I finally found the answer by looking at what was going on at
wireshark level and comparing with working connections. Thunderbird 3 by
default uses TLS1.0 with SSL3. I don't think ApacheDS copes too well
with this combination. (Other clients are using SSLv2 not SSLv3). I
found out how to disable the use of TLS in Thunderbird and all came
good. The setting is in the config prefs: security.enable_tls
This seems like a bug in ApacheDS, but I could not see any Jira issue
for it.
MT
On 15/09/10 2:07 PM, [email protected] wrote:
Trying to get Thunderbird talking SSL to ApacheDS 1.5.7 but having
difficulties. Non-SSL working fine. Other clients (such as iPhone and
Apache Studio DS) also work fine with and without SSL against the same
server. So I have ruled out basic connectivity issues etc.
In Thunderbird, it seems to go awry when it's reading the
certificate. If I try installing an exception for that server, and
plug in the URL https://my.server.com:636 (or ldaps instead of
https), it comes back with "No Information Available". And "Unable to
obtain identification status for the given site".
I have tried installing a self-signed certificate with slightly
different parameters but this makes no difference. Also tried TB on
another machine, just in case my TB install was hosed in some way, but
same result.
Have tried this in Thunderbird 3.0.6, 3.0.7 and 3.1.2. Thunderbird
SSL also working fine with other servers for IMAPS, SMTPS etc, just
not LDAPS on ApacheDS.
Does anyone else have this combination working?
Cheers, MT
