[Pidgin] #11753: Certificate Validation Prompt for 'omega.contacts.msn.com' Server on Pidgin 2.6.6
Pidgin
trac at pidgin.im
Thu Nov 18 13:24:19 EST 2010
#11753: Certificate Validation Prompt for 'omega.contacts.msn.com' Server on Pidgin
2.6.6
----------------------+-----------------------------------------------------
Reporter: compengi | Owner: QuLogic
Type: defect | Status: closed
Milestone: | Component: MSN
Version: 2.6.6 | Resolution: cantfix
Keywords: |
----------------------+-----------------------------------------------------
Comment(by acruise):
I don't know whether anything has *changed* as such, but
omega.contacts.msn.com is using a three-element certificate chain, in
which the L1 is a globally trusted CA (CyberTrust), the L2 is Microsoft's
own CA certificate, and the L3 (end entity cert) uses a wildcard CN.
There are an awful lot of programs and libraries that don't support third-
(and bigger) certificate chains properly, and a lot that don't support
wildcards properly, so I don't think this really deserves to be a cantfix.
If you do openssl -connect omega.contacts.msn.com:443 -showcerts you'll
see all three certificates in the chain.
--
Ticket URL: <http://developer.pidgin.im/ticket/11753#comment:4>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list