For testing secure LDAP address book connectivity using OpenDJ 2.4.0 and Thunderbird 3.1.6, running on OpenIndiana oi_147, one can use the following procedure.
This assumes you have already installed and are running OpenDJ 2.4.0, and that you chose to generate a self-signed certificate during setup. In the below example, afterburner is the name of my server. OpenDJ is running as a local instance.
In the Thunderbird application preferences, point to the LDAP server for address autocompletion. In this example we are using port 1636 for secure LDAP access:
Apply settings, and attempt to address a recipient in a new message. You should be presented with an error message:
Click “View Certificate”. In the window that appears, click on the “Details” tab, and click the “Export…” button:
Save the certificate somewhere convenient. The default certificate format (“X.509 Certificate (PEM)”) appears to work fine.
Go back to your Thunderbird preferences, and view your installed certificates:
Click on the “Servers” tab, and import the certificate you saved in the previous step:
Edit the certificate properties, and tell Thunderbird to trust the authenticity of the certificate:
That’s it. You may need to restart Thunderbird for the settings to take effect, but if all has gone well you should have anonymous secure access to the local LDAP service.