[Pidgin] #4458: Can not verify a valid certifacate (Chain is INVALID)
Pidgin
trac at pidgin.im
Tue Jul 21 03:39:11 EDT 2009
#4458: Can not verify a valid certifacate (Chain is INVALID)
----------------------------------+-----------------------------------------
Reporter: 7bestman | Owner: wehlhard
Type: defect | Status: pending
Milestone: | Component: libpurple
Version: 2.3.1 | Resolution:
Keywords: ssl Chain is INVALID |
----------------------------------+-----------------------------------------
Comment(by fippo):
Mark: the "insecure" intermediate certificate is shared/ca-
certs/CAcert_Class3.pem. If you're saying those certificates are insecure
distributing that does not sound like a good idea :-)
Conveying the issue to the server operator is not a good idea.
jabber.ccc.de uses a class3 certificate from cacert. To get such a
certificate you need several people to assure your identity. Certainly,
using a class 1 certificate (domain-validated only) is less secure.
I still wonder why this is not an issue for gnutls-cli.
--
Ticket URL: <http://developer.pidgin.im/ticket/4458#comment:15>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list