Thunderbird dovecot

This forum is dedicated to advanced help and support :

Ask here your questions about advanced usage of Mageia. For example you may post here all your questions about network and automated installs, complex server configurations, kernel tuning, creating your own Mageia mirrors, and all tasks likely to be touchy even for skilled users.

Thunderbird dovecot

Postby bittwister » Jul 19th, '20, 03:19

I had been running a previous release of of TB.
Installed vendor thunderbird-78.0.tar.bz2 and had been working for a day or so on mga7 and mga8.

Noticed mail disposition buttons I had removed were set back to showing up. Ok I'll remove them again BUT could not get access to the customize feature.

Fine, assumed something in current profile was causing problem, so I deleted ~/.thunderbird and attempted to create my login.

It fails to login. In the past, I could navigate eventually to the accept ssl certificate. That option no longer exists.

So, I created a self-signed cert, changed dovecot options and still cannot login. Looking in the log I see
Code: Select all
Jul 18 19:59:33 imap-login: Error: Failed to initialize SSL server context:
Can't load SSL certificate: There is no valid PEM certificate.
: user=<>, rip=127.0.0.1, lip=127.0.0.2, session=<+zFA58CqtLt/AAAB>


Any suggestions welcome.

Dovecot changes
Code: Select all
ssl_cert = </etc/pki/tls/certs/dovecot.pem
ssl_key = </etc/pki/tls/private/dovecot.pem
#* create ssl_dh file with the following line:
#*    openssl dhparam -out /etc/dovecot/dh.pem 1024
#***************** end bug 22758 workaround ***********************
#* https://www.reddit.com/r/Thunderbird/comments/fnfiyy/help_i_have_the_dreaded_ssl_alert_number_42/
ssl = required
ssl_ca = </etc/ssl/certs/dovecot.pem
ssl_require_crl = yes
ssl_verify_client_cert = no
ssl_min_protocol = TLSv1.2
disable_plaintext_auth = yes
auth_ssl_require_client_cert = no
auth_mechanisms = plain login
!include auth-passwdfile.conf.ext


generated new cert
Code: Select all
    OPENSSLCONFIG=/etc/dovecot/self_signed.cnf
    CERTFILE=/etc/dovecot/dh.pem
    KEYFILE=/etc/pki/tls/private/dovecot.pem

    rm --force $CERTFILE

    openssl req -new -x509 -nodes -config $OPENSSLCONFIG \
    -out $CERTFILE -keyout $KEYFILE -days 400 \


cat /etc/dovecot/self_signed.cnf
Code: Select all
[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_distinguished_name
x509_extensions = cert_type
prompt = no

[ req_distinguished_name ]
C = US
ST = TX
L = xxxx
O = Citizen
OU = Myhouse
CN = mail.home.test
emailAddress=postmaster@home.test

[ cert_type ]
nsCertType = server
bittwister
 
Posts: 43
Joined: Oct 5th, '13, 21:48

Return to Advanced support

Who is online

Users browsing this forum: No registered users and 1 guest