On 29.12.2023 15:30, Carlos E. R. wrote:
I would learn How to do it, if someone points me to a "how to create CA and certificates for dovecot that makes Thunderbird happy, for dummies".
The dummies part is important.
Sorry, I do not know such document. Certificate management is complex, and making guide which is correct, reasonably complete and suitable for complete dummies is probably quite challenging task by itself. Anyway, I tried and could not reproduce your problem. I setup dovecot ("zypper in dovecot", generated self-signed certificate using the same command I showed, that's all) on Leap 15.4. I configured TB 115.5.0 to use it with IMAP in TLS mode. TB asked me if I wanted to trust this certificate and entered exception in cert_override.txt. I then replaced key/certificate pair on dovecot with new one and restarted dovecot. When updating folders TB popped up the same question and updated cert_override.txt. So as far as I can tell it works as expected. If you can describe conditions which lead to your issue, I may try to dig further. But so far I do not have anything to begin with. The format of the cert_override.txt is pretty trivial and can be generated manually if necessary.