Guys I need to distribute thunderbird to the employees of my company and they must be able to recognize our certification authority as valid. As the data from root certif…
Guys I need to distribute thunderbird to the employees of my company and they must be able to recognize our certification authority as valid. As the data from root certificates is present in cert.db at the users home at .thunderbird folder I could not find a way to ship it with the application.
I have tried to connect and add an exception but it still doesnt work.
On Thunderbird 45.0, I'm trying to add ldap address book. Administrator in my company, forced 'starttls' on ldap, so I cannot use port 389 and unsecured connection. Certi…
On Thunderbird 45.0, I'm trying to add ldap address book. Administrator in my company, forced 'starttls' on ldap, so I cannot use port 389 and unsecured connection. Certificate is self signed. I tried ldap over ssl (port 636). After saving address book directory, I checked "use ssl", and port changed to 636. So far, so good. While I try to replicate directory I get "failed to replicate directory" without any reason. I tried to enable LDAP debug, by setting console variable: export NSPR_LOG_MODULES=ldap:5,timestamp, but the only 'debug' that Thunderbird prints is that it tries to perform bind, and did unbind. No error, exception, whatever. I found an error in Thunderbird GUI, in "console error" (opened with Ctrl + Shift +J ). First it was SEC_ERROR_UNKNOWN_ISSUER, but I managed to get CA certificate and add it as trusted. So my error changed to: SEC_ERROR_UNTRUSTED_CERT. I downloaded server certificate with: echo -n | openssl s_client -connect ldap.tld:636 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ~/ldap.tld.pem and add it as trusted certificate. No luck. I googled a lot and found that despite fact that I added it as trusted certificate I need to change certificate trust (source: http://forums.mozillazine.org/viewtopic.php?t=1645605) by going to: "TOOLS: OPTIONS: ADVANCED: CERTIFICATES -> View Certificates Click on the SERVERS tab, click IMPORT, select the saved Certificate. Now you will see the domain listed under your certificates, except it is still not trusted. Select the domain name, and click EDIT. Now select "Trust the authenticity of this certificate" " But I don't have an option "EDIT". See screen. Only available options are: show, import, export, delete, add an exception. So I thought I should try to 'add an exception". In the pop-up I tried to add exception to: ldap.tld:636 , as suggested in thread: http://forums.mozillazine.org/viewtopic.php?p=4535555 , no luck, no error in console. Just plain information: failed to obtain status of that domain. If I try protocol https:// I got error in 'error console': NS_ERROR_PORT_ACCESS_NOT_ALLOWED. Btw. someone should try to update KB: https://support.mozilla.org/en-US/kb/add-security-exception So I thought it's only certificate, so let's try to add it to NSS database itself, so I found one I use in: $HOME/.thunderbird/randomId.profile/ Listing works with: certutil -L -d sql:$HOME/.thunderbird/randomId.default/ |grep tld tld CA CT,c,c tld ldap p,, Legend says that lowercase 'p' is "p prohibited (explicitly distrusted)" Source: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/tools/NSS_Tools_certutil Which confirms what thunderbird logs in error console: Peer's certificate has been marked as not trusted by the user. SEC_ERROR_UNTRUSTED_CERT. They were already in database, so adding them as trusted before worked - they are in thunderbird certificates database. So I changed it's trust with:
certutil -A -n tld ldap -t "P,P,P" -i ~/ldap.tld.pem -d sql:$HOME/.thunderbird/randomId.default/
'P' should be: Trusted peer (funny fact is that: https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/Reference/NSS_tools_:_certutil says that 'p' is valid peer, and P is trusted peer (implies p) ) After restarting thunderbird I got the same error: SEC_ERROR_UNTRUSTED_CERT I tried to add flag: security.tls.insecure_fallback_hosts; in "about:config" version for thunderbird, as it sometimes helps with firefox, but with no luck. I tried to add certificate and CA as system trusted certificates by coping them to /etc/pki ; server certificate to /etc/pki/tls/certs/ldap.tld.pem; CA to: /etc/pki/ca-trust/source/anchors/ldap.ca.pem and update system config with: c_rehash and update-ca-trust - thunderbird is not affected.
My question is: how do I add self signed certificate as an trusted certificate in thunderbird 45.0? My system: Fedora 22, 64bit
I have read that in order to whitelist an email address, I need to add it to my Personal address book. I did this but the emails coming from this address still go directl…
I have read that in order to whitelist an email address, I need to add it to my Personal address book.
I did this but the emails coming from this address still go directly to my spam inbox.
The emails are automatic notifications sent from a server in order to warn me that my server is down, so I absolutely need to get ALL emails coming from this address.
Als ik Thunderbird afsluit krijg ik een pop up menu te zien waar je een Back up kan maken, ik heb een map aangemaakt in de folder Thunderbird op C maar helaas zodra ik OK…
Als ik Thunderbird afsluit krijg ik een pop up menu te zien waar je een Back up kan maken, ik heb een map aangemaakt in de folder Thunderbird op C maar helaas zodra ik OK aanklik gebeurt er echt helemaal niets, nada, kan wachten tot ik een ons weeg maar zelfs na een half uur nog totaal geen enkele reacties van het programma, wie weet wat ik eventueel fout doe of wat er mis is. Plaatje uploaden van amper 28 kb schijnt veel moeite te kosten, maar het betreft hier "ImportExportTools-back up" Dan maar zonder plaatje nietwaar.