Thunderbird In CentOS 7.4
With the current Thunderbird I can not connect to one of my IMAP servers that uses a self-signed cert. Virtually identical IMAP servers that use CA signed certs work
I was a bit out of date when I updated to 7.4 and was running Thunderbird 45.6.x and it worked.
When I connected from evolution (which I do not like) it worked.
When I connected with my laptop still running 45.6.x it works.
so – I rebuilt thunderbird 45.8.0 from 7.3 updates (newest that isn’t
5x.x.x series) and did an –oldpackage update with RPM and it works again.
When rebuilding the old thunderbird in mock I had to add the following:
BuildRequires: dbus-glib-devel
Either the build system used by CentOS automatically includes that, or a build dependency use to pull that it but no longer does.
Anyway if anyone is having a similar problem, that’s a solution.
-=-
This is what I see in the mail server log when current CentOS
thunderbird tries to connect:
Sep 25 20:17:49 librelamp dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip&00:1010:b064:f260:e83e:562d:2316:18df, lip&00:3c01::f03c:91ff:fee4:310c, TLS handshaking: SSL_accept()
failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48, session=
–
4 thoughts on - Thunderbird In CentOS 7.4
I have no problem using a self-signed cert on my own private mail server, although admittedly I’m using POP, not IMAP.
Have you imported your certificate(s) in thunderbird?
Preferences > Advanced > Certificates
When Thundirbird first attempts it offers to import. Under older version it only asks once, and when I import, it’s fine until I replace the certificate (once a year, cert is good for three years but I generate new once a year – I just make it good for three in case life gets in the way).
The nee thunderbird continually asks but still fails to connect.
However as soon as I switched back to the older version, it didn’t even need to ask because I had already made an exception for that certificate.
Old thunderbird works as expected, new doesn’t.
The “no auth attempts” strikes me as suspicious. This along with the fact that your old thunderbird works suggests to me that there might have been some security bits left out of the new thunderbird build. My experience compiling Tbird pre-dates rpm, so this might have become irrelevant, but used to be a that a build would still succeed even when some capability was left out. The fact that your imap server is cool with your several other clients would also seem to isolate the problem back onto the new tbird.
Not sure how your build was different than ours .. BUT .. both our older and newer thunderbird builds have dbus-glib-devel in the buildroot
https://buildlogs.CentOS.org/c7.1708.u/thunderbird/20170824102316/52.3.0-1.el7.CentOS.x86_64/root.log
(That is the last root.log)