the certificate cannot be confirmed

Ethan Blanton elb at
Thu Feb 18 16:44:12 EST 2016

David Woolley spake unto us the following wisdom:
> On 18/02/16 09:12, Ирина Козлова wrote:
> >Whenthe user logs in Pidgin (inclusion), eJabber2 gives that the
> >certificate cannot be confirmed. The validity of the certificate has
> >expired 16.02.2016 and can no longer be considered valid. Function
> >disable certificate validation using Pidgin not. How to solve this problem?
> That's server configuration problem not a pidgin problem.  Any client that
> does not produce an error is insecure.

This is true.  However, producing an error and allowing the user to
override is reasonable.  If Pidgin doesn't do that (which it
historically has not), that's a bug.  A long-standing bug, but a bug.

Yes, it's a double-edged sword, but the fact is that users cannot
necessarily fix broken servers that they may have to use anyway.


More information about the Support mailing list