[Pidgin] #15543: CACert certificates invalid?

Pidgin trac at pidgin.im
Tue Mar 12 14:48:44 EDT 2013

#15543: CACert certificates invalid?
 Reporter:  mo      |       Owner:  deryni
     Type:  defect  |      Status:  closed
Milestone:          |   Component:  XMPP
  Version:  2.10.3  |  Resolution:  invalid
 Keywords:  tls     |

Comment (by mo):

 Replying to [comment:6 datallah]:
 > That's exactly what the issue issue is - your certificate is signed
 using the `sha1WithRSAEncryption` algorithm, but the intermediate
 certificates are signed with the insecure `md5WithRSAEncryption`

 I don't understand. The new intermediate Class 3 CACert certificate
 (introduced in 2011) was signed using sha256WithRSAEncryption. It is
 present in /etc/ssl/certs/cacert.org.pem and /etc/ssl/certs/ca-
 certificates.crt on my client system. My server also has the full (new)
 chain and has a certificate that should be signed by the new certificate
 as it was only generated recently.

Ticket URL: <https://developer.pidgin.im/ticket/15543#comment:7>
Pidgin <http://pidgin.im>

More information about the Tracker mailing list