Thunderbird Community Forum

Hi,

I’m using Thunderbird on Windows and recently ran into a certificate warning that I can’t safely interpret, even after searching the web and using AI tools (which gave me inconsistent answers).

Thunderbird tries to connect to the iCloud contacts server p123-contacts.icloud.com (CardDAV). When it does, I get a “wrong site” certificate error. When I click “View certificate”, Thunderbird shows a valid certificate, but not for Apple/iCloud – it’s for login.kraftcom.de (issued by DigiCert / GeoTrust TLS RSA CA G1). I did not accept the exception.

From what I can see online, p123-contacts.icloud.com is a legitimate Apple domain, but it is also mentioned in some phishing / scareware contexts, which makes me even more unsure how to interpret this combination (Apple host + Kraftcom certificate). I’m also not sure whether this is simply a captive-portal / ISP login interception effect or something that should worry the wider community.

My questions:

Is this behavior expected in any scenario, or does it indicate a misconfiguration / MITM situation that Thunderbird should treat as a serious security issue?

Is there anything I should check or change on my side (Thunderbird config, network, ISP, certificates)?

Is there any additional diagnostic information I can provide (logs, screenshots) that would help you assess whether this is a Thunderbird issue or a network/ISP issue?

I specifically did not confirm the certificate exception and I would like to keep my setup secure, but I also want to make sure the community is aware if this is a broader problem.

Thanks in advance for any guidance

I am getting an error for an outdated certificate on my mail smtp server and when I try to add a security exception Thunderbird does absolutely nothing when i click the button to add a security exception where I can send mail. I end up having to cancel the window and discard my email. It will also not go view the certificate and if you ask it to check it just hangs up forever in and endless loop of checking.