[Pidgin] #4458: Can not verify a valid certifacate (Chain is INVALID)
Pidgin
trac at pidgin.im
Fri Oct 24 02:31:08 EDT 2008
#4458: Can not verify a valid certifacate (Chain is INVALID)
-----------------------------------+----------------------------------------
Reporter: 7bestman | Owner: wehlhard
Type: defect | Status: new
Milestone: | Component: libpurple
Version: 2.3.1 | Resolution:
Keywords: ssl, Chain is INVALID |
-----------------------------------+----------------------------------------
Comment(by fippo):
The problem is - in this case - not the signature of the certificate
itself, which is using sha1-rsa. So telling server operators to get
another certificate does not help.
The problem only affects intermediate certificates signed with a 'weak'
algorithm,
root certificates signed with rsa-md5 are not affected. In this case, the
intermediate certificate is even distributed by pidgin -
CAcert_Class3.pem.
I still wonder why gnutls-cli does not bark... it is not using the
ALLOW_SIGN_RSA_MD5 flag.
--
Ticket URL: <http://developer.pidgin.im/ticket/4458#comment:9>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list