[Pidgin] #15543: CACert certificates invalid?
Pidgin
trac at pidgin.im
Tue Mar 12 14:48:44 EDT 2013
#15543: CACert certificates invalid?
--------------------+----------------------
Reporter: mo | Owner: deryni
Type: defect | Status: closed
Milestone: | Component: XMPP
Version: 2.10.3 | Resolution: invalid
Keywords: tls |
--------------------+----------------------
Comment (by mo):
Replying to [comment:6 datallah]:
> That's exactly what the issue issue is - your certificate is signed
using the `sha1WithRSAEncryption` algorithm, but the intermediate
certificates are signed with the insecure `md5WithRSAEncryption`
algorithm.
I don't understand. The new intermediate Class 3 CACert certificate
(introduced in 2011) was signed using sha256WithRSAEncryption. It is
present in /etc/ssl/certs/cacert.org.pem and /etc/ssl/certs/ca-
certificates.crt on my client system. My server also has the full (new)
chain and has a certificate that should be signed by the new certificate
as it was only generated recently.
--
Ticket URL: <https://developer.pidgin.im/ticket/15543#comment:7>
Pidgin <http://pidgin.im>
Pidgin
More information about the Tracker
mailing list