On 3/13/2013 12:00 AM, Alex wrote: > Hi, Hi "Alex"
>> I have an fc18 system with postfix and dovecot-2.1.13 and have >> configured them to use sasl for SMTP Auth and Maildir with imaps. >> >> The system is running now, so I'm trying to set up thunderbird to >> autodetect all settings during the initial account setup. However, it >> seems to want to use port 143 and STARTTLS, and not port 993, which is >> what I would expect. When I force it to use 993, I receive a >> certificate failure message: >> >> Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: initializing >> the server-side TLS engine >> Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: open smtpd TLS cache >> btree:/var/lib/postfix/smtpd_tls_session_cache >> Mar 12 23:20:45 propnew postfix/tlsmgr[14425]: tlsmgr_cache_run_event: >> start TLS smtpd session cache cleanup >> Mar 12 23:20:45 propnew postfix/submission/smtpd[14423]: connect from >> unknown[192.168.1.43] >> Mar 12 23:20:45 propnew dovecot: imap-login: Disconnected (no auth >> attempts in 0 secs): user=<>, rip=192.168.1.43, lip=66.111.222.101, >> TLS: SSL_read() failed: error:14094412:SSL >> routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number >> 42, session=<BGBS5MXXhQDAqAEr> > > After doing a bit more research, it looks like it's failing because > Thunderbird doesn't prompt to accept the self-signed certificate > during the "auto config" part of the setup, so just falls back to > using port 143. > > Although I think it's still using TLS on 143. I just verified that TB (17.0.4) won't do STARTTLS on TCP 143 without first accepting the self signed cert. > I'm really hoping someone can help me to clarify more specifically > what's going on here. You've already clarified it. You simply can't do account auto configuration with a self signed cert, at least not with a vanilla TB setup. The only possible solution I can think of would be to preload the user profile with the certificate. I don't know how you'd do this. I think you have some research ahead of you. -- Stan