/5, the are on the webmail site. The other 2 emails are gmail accounts they are wo… (read more)
I have 2 emails provided by my ISP (knology), I have received no emails since 7:30 on 12/5, the are on the webmail site. The other 2 emails are gmail accounts they are working fine. I am getting a message, "The certificate for imap.knology.net is not valid for that server. Someone could be impersonating the server, you should not continue."
The fact that the gmails work and knology does not work is a clue but I don't know what it means.
I have contacted my ISP and after 45 minutes they gave up and said they will escalate and get back to me,
with in a couple days! it was on a Saturday.
Thank you, Mike
Hello, I have read this one https://support.mozilla.org/en-US/kb/openpgp-thunderbird-android-howto and I was aiming for additional detailed info on a specific step in th… (read more)
Hello,
I have read this one https://support.mozilla.org/en-US/kb/openpgp-thunderbird-android-howto and I was aiming for additional detailed info on a specific step in the "Select an encryption key or create a new key" section.
From Thunderbird Desktop I can already send/receive encrypted emails from a specific email account and I have exported, on my laptop, my private and public keys as well as the public keys of some contacts.
On my Android phone I have Thunderbird for Android (version 14) already set up for the same email account and, in order to start using email encryption, I understood from the above link that I first need to install OpenKeychain and then, from the image in step 2 of "Select an encryption key or create a new key" and from the text of the subsequent step 3, that I'll need to choose "I already have a key. Import end-to-end key from other device" and then, if I got it right, try to find the keys which I exported on my laptop from Thunderbird Desktop.
Are there any precise details on how to find those exported keys and load them into OpenKeychain? Meaning, for instance, do I need to copy/paste the keys from my laptop into the archive of my Android phone and then direct Thunderbird/OpenKeychain to that location to pick them up?
Any type of details/links/docs/videos with respect to this, will be useful. As well as any explanations in case I understood wrongly and what I am trying to do is not the proper way to proceed.
Please note: I am not an expert.
Thank you
Best Regards
What is best for mobile because they coeinside together
I have a misconfigured SSL/ TLS for my Internet. If I change my browser will that correct the error ?bold text
I am using an email server that currently is using certificates that have expired. That problem is being worked on. In the meantime, whenever I access the server to open … (read more)
I am using an email server that currently is using certificates that have expired. That problem is being worked on. In the meantime, whenever I access the server to open a folder, I get a pop-up notification telling me that the certificate has expired. I go ahead and confirm the security exception and check the box to permanently store the exception. Trouble is this ISN'T being persisted, when I open a different folder I have to go through this process again in order to access my emails in that folder.
Me thinks you got a bug in your software Kemosabe!
I can't open up a VPN for my internet security. A window notification said that an error in SSL/ TLS IS TOO LONG
Thunderbird says this "the certificate for imap.supanet.com does not come from a trusted source". however I have used this email for some time and am happy with it . can … (read more)
Thunderbird says this "the certificate for imap.supanet.com does not come from a trusted source". however I have used this email for some time and am happy with it . can I continue with this certificate as I do trust this source
A couple months ago, I asked internet provider to discontinue service. I continued to get emails from their server anyway. In fact, I think I am continuing to get some fr… (read more)
A couple months ago, I asked internet provider to discontinue service. I continued to get emails from their server anyway. In fact, I think I am continuing to get some from them but appears they maybe forwarded to my gmail address instead of iowatelecom.net address that I was using. Now, when Thunderbird downloads my emails, first thing that pops up is a message saying "The certificate for imap.iowatelecom.net is not valid for that server. Someone could be trying to impersonate the server and you should not continue." Then, it gives me the little box with "Dismiss", that I can check. It will go ahead and download my emails into the gmail folder. The iowatelecom.net folder is in RED and no emails are going to that folder. Can I or should I get rid of the iowatelecom.net folder and if so, how should I proceed. Just don't want to mess everything up. Thanks for the help.
I'm using Thunderbird 140.5.0esr. I have a remote email server on a small "linode" and recently had to restore it from a backup. When opening Thunderbird, I get the mes… (read more)
I'm using Thunderbird 140.5.0esr. I have a remote email server on a small "linode" and recently had to restore it from a backup.
When opening Thunderbird, I get the message "The certificate for adonax.com expired on 10/29/2025." I've been getting emails up to and including yesterday.
I ran the renewal program (sudo certbot renew) from the command line of my remote server, and was told the certificate did not need renewing. The "expiry date" is shown to be 2026, March 20 when having certbot display the certificate information.
So, there is some sort of disconnect happening in the communications between Thunderbird and the locations of the certificates on my server. I'm hoping for some advice as to how to trace the path. One possibility is that there is a location on my server that is used to connect to the certs and this is holding stale information due to the recent restore done for the remote server. Another is that maybe there is cached information or something else blocking the request from Thunderbird.
From Thunderbird, I am presented with a form "Add Security Exception". This indicates that thunderbird is contacting the location adonax.com:993. I checked the port from the server using UFW and it is open to all. The Thunderbird form however hangs when I hit the "Get Certificate" button, and clicking the "Confirm Security Exception" appears to do nothing. The button "View..." opens a tab with the expired certificate. All the information on the certificate that is displayed by Thunderbird looks good, matches what I have in terms of URLs, but the dates are wrong.
Is there perhaps something blocking thunderbird from using port 993? Is there a way to test that? If 993 is working, I will try to research what is going on there at the Ubuntu end. I tried putting adonax.com:993 in Chrome and got an ERR_UNSAFE_PORT, for what that is worth.
Hi I just wondering that if the developer of Firefox can make or improve more about personality and security online I hope they can make The possibility to encrypt browse… (read more)
Hi I just wondering that if the developer of Firefox can make or improve more about personality and security online I hope they can make The possibility to encrypt browser with browser more like you are of another browser to encrypt into one
Hello, My SMTP server uses Let's Encrypt certificate. The website with the same domain has no certificate. Thunderbird refuses to connect to my SMTP server. Test connecti… (read more)
Hello, My SMTP server uses Let's Encrypt certificate. The website with the same domain has no certificate. Thunderbird refuses to connect to my SMTP server. Test connection to the server (STARTTLS) in account settings sais "The secure connection to the server failed" (or similar. I see bg localization). Another server with Let's Encrypt certificate. Test pases. Clicking View certificate shows webserver cert (from DigiCert Inc).
I can't send emails! :)
Regards! Valentin
Could we see XMPP-Omemo support in TB Chat? It'd be such a usable feature, especially given it's usage in popular apps like Conversations...
what is that popup missing certificat and how to correct?
Hello, I just did a full windows defender scan and it turns out Trojan:Script/Wacatac.H!ml popped up when it was done and it said the files affected were: containerfile… (read more)
Hello,
I just did a full windows defender scan and it turns out Trojan:Script/Wacatac.H!ml popped up when it was done and it said the files affected were:
containerfile: C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\.default-release\cache2\entries\InsertHashHere
file: C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\.default-release\cache2\entries\InsertHashHere->(GZip)
I removed the hashes or whatever they were behind the entries, I was wondering if this was a false positive? I didn't notice any slowed down or hacked accounts, also windows defender quarantined it. I've also reinstalled Firefox and deleted all folders associated with Mozilla in AppData.
I think there is a potential security threat and did not continue to www.google.com Please help me to resolve the problem. Isaac … (read more)
I think there is a potential security threat and did not continue to www.google.com Please help me to resolve the problem.
Isaac
I'm running the latest version of Firefox on Win 11 64 bit. In looking through settings, I noticed that DNS over HTTPS, which is set to the Cloudflare default, is inacti… (read more)
I'm running the latest version of Firefox on Win 11 64 bit.
In looking through settings, I noticed that DNS over HTTPS, which is set to the Cloudflare default, is inactive and giving the error (NS_ERROR_NET_INTERRUPT). Using NextDNS is fine.
The problem is not unique to FF, as another Chrome-based browser has the same problem, and I have switched that to OpenDNS.
I have been through all the possible causes and diagnostics for Cloudflare not working (firewall, running FF in safe mode etc.) but can't see anything.
However, I did download the Cloudflare desktop application, and when this is running in background, the Cloudflare DNS/HTTPS settings work perfectly in both FF and the other browser.
Whilst I can of course keep using the other DNS providers, I'd prefer Cloudflare, but I don't really want to have yet another app running and consuming resources, which would be the case with Cloudflare.
If anyone has any suggestions for why Cloudflare isn't working, or how to fix it, I'd welcome them. I have searched high and low for more information, both here and elsewhere, but if such exists, I haven't found it.