Confirm Security Excepton
Every time I launch Thunderbird I am prompted to Add Security Exception. I am tired of having to click the "Confirm Security Exception" button 10+ times because the dialog pops up over and over again. Its now changed to just prompting everytime I switch folders. But, that is no better.
Now sending doesn't work. I get an error message and a prompt to add a security exception. I click OK on the "Sending of message failed" error dialog and then "Confirm Security Exception" on the Add Security Exception dialog. I try to resend, but I get the same error and security exception prompt....over and over again.
Thunderbird has now become unusable. It simple doesn't work anymore. Its like trying to use an app written for Windows XP thats too incompatible to work anymore.
I am looking for a new mail app.
被采纳的解决方案
the solution is to turn off Bitdefender ScanSSL option.
Excellent. Please mark your findings as the solution for this thread, so others can benefit from it.
I'm not a fan of the 'ScanSSL option' in various anti-virus software products anyway, as it essentially performs a man-in-the-middle attack, and compromises end-to-end security.
And I apologize for the 'clueless' remark. Having said that, a little less emotional approach in your OP could have avoided the irritation in the first place.
定位到答案原位置 👍 0所有回复 (7)
The Security Exception prompt comes up for a reason and to protect you, not to annoy you. It also shows an error code what went wrong. You posted a long rant but haven't bothered to mention the error code though. What to do about this really depends on the error code.
What's alarming is that most people apparently are clueless about these things and just get annoyed when something doesn't work. In the worst case your account or even your computer can get compromised when foolishly clicking the exception prompt.
I am looking for a new mail app.
That is entirely up to you. Good luck.
由christ1于
Hello christ1
While my message was critical of the behavior of the Thunderbird application. I made no personal insults. To say that that I or other users are "clueless" is quite in insulting and far below what is acceptable on these forums.
I understand quite well what the Security Exception warning is about. So when I click "Confirm Security Exception", I know what I am doing.
However I should not have to do it fifty (yes 50) times a day. Once should be enough. Obviously there is a bug(s) somewhere in the software. So if you are a developer, like myself, instead of insulting the person reporting the bug why don't you try fixing it !!
I have attached a screen shot of the error for the benefit of others.
Every time I launch Thunderbird I am prompted to Add Security Exception.
Did this ever work without the security exception?
I should not have to do it fifty (yes 50) times a day.
Agreed.
if you are a developer, like myself
I'm not. The people answering questions in this forum are mostly volunteers, not developers.
instead of insulting the person reporting the bug why don't you try fixing it !!
'Reporting the bug', come on. As a developer I'd expect you to be able to produce a more useful bug report than you did, with at least some substantial information like the error code. And threatening to use a different email client certainly has no value for a bug report.
I have attached a screen shot of the error for the benefit of others.
Good. In the Exception window press the 'Get Certificate' button, and then the 'View' button. That should open the Certificate in a new Certificate Viewer window. Please post a screenshot of the Certificate Viewer window. It would certainly help if you don't obfuscate the 'Issued By' and 'Issued To' fields.
When I click "View" the attached certificate is displayed. The mail server I an trying to access is mail.xxxxxx.com.cust.a.hostedemail.com which should be cover by the certificate which is for *.hostedemail.com.
I knw there may be an issue with the certificate not being from a recognized authority. However, I add an exception (by clicking "Confirm Security Exception") the app should accept that I am ok with that and stop prompting me.
I add an exception (by clicking "Confirm Security Exception") the app should accept that I am ok with that and stop prompting me.
I tend to agree. So there is possibly another problem. Is there anything relevant in the error console (Ctrl-Shift-J)?
Ok, I did some more investigation and the actual certificate provide by the mail server is one issued by GeoTrust (see attached). It appears that BitDefender was replacing the certificate with one it generated. It also appears that BitDefender is generating a new certificate and replacing it on the fly for each request, and since a new cert (with a different signature) is encountered every time by ThunderBird the "Confirm Security Exception" prompt is displayed every time.
I turned off the Bitdefender ScanSSL option and was able to see the real certificate details (see attached). I also turned it back on to check the certificate details each time the Security Exception dialog is displayed. As I suspected the certificate details (serial number and fingerprint) are different each time (see attached cert screen caps).
So it looks like its Bit Defender is the source of the problem. However, it would be good if Thunderbird could detect and report that the certificate is different than the previous one that was confirmed/accepted. After all, while the serial number and fingerprints of the certs are different, the domain (common name) is the same.
In the meantime, the solution is to turn off Bitdefender ScanSSL option. Adding the mail server to the Bitdefender WhiteList did not seem to work.
选择的解决方案
the solution is to turn off Bitdefender ScanSSL option.
Excellent. Please mark your findings as the solution for this thread, so others can benefit from it.
I'm not a fan of the 'ScanSSL option' in various anti-virus software products anyway, as it essentially performs a man-in-the-middle attack, and compromises end-to-end security.
And I apologize for the 'clueless' remark. Having said that, a little less emotional approach in your OP could have avoided the irritation in the first place.
由christ1于