Managed to solve this with help from post of Ian J.
Looks like Thunderbird gets duped by a "bad certificate" the first time. But subsequent deletion and attempt to re-authenticate to the server, it doesn't recognise it as something legitimate akin to what Outlook responds as ''the target principal name is incorrect'' as given in Ian's post.
However, it was solved by creating new certificates following the instructions under Configuring Cyrus with OpenSSL
. Have put the new key and certificate at /etc/pki/cyrus-imapd/cyrus-imapd.pem, made it readable for the group 'mail', essentially making it readable for cyrus and am hoping that it shall survive any subsequent upgrades.
Now the certificate looks like this -
This definitely begs an improvement in the cyrus app for 6.x.
PS: Found that my tracker account is disabled as of now. Guess it is due to prolonged non-usage. Will put in a request to enable it and thereafter file a bug report.