搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

How do I accept a new ssl certificate in Thunderbird?

  • 7 个回答
  • 1 人有此问题
  • 107 次查看
  • 最后回复者为 Matt

more options

7.15.15 I cannot get or send email on my laptop as of two days ago. - Neither of the "Configuration Options for Certificates" worked to bring in the certificate I use that allows sending/receiving email. Under "Digital Signing" or "Encryption" when I press "Select" to select a certificate, I get the pop-up message "Certificate Manager can't locate a valid certificate...". When I press "View Certificates" the certificate I use is listed under "Servers" and "Authorities" and is up to date. - Also, under Tools - Options - Advanced - Certificates for: "When a server asks for my personal certificate", I've selected "Ask me every time" and to the left of "Query OSCP responder servers to confirm...", the box is checked.

I believe this issue is related to accepting a new ssl certificate that was recently renewed. I've never had this issue before. How do I trigger accepting a new certificate?

Thank you.

7.15.15 I cannot get or send email on my laptop as of two days ago. - Neither of the "Configuration Options for Certificates" worked to bring in the certificate I use that allows sending/receiving email. Under "Digital Signing" or "Encryption" when I press "Select" to select a certificate, I get the pop-up message "Certificate Manager can't locate a valid certificate...". When I press "View Certificates" the certificate I use is listed under "Servers" and "Authorities" and is up to date. - Also, under Tools - Options - Advanced - Certificates for: "When a server asks for my personal certificate", I've selected "Ask me every time" and to the left of "Query OSCP responder servers to confirm...", the box is checked. I believe this issue is related to accepting a new ssl certificate that was recently renewed. I've never had this issue before. How do I trigger accepting a new certificate? Thank you.

被采纳的解决方案

No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.

The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)

In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.

定位到答案原位置 👍 1

所有回复 (7)

more options

What kind of cert are you talking about? A user cert which you use to sign messages and what allows other people sending you encrypted messages? Or a server cert for your email provider server?

I've never had this issue before.

What is the issue in the first place?

more options

Thanks for your response and questions. My answers: Kind of server I'm referring to: a server cert for my email provider server The issue: Not being able to send/receive emails

more options
more options

I don't have a screenshot of an error because my email send/receive suddenly just stopped. I did look at the error console under Tools. Please see the image attached.

Thank you, again.

more options

选择的解决方案

No you can not communicate with that server using a current Mozilla product. In a short while you will not be able co interact with it with any product. The server operator/admin needs to fix their server to issue 1024 bit certificates or better. Or stop using TLS.

The best explanation of this change and it's cause I have seen is here https://weakdh.org/ (right at the bottom of the page. is the what you need to do stuff)

In essence the server has not has a serious security flaw patched and Mozilla products have been modified to not interact with servers that have not patched the vulnerability. The vulnerability leaves you open to man in the middle hacking attack.

more options

Thank you so much for being so knowledgeable and taking the time out of your day to provide the answer. So appreciated.

more options

--UPDATE-- Following discussion here. it Looks like there is a workaround available.through installing an add-on.