[Pidgin] #9264: New twitter.com SSL certificate root server unrecognized
Pidgin
trac at pidgin.im
Fri May 29 09:43:12 EDT 2009
#9264: New twitter.com SSL certificate root server unrecognized
--------------------------------------------------------+-------------------
Reporter: zxinn | Owner: lschiere
Type: enhancement | Status: closed
Milestone: | Component: unclassified
Version: 2.5.6 | Resolution: invalid
Keywords: twitter mbpurple certificate ssl microblog |
--------------------------------------------------------+-------------------
Comment(by bazzargh):
projekt21: Its possible that your problem is related to bug 4458
http://developer.pidgin.im/ticket/4458
...since I'm using nss, not gnutls, that wouldn't affect me. If you get
asked about the cert with fingerprint 2b:66:47:fe.... again can you say
'yes', grab it from your cache, and upload it? As you comment above,
pidgin is storing certs with their server name, not (eg) with their
fingerprint, so if there really are two certs being presented here it only
stores one; and I see I have the 9e:e9:... key stored (this isn't obvious,
because nss doesn't put the fingerprints into the log).
I've been trying to test this with
openssl s_client -connect twitter.com:443 -CApath ca -showcerts
</dev/null
(under cygwin, and 'ca' here is a copy of my pidgin ca-cert dir after I've
run 'c_rehash ca' on it to make it usable by openssl), wondering if one
set of twitter's servers use a different cert, since both are in your log
fragment as being twitter.com, but I keep seeing the one 9e:e9:... cert.
--
Ticket URL: <http://developer.pidgin.im/ticket/9264#comment:7>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list