the certificate cannot be confirmed
Ethan Blanton
elb at pidgin.im
Thu Feb 18 16:44:12 EST 2016
David Woolley spake unto us the following wisdom:
> On 18/02/16 09:12, Ирина Козлова wrote:
> >Whenthe user logs in Pidgin (inclusion), eJabber2 gives that the
> >certificate cannot be confirmed. The validity of the certificate has
> >expired 16.02.2016 and can no longer be considered valid. Function
> >disable certificate validation using Pidgin not. How to solve this problem?
>
> That's server configuration problem not a pidgin problem. Any client that
> does not produce an error is insecure.
This is true. However, producing an error and allowing the user to
override is reasonable. If Pidgin doesn't do that (which it
historically has not), that's a bug. A long-standing bug, but a bug.
Yes, it's a double-edged sword, but the fact is that users cannot
necessarily fix broken servers that they may have to use anyway.
Ethan
More information about the Support
mailing list