[Pidgin] #16412: NSS SSL doesn't work well with self signed certificates
Pidgin
trac at pidgin.im
Thu Oct 30 11:18:22 EDT 2014
#16412: NSS SSL doesn't work well with self signed certificates
-----------------------+------------------------
Reporter: skyserver | Owner: datallah
Type: defect | Status: closed
Milestone: 2.10.11 | Component: libpurple
Version: 2.10.10 | Resolution: fixed
Keywords: nss |
-----------------------+------------------------
Changes (by datallah):
* status: new => closed
* resolution: => fixed
* milestone: => 2.10.11
Comment:
The issue with self-signed certificates has been fixed already in
[9086eaeacd2c]. I'm making this ticket the one that we track that
particular problem under.
However, you're seeing a different problem - SEC_ERROR_CA_CERT_INVALID.
Not only do you have a self-signed cert, but the chain is invalid (e.g.
the self-signed CA cert in your change wasn't created as a CA cert with
the appropriate Basic Constraints, etc.). Previous versions of pidgin
didn't adequately check those and allowed that use case; that was a
security bug that was fixed in 2.10.10.
--
Ticket URL: <https://developer.pidgin.im/ticket/16412#comment:3>
Pidgin <https://pidgin.im>
Pidgin
More information about the Tracker
mailing list