Topic: [solved] can't use thunderbird with SME (dovecot)

[globalsi]

hello,
I use a SME 9.2 server up to date (server only mode).
I just made an update on Friday 15 th

Code: [Select]

Nov 15 14:29:38 Updated: php-common-5.3.3-50.el6_10.x86_64
Nov 15 14:29:39 Updated: nspr-4.21.0-1.el6_10.x86_64
Nov 15 14:29:40 Updated: nss-util-3.44.0-1.el6_10.x86_64
Nov 15 14:29:41 Updated: openssl-1.0.1e-58.el6_10.x86_64
Nov 15 14:29:42 Updated: samba-winbind-clients-3.6.23-53.el6_10.x86_64
Nov 15 14:29:45 Updated: samba-common-3.6.23-53.el6_10.x86_64
Nov 15 14:29:47 Updated: samba-winbind-3.6.23-53.el6_10.x86_64
Nov 15 14:29:47 Updated: nss-softokn-freebl-3.44.0-5.el6_10.x86_64
Nov 15 14:29:47 Updated: nss-softokn-3.44.0-5.el6_10.x86_64
Nov 15 14:29:47 Updated: nss-sysinit-3.44.0-7.el6_10.x86_64
Nov 15 14:29:48 Updated: nss-3.44.0-7.el6_10.x86_64
Nov 15 14:29:49 Updated: php-cli-5.3.3-50.el6_10.x86_64
Nov 15 14:29:49 Updated: php-pdo-5.3.3-50.el6_10.x86_64
Nov 15 14:29:54 Updated: kernel-firmware-2.6.32-754.24.3.el6.noarch
Nov 15 14:30:05 Installed: kernel-2.6.32-754.24.3.el6.x86_64
Nov 15 14:30:05 Updated: php-mysql-5.3.3-50.el6_10.x86_64
Nov 15 14:30:06 Updated: php-5.3.3-50.el6_10.x86_64
Nov 15 14:30:06 Updated: nss-tools-3.44.0-7.el6_10.x86_64
Nov 15 14:30:08 Updated: samba-3.6.23-53.el6_10.x86_64
Nov 15 14:30:10 Updated: samba-client-3.6.23-53.el6_10.x86_64
Nov 15 14:30:12 Updated: 1:dovecot-2.0.9-22.el6_10.1.x86_64
Nov 15 14:30:12 Updated: php-imap-5.3.3-50.el6_10.x86_64
Nov 15 14:30:13 Updated: php-xml-5.3.3-50.el6_10.x86_64
Nov 15 14:30:13 Updated: php-ldap-5.3.3-50.el6_10.x86_64
Nov 15 14:30:13 Updated: php-mbstring-5.3.3-50.el6_10.x86_64
Nov 15 14:30:14 Updated: php-gd-5.3.3-50.el6_10.x86_64
Nov 15 14:30:15 Updated: udev-147-2.74.el6_10.x86_64
Nov 15 14:30:16 Updated: sudo-1.8.6p3-29.el6_10.2.x86_64
Nov 15 14:30:19 Updated: tzdata-2019c-1.el6.noarch
Nov 15 14:30:22 Updated: kernel-headers-2.6.32-754.24.3.el6.x86_64
Nov 15 14:30:22 Updated: libudev-147-2.74.el6_10.x86_64
Since then, I can't connect via Thunderbird in IMAP to SME mail server. I do not have a problem with Outlook.

Code: [Select]

more /var/log/dovecot/current | grep alert
@400000005dd3a7bd34b4d604 imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa68066f0e7c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa682c83b2d4 imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa6907da085c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa691295781c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3ad5c12270a94 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3ad5c12e161b4 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3ad6c1f47fcec imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3aeba03bce2e4 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3aec12543c1bc imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42

@400000005dd3a7bd34b4d604 imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa68066f0e7c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa682c83b2d4 imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa6907da085c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3aa691295781c imap-login: Info: Disconnected (no auth attempts): rip=WAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca: SSL alert number 48
@400000005dd3ad5c12270a94 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3ad5c12e161b4 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3ad6c1f47fcec imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42
@400000005dd3aeba03bce2e4 imap-login: Info: Disconnected (no auth attempts): rip=LAN_IP, lip=SME_IP, TLS: SSL_read() failed: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate: SSL alert number 42

Do you have an idea of the problem ?
How else can I reinstall the previous version of the package?

thank you

[bunkobugsy]

Do a full reconfigure (and restart), check that your cert is valid (when opening server-manager) or install Letsencrypt.

"Upgrading to Thunderbird 60.2.1 or later might cause your saved passwords to be ignored. The same problem can occur if you move the profile from one operating system to another. The workaround is to exit Thunderbird and delete the the pkcs11.txt file in the profile. Thunderbird will create a new version of that file when it restarts."

http://kb.mozillazine.org/Password_not_remembered_-_Thunderbird

[globalsi]

I just do :

Code: [Select]

console and 4.reconfigureAfter the reboot, there is still the problem. 
The cert (self signed) is valid until jan 15th 2020.

I also test from a fresh Thunderbird installation and it still don't work.

[globalsi]

for information

Code: [Select]

[root@mysme ~]# config show modSSL
modSSL=service
    CipherSuite=ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
    TCPPort=443
    access=public
    status=enabled

[bunkobugsy]

CipherSuite key is missing from both of my 9.3 servers, try deleting it.
Also try to install https://wiki.contribs.org/Letsencrypt (reconfigure,reboot).
Make sure to set IMAPS to 993 SSL and SSMTP to 465 SSL with auth.

[globalsi]

Hi,
I have created a new self signed certificate (https://wiki.contribs.org/Certificates_Concepts#Expiration_time_of_the_self_signed_certificate) and after the reboot, there is no more problem