after emerging kdelibs 3.3.2-r2 with 'ssl', RSA "Secure Server Certification Authority", a root authority from Verisign, is not included in the list of trusted CA in KDE. Kopete, trying to join MSN network, complains about the missing certificate. It was impossible to use the GUI to add it. Solution : add /etc/ssl/certs/vsignss.pem to /usr/kde/3.3/share/apps/kssl/ca-bundle.crt (remove the 2 heading lines before) The beginning of /usr/kde/3.3/share/apps/kssl/ca-bundle.crt is ## ## ca-bundle.crt -- Bundle of CA Certificates ## Last Modified: Mon Jul 26 23:28:44 EDT 2004 ## ## This is a bundle of X.509 certificates of public ## Certificate Authorities (CA). These were automatically ## extracted from Netscape Communicator's certificate database ## (the file `/home/kde/.netscape/cert7.db'). ## It seems to be a little too old, no ? Reproducible: Always Steps to Reproduce: 1. emerge kdelibs-3.3.2-r2 2. emerge kdenetwork (any version) 3. connect to MSN with kopete Actual Results: kopete complains about an 'invalid certificate', detail/continue/cancel Expected Results: Verify silently the certificate Portage 2.0.51-r3 (default-linux/x86/2004.0, gcc-3.3.5, glibc-2.3.4.20040808-r1, 2.4.26i686) ================================================================= System uname: 2.4.26 i686 AMD Athlon(tm) XP 2200+ Gentoo Base System version 1.4.16 distcc 2.16 i686-pc-linux-gnu (protocols 1 and 2) (default port 3632) [enabled] ccache version 2.3 [enabled] Autoconf: sys-devel/autoconf-2.59-r5 Automake: sys-devel/automake-1.8.5-r1 Binutils: sys-devel/binutils-2.15.92.0.2-r1 Headers: sys-kernel/linux-headers-2.4.21-r1 Libtools: sys-devel/libtool-1.4.3-r4,sys-devel/libtool-1.5.2-r7 ACCEPT_KEYWORDS="x86" AUTOCLEAN="yes" CFLAGS="-Wall -march=athlon-xp -mcpu=athlon-xp -O2 -fomit-frame-pointer -pipe -mfpmath=sse,387 -m3dnow -msse -mmmx -ffast-math -fprefetch-loop-arrays -frename-registers" CHOST="i686-pc-linux-gnu" COMPILER="" CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config /usr/kde/3.1/share/config /usr/kde/3.2/share/config /usr/kde/3.3/env /usr/kde/3.3/share/config /usr/kde/3.3/shutdown /usr/kde/3/share/config /usr/share/config /var/qmail/control" CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d" CXXFLAGS="-O2 -mcpu=athlon-xp -march=athlon-xp -fomit-frame-pointer -pipe -mfpmath=sse,387 -m3dnow -msse -mmmx -ffast-math -fmove-all-movables -fprefetch-loop-arrays -frename-registers" DISTDIR="/usr/portage/tmp/distfiles" FEATURES="autoaddcvs autoconfig buildpkg ccache distcc distlocks sfperms" GENTOO_MIRRORS="ftp://mir.zyrianes.net/gentoo/ http://mir.zyrianes.net/gentoo/ ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_TMPDIR="/usr/portage/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://rsync.gentoo.skynet.be/gentoo-portage/" USE="3dnow X X509 alsa apache2 apm arts avi berkdb bitmap-fonts cddb cdr crypt cscope cups curl divx4linux dvd encode f77 faad fam flac font-server foomaticdb fortran gdbm gifgpm gtk gtk2 imagemagick imap imlib ipv6 jpeg kde libg++ libwww mad matroska md5sum mikmod mmx motif mozilla moznocompose mpeg mysql ncurses nls nocardbus nojoystick noreiserfs nvidia offensive oggvorbis opengl oss pam pdflib perl pic png python qt quicktime readline samba sdl skey slang spell sse ssl tcpd tiff truetype truetype-fonts type1-fonts v4l vim-with-x x86 xfree xine xinerama xml2 xmms xv xvid zlib linguas_fr"
I've got it with kde 3.4 and also with kde 3.3. /usr/kde/3.3/share/apps/kssl/ca-bundle.crt: /usr/kde/3.4/share/apps/kssl/ca-bundle.crt: [SNIP] -----BEGIN CERTIFICATE----- MIICNDCCAaECEAKtZn5ORf5eV288mBle3cAwDQYJKoZIhvcNAQECBQAwXzELMAkG A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk0 MTEwOTAwMDAwMFoXDTEwMDEwNzIzNTk1OVowXzELMAkGA1UEBhMCVVMxIDAeBgNV BAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2Vy dmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUAA4GJ ADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwjiioII 0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJVphI uR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJKoZI hvcNAQECBQADfgBl3X7hsuyw4jrg7HFGmhkRuNPHoLQDQCYCPgmc4RKz0Vr2N6W3 YQO2WxZpO8ZECAyIUwxrl0nHPjXcbLm7qt9cuzovk2C2qUtN8iD3zV9/ZHuO3ABc 1/p3yjkWWW8O6tO1g39NTUJWdrTJXwT4OPjr0l91X817/OWOgHz8UA== -----END CERTIFICATE-----
seems to work in latest kde