[Pidgin] #11753: Certificate Validation Prompt for 'omega.contacts.msn.com' Server on Pidgin 2.6.6

Pidgin trac at pidgin.im
Thu Nov 18 13:24:19 EST 2010


#11753: Certificate Validation Prompt for 'omega.contacts.msn.com' Server on Pidgin
2.6.6
----------------------+-----------------------------------------------------
 Reporter:  compengi  |        Owner:  QuLogic
     Type:  defect    |       Status:  closed 
Milestone:            |    Component:  MSN    
  Version:  2.6.6     |   Resolution:  cantfix
 Keywords:            |  
----------------------+-----------------------------------------------------

Comment(by acruise):

 I don't know whether anything has *changed* as such, but
 omega.contacts.msn.com is using a three-element certificate chain, in
 which the L1 is a globally trusted CA (CyberTrust), the L2 is Microsoft's
 own CA certificate, and the L3 (end entity cert) uses a wildcard CN.
 There are an awful lot of programs and libraries that don't support third-
 (and bigger) certificate chains properly, and a lot that don't support
 wildcards properly, so I don't think this really deserves to be a cantfix.

 If you do openssl -connect omega.contacts.msn.com:443 -showcerts you'll
 see all three certificates in the chain.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/11753#comment:4>
Pidgin <http://pidgin.im>
Pidgin


More information about the Tracker mailing list