[Pidgin] #17275: Need option to ignore certificate errors

Pidgin trac at pidgin.im
Fri Nov 30 10:58:47 EST 2018

#17275: Need option to ignore certificate errors
 Reporter:  plarkinjr            |       Owner:  deryni
     Type:  enhancement          |      Status:  new
Milestone:                       |   Component:  XMPP
  Version:  2.12.0               |  Resolution:
 Keywords:  SSL Certificate nss  |

Comment (by mattenklicker):

 I get exactly the same error with Cisco Jabber. The problem is probably
 that the CN of the certificate does not match the hostname (which is the
 case here). And pidgin does check only the CN and not the hostnames in
 Subject Alternative Name:
 =file-view-default#certificate.h-286: "For X.509, this is the "Common
 Name" field, as we're only using it"

 "openssl s_client -showcerts -connect host:5222 -starttls xmpp" shows no

 BTW: If you use gnutls instead of nss you get a popup to ignore the
 certificate failure.

Ticket URL: <https://developer.pidgin.im/ticket/17275#comment:1>
Pidgin <https://pidgin.im>

More information about the Tracker mailing list