Unacceptable TLS certificate for Self-Signed Certificates

[ericpritchett]

What Happened?

Tying to add a Proton Mail Account fails with the following error:

Could not save the e-mail account
Failed to get capabilities:
Unacceptable TLS certificate

Steps to Reproduce

Add a Proton Mail Account using Proton's mail bridge. Proton's mail bridge sets up a local server that you point the IMAP online account which uses a local self-signed certificate.

Expected Behavior

Because Proton's Mail Bridge uses a self-signed certificate there should be a red "override/add exception" button to allow this exception instead of just displaying the back and close button when trying to add an Online Account. Thunderbird allows users to add an exception to this. You can see setup instructions on Proton's site at https://proton.me/support/protonmail-bridge-clients-windows-thunderbird .

OS Version

7.x (Horus)

Software Version

Latest release (I have run all updates)

Log Output

No response

Hardware Info

No response

[ericpritchett]

I found a way for this to work! For anyone else trying to get this working, here are the steps.

1. Install Proton Mail Bridge
2. Go to Settings > Applications > Permissions and give Proton Mail Bridge access to an a folder such as your home directory, so you can export the cert and access it later. A reboot is sometimes required.
3. Open and signin to Proton Mail Bridge > Settings > Advanced Settings > Export TLS Certificate to your folder of choice.
4. Open Terminal and copy the cert: sudo cp cert.pem /usr/local/share/ca-certificates/certificate.crt and then sudo update-ca-certificates
5. You can now follow the normal Add Online Account steps with the local Proton Mail Bridge settings and it won't error on the certificate.