Results 1 to 2 of 2

Thread: [SOLVED] thunderbird and commercial certificate (4.x)

  1. #1
    su_A_ve is offline Advanced Member
    Join Date
    Dec 2006
    Posts
    184
    Rep Power
    8

    Default [SOLVED] thunderbird and commercial certificate (4.x)

    Hello,

    We obtained commercial certificates from Verisign. These do need an intermediate cert.

    We followed the instructions and https is working fine. Firefox and IE properly list the certificate chain correctly - Verisign root, verisign chain, and cert.

    However under thunderbird, only the certificate is display, and of course we get the "Could not verify this certificate for unknown reasons".

    The java cacerts keystore seems to contain the verisign root. The tomcat keystore contain both the intermediate and the servers cert.

    SMTP outbound TLS works fine. It's just imap. I tried both TLS and SSL but both give the same results.

    Is IMAP using a different certificate? slapd.crt, smtpd.crt and perdition.crt only include the server cert. Should it include the intermediate?

    TIA...

    I

  2. #2
    su_A_ve is offline Advanced Member
    Join Date
    Dec 2006
    Posts
    184
    Rep Power
    8

    Default

    ugh - talk about having to digg this... We run our internal certificate auth, so it was like moving from a commercial cert without an intermediate to one with one, keeping the private key.

    This post showed the solution...

    I had not noticed that Firefox and IE both already had the intermediate, therefore I never noticed an issue there. However it was not in Thunderbird...

    All the instructions on the wiki where based on creating a csr and key from scratch, or importing the root and intermediate certs.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •