Open Bug 1151322 Opened 6 years ago Updated 5 years ago

Generate better diagnostic messages when certificate issues cause SMTP STARTTLS connection failures

Categories

(Thunderbird :: Security, enhancement)

31 Branch
enhancement
Not set
normal

Tracking

(Not tracked)

UNCONFIRMED

People

(Reporter: quiet.dragon, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:36.0) Gecko/20100101 Firefox/36.0
Build ID: 20150320202338

Steps to reproduce:

For some certificate errors (eg expired server certificates, expired certification authority certificates), the diagnostic message issued by Thunderbird is not particularly helpful.


Actual results:

I see the following error message when trying to send email:

The message could not be sent using SMTP server smtp.****.*** for an unknown reason. Please verify that your SMTP server settings are correct and try again, or contact your network administrator.


Expected results:

The best kind of message would help pinpoint the actual difficulty:

The message could not be sent using SMTP server smtp.****.*** because the certificate received from http://ocsp.startssl.com/sub/class1/server/ca has expired. Please verify that your SMTP server settings are correct and try again, or contact your network administrator.

Even if the above cannot be achieved, a more helpful message would be:

The message could not be sent using SMTP server smtp.****.*** due to a problem with the SSL certificate. Please verify that your SMTP server settings are correct and try again, or contact your network administrator.
Severity: normal → enhancement
OS: Mac OS X → All
Hardware: x86 → All
Component: Untriaged → Security
You need to log in before you can comment on or make changes to this bug.