[Pidgin] #16412: NSS SSL doesn't work well with self signed certificates
Pidgin
trac at pidgin.im
Thu Nov 20 09:39:52 EST 2014
#16412: NSS SSL doesn't work well with self signed certificates
-----------------------+------------------------
Reporter: skyserver | Owner: datallah
Type: defect | Status: closed
Milestone: 2.10.11 | Component: libpurple
Version: 2.10.10 | Resolution: fixed
Keywords: nss |
-----------------------+------------------------
Comment (by bjornalfonur):
Replying to [comment:3 datallah]:
> The issue with self-signed certificates has been fixed already in
[9086eaeacd2c]. I'm making this ticket the one that we track that
particular problem under.
A very interesting read! Is this fix being deployed already? I am asking,
because I am still suffering from it (and I fear, there might be a better
place to mention this?)
My system is Ubuntu 14.04 running pidgin 2.10.10. This is what pidgin -d
gives me:
(14:29:22) nss: SSL version 3.3 using 128-bit AES-GCM with 128-bit AEAD
MAC
Server Auth: 4096-bit RSA, Key Exchange: 1024-bit DHE, Compression: NULL
Cipher Suite Name: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
(14:29:22) nss: subject=CN=hasi.it issuer=CN=CAcert Class 3
Root,OU=http://www.CAcert.org,O=CAcert Inc.
(14:29:22) nss: partial certificate chain
(14:29:22) certificate/x509/tls_cached: Starting verify for hasi.it
(14:29:22) certificate/x509/tls_cached: Checking for cached cert...
(14:29:22) certificate/x509/tls_cached: ...Not in cache
(14:29:22) nss: CERT 0. CN=hasi.it :
(14:29:22) nss: ERROR -8179: SEC_ERROR_UNKNOWN_ISSUER
(14:29:22) certificate: Failed to verify certificate for hasi.it
(14:29:22) connection: Connection error on 0xb79c6a68 (reason: 15
description: SSL peer presented an invalid certificate)
$ cat /etc/*{release,version}
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty"
...
$ pidgin --version
Pidgin 2.10.10 (libpurple 2.10.10)
How can I fix this? Download the source (instead of apt-get...) and
compile it from there?
Thank you in advance.
--
Ticket URL: <https://developer.pidgin.im/ticket/16412#comment:10>
Pidgin <https://pidgin.im>
Pidgin
More information about the Tracker
mailing list