Windows 10 reached EOS (end of support) on October 14, 2025. For more information, see this article.

Avatar for Username

Cari Bantuan

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Pelajari Lebih Lanjut

Utas ini sudah ditutup dan diarsipkan. Silakan membuat pertanyaan baru jika Anda membutuhkan bantuan.

SSL Certificate Error from IMAP Server

  • 3 balas
  • 2 memiliki masalah ini
  • 58 kunjungan
  • Balasan terakhir oleh Matt

SuMo Bot
SuMo Bot
more options

I am investigating this problem in the Dovecot mailing list as well as here.

Hopefully, there are users out there who are familiar with that IMAP server

For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are:

IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password

The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42

Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no

Those settings work fine in my old server.

When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps

At this point I prefer not having an SSL certificate on the Thunderbird side.

TIA

I am investigating this problem in the Dovecot mailing list as well as here. Hopefully, there are users out there who are familiar with that IMAP server For years, I have been running the Dovecot/Thunderbird combination. However, I am preparing a new server and both applications have obviously changed. An SSL certificate seems to be the cause of the problem. My TB settings are: IMAP: Connection Security: SSL/TLS Port: 993 Authentication Method: Normal Password The specific error message produced by TB attempting to connect is this: dovecot: imap-login: Disconnected: TLS: SSL_read() failed: SSL routines:ssl3_read_bytes:sslv3 alert bad certificate: SSL alert number 42 Dovecot seems to be complaining about the lack of an SSL certificate (or defective) despite the fact that my settings are: auth_ssl_require_client_cert = no ssl_verify_client_cert = no Those settings work fine in my old server. When I use the command below under Linux, everything is fine: openssl s_client -connect dovecot-server:imaps At this point I prefer not having an SSL certificate on the Thunderbird side. TIA

Semua Balasan (4)

Stans
Stans
more options

Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

SuMo Bot
SuMo Bot Pemilik pertanyaan
more options

Stans said
Why set Tbird to use SSL/TLS connection security if you don't want a certificate involved?

Hi Stans:

I am attempting to have a minimum configuration (which worked fine for a long time) up&running. Dovecot allows fine-grained control. This is one the settings mentioned by the Dovecot expert:

protocol imap { 

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

protocol submission { 

   ssl_verify_client_cert = yes
   auth_ssl_require_client_cert = no
   ssl = required

}

Under some configuration, the server produces a certificate but the client does not. Presumably.

I will tighten the security settings later.

Thanks

Matt
Matt
  • Top 10 Contributor
  • Moderator
more options

I think the clue here is you are using SSLV3 by the looks of the error you posted.

See https://support.mozilla.org/en-US/kb/thunderbird-78-faq#w_after-upgrading-to-thunderbird-78-i-cannot-get-or-send-email-messages

The minimum for encrypted connections is TLS V1.2

SuMo Bot
SuMo Bot Pemilik pertanyaan
more options

This question has been locked because the original author has deleted their account. While you can no longer post new replies, the existing content remains available for reference.