problems with MSN certificate chain

Matthias Apitz guru at
Sat Jan 19 07:00:37 EST 2013

El día Friday, January 18, 2013 a las 05:23:30PM +0000, David Woolley escribió:

> David Woolley wrote:
> > To the extent that that is the problem, simply replacing the .pem file 
> > with a current one, should sort the problem.  I don't know if you will 
> The server certificates don't seem to include the full certificate 
> chain, so I think you will need to install the pem file for MSIT Machine 
> Authority CA-2.  Doing so may be more important than correcting the 
> expired certificate.  (I'm wondering if Pidgin is ignoring expiry dates.)
> The immediate signer of an earlier certificate was Microsoft Secure 
> Server  Authority, which is known to Pidgin, but also expired in 
> February 2011.

There is a ticket at
and I have copied the certificate Baltimore_CyberTrust_Root.pem
which is attached there on my FreeBSD system to /usr/local/share/purple/ca-certs/
and all is fine again (until March 15, of course).

Matthias Apitz               |  /"\ ASCII Ribbon Campaign:
E-mail: guru at     |  \ / - No HTML/RTF in E-mail
WWW: |   X  - No proprietary attachments
phone: +49-170-4527211       |  / \ - Respect for open standards

More information about the Support mailing list