Even with this bug's fix, I still see a variant of this bug when my mail server (running Dovecot) uses a cert signed by a CA that's not in Thunderbird's list of authorities. This is with `security.tls.ech.grease_probability` set to `0`. I tested with today's comm-central "daily". In my case (with logging turned on as per https://wiki.mozilla.org/MailNews:Logging#Mac_OS_X), the error is `805a1ff3` == `SEC_ERROR_UNKNOWN_ISSUER` (https://james-ross.co.uk/mozilla/misc/nserror?0x805A1FF3). This is one of the errors considered overridable [here](https://searchfox.org/comm-central/source/mozilla/security/manager/ssl/NSSErrorsService.cpp#136). When I right-click on my account name (in the Folders pane) and choose "Get Messages", nothing appears to happen at all (though I see error `805a1ff3` when logging is turned on). There's no dialog giving me a chance to override the error -- or any dialog at all.
Bug 1764770 Comment 71 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Even with this bug's fix, I still see a variant of this bug when my mail server (running Dovecot) uses a cert signed by a CA that's not in Thunderbird's list of authorities. This is with `security.tls.ech.grease_probability` set to `0`. I tested with today's comm-central "daily". In my case (with logging turned on as per https://wiki.mozilla.org/MailNews:Logging#Mac_OS_X), the error is `805a1ff3` == `SEC_ERROR_UNKNOWN_ISSUER` (https://james-ross.co.uk/mozilla/misc/nserror?0x805A1FF3). This is one of the errors considered overridable [here](https://searchfox.org/comm-central/source/mozilla/security/manager/ssl/NSSErrorsService.cpp#136). When I right-click on my account name (in the Folders pane) and choose "Get Messages", nothing appears to happen at all (though I see error `0x805a1ff3` when logging is turned on). There's no dialog giving me a chance to override the error -- or any dialog at all.
Even with this bug's fix, I still see a variant of this bug when my mail server (running Dovecot) uses a cert signed by a CA that's not in Thunderbird's list of authorities. This is with `security.tls.ech.grease_probability` set to `0`. I tested with today's comm-central "daily". In my case (with logging turned on as per https://wiki.mozilla.org/MailNews:Logging#Mac_OS_X), the error is `0x805a1ff3` == `SEC_ERROR_UNKNOWN_ISSUER` (https://james-ross.co.uk/mozilla/misc/nserror?0x805A1FF3). This is one of the errors considered overridable [here](https://searchfox.org/comm-central/source/mozilla/security/manager/ssl/NSSErrorsService.cpp#136). When I right-click on my account name (in the Folders pane) and choose "Get Messages", nothing appears to happen at all (though I see error `0x805a1ff3` when logging is turned on). There's no dialog giving me a chance to override the error -- or any dialog at all.
Even with this bug's fix, I still see a variant of this bug when my mail server (running Dovecot) uses a cert signed by a CA that's not in Thunderbird's list of authorities. This is with `security.tls.ech.grease_probability` set to `0`. I tested with today's comm-central "daily". In my case (with logging turned on as per https://wiki.mozilla.org/MailNews:Logging#Mac_OS_X), the error is `0x805a1ff3` == `SEC_ERROR_UNKNOWN_ISSUER` (https://james-ross.co.uk/mozilla/misc/nserror?0x805A1FF3). This is one of the errors considered overridable [here](https://searchfox.org/comm-central/source/mozilla/security/manager/ssl/NSSErrorsService.cpp#136). When I right-click on my account name (in the Folders pane) and choose "Get Messages", nothing appears to happen at all (though I see error `0x805a1ff3` when logging is turned on). There's no dialog giving me a chance to override the error -- or any dialog at all. Edit: For what it's worth, I never get asked for my password (when the bug happens). Gene, are you asked for your password in cases when you don't see the certificate exception dialog? Or do you have your password saved by Thunderbird's password manager?
Even with this bug's fix, I still see a variant of it when my mail server (running Dovecot) uses a cert signed by a CA that's not in Thunderbird's list of authorities. This is with `security.tls.ech.grease_probability` set to `0`. I tested with today's comm-central "daily". In my case (with logging turned on as per https://wiki.mozilla.org/MailNews:Logging#Mac_OS_X), the error is `0x805a1ff3` == `SEC_ERROR_UNKNOWN_ISSUER` (https://james-ross.co.uk/mozilla/misc/nserror?0x805A1FF3). This is one of the errors considered overridable [here](https://searchfox.org/comm-central/source/mozilla/security/manager/ssl/NSSErrorsService.cpp#136). When I right-click on my account name (in the Folders pane) and choose "Get Messages", nothing appears to happen at all (though I see error `0x805a1ff3` when logging is turned on). There's no dialog giving me a chance to override the error -- or any dialog at all. Edit: For what it's worth, I never get asked for my password (when the bug happens). Gene, are you asked for your password in cases when you don't see the certificate exception dialog? Or do you have your password saved by Thunderbird's password manager?