On 14/12/2024 14:09, Dima wrote:
> Using VPN via SOCK5
>
> Got a message notification pop-up "Certificate for imap.google.com does
> not come from the trusted source." with a button "activate".
Likely imap.googlemail.com
For HTTP, providers sometimes use "captive portal" to request user
authentication or to show some notification. For TLS it causes an error.
I have no idea if some party (VPN provider? Proxy authentication?
Incorrect VPN configuration?) may use it for IMAP.
In some cases server does not send an intermediate certificate in
signing chain (browser on administrator's computer acquired it from
other site, so they are unaware of the issue), but I would not expect it
from Google.
A tool to debug issues is "openssl s_client"
> - View a log. May be there is a log in Thunderbird or in systemd, and I
> can identify that issue, found certificate that blamed.
Thunderbird has console [Ctrl+Shift+J], but usually logs (and their
persistence) should be enabled in advance.
Maybe certificate management is better documented for Firefox.
Paul Duncan
Marine Technician, RV Falkor(too)
SCHMIDT OCEAN INSTITUTE
mobile
+1 650 387 4151
VOIP
+1 954 672 4943
Follow us on Twitter, Facebook and Google+
This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged
information. Any unauthorized review, use, disclosure or distribution is prohibited. If you have received it in
error, please advise the sender by reply email and delete the message and any attachments. Thank you.