Bugzilla

I want to add one more thing to this. Recently I noticed I couldn't see the override certificate exception dialog appear using my local dovecot test server in TLS or STARTTLS mode with self-signed cert. Clicking "Get Messages" didn't work at all any more. Looking at the code I saw that most of the changes I made to fix this in the patch above had been removed. I then looked in the changes and saw that bug 1893899 did the removal and changed the way exceptions are triggered.
Now when I connect with TLS or STARTTLS, I see a notification pop-up saying something like "certificate is from unknown source". Until I read bug 1893899 I had no idea I needed to click on the notification box to bring up the exception dialog.
Searching again with google I did find where others found this undocumented feature: https://www.reddit.com/r/Thunderbird/comments/1eykk5b/comment/ljdwqc0

I want to add one more thing to this. Recently I noticed I couldn't see the override certificate exception dialog appear using my local dovecot test server in TLS or STARTTLS mode with self-signed cert. Clicking "Get Messages" didn't work at all any more. Looking at the code I saw that most of the changes I made to fix this in the patch above had been removed. I then looked in the changes and saw that bug 1893899 did the removal and changed the way exceptions are triggered.
Now when I connect with TLS or STARTTLS, I see a notification pop-up saying something like "certificate is from unknown source". Until I read bug 1893899 I had no idea I needed to click on the notification box to bring up the exception dialog.
Searching again with google I did find where others found this undocumented feature: https://www.reddit.com/r/Thunderbird/comments/1eykk5b/comment/ljdwqc0
Note: Comment 49 still describes correctly what is needed to explicitly enter a TLS certificate exception. As mentioned, it doesn't work for STARTTLS.