// Thunderbird LDAP via SSL with self-signed certificate

Adding a LDAP directory as a contact source for Thunderbird can be quite tricky if you have SSL-only connection and your server is using self-signed certificate. For some reason there is no Add exception dialog appearing during the first connection attempt as we got used to when connecting to a mail server.

Following will help you to to add the exception manually:

  1. Go to Config editor (aka about:config, PreferencesAdvancedGeneral, press the Config editor button).
  2. Add new (or edit existing) string key 'network.security.ports.banned.override', set value to '636'. This will disable port blocking feature for port 636 (visit http://www-archive.mozilla.org/projects/netlib/PortBanning.html for more info).
  3. Go to SettingsAdvancedCertificatesViewServersAdd exception.
  4. Type your_ldap_host:636 to the Location field, click on Get certificate, then Confirm Security Exception.
  5. Add your LDAP directory to contacts
  6. Now you can revert the config 'network.security.ports.banned.override' to previous value, it is no longer needed.

Hope that helped ;-)

Leave a comment…



C F N B Z R
  • E-Mail address will not be published.
  • Formatting:
    //italic//  __underlined__
    **bold**  ''preformatted''
  • Links:
    [[http://example.com]]
    [[http://example.com|Link Text]]
  • Quotation:
    > This is a quote. Don't forget the space in front of the text: "> "
  • Code:
    <code>This is unspecific source code</code>
    <code [lang]>This is specifc [lang] code</code>
    <code php><?php echo 'example'; ?></code>
    Available: html, css, javascript, bash, cpp, …
  • Lists:
    Indent your text by two spaces and use a * for
    each unordered list item or a - for ordered ones.
About me
SW developer, amateur tennis player, rock'n'roll & heavy metal fan.