On 2013-02-22, Matthias Leopold wrote:
with thunderbird 10.0.12 i can't connect to port 993 and get errors in the logs like
TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate
(certificate generated by dovecot mkcert.sh)
or
TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
(certificate generated by own openssl cmdline)
Did you create a Root CA certificate? If not, I would prefer to create your own CA and sign all certs with this Root CA certificate. You'll have to import the created Root CA certificate in Thunderbird and/or the Microsoft Certificate Store so that the applications can trust the self signed certificates.
You could also use a free Certificate Authority like StartSSL but the Root CA certificate must also be available in the certificate store of the application (Thunderbird, MS, Opera...).
-- Daniel