We are in the process of setting up a self-hosted mail solution in our lab and we're required to be our own CA. The problem we're having is that Thundebird is complaining that our root certificate is untrusted, even though we know it's valid.
The problem is that Thunderbird comes with it's own certificates that it trust, and it does not look at the computers trusted certificates, so just pushing a GPO to all clients with the root certificate does not work.
We need to automate the deployment of importing the root certificate into Thundebird and are having severe problems figuring out how.
Autoconfig is working and thunderbird are getting the right server configuration but the certificate error is still persistent. The only known way is to manually import the certificate into Thunderbirds trusted certificates.
Does anyone here have a suggestion on how to proceed?