|Summary:||net-im/pidgin-2.5.2 complains about certificate for rsi.hotmail.com|
|Product:||Gentoo Linux||Reporter:||DEMAINE Benoît-Pierre, aka DoubleHP <dhp_gentoo>|
|Component:||Current packages||Assignee:||Gentoo net-im Herd <net-im>|
|Package list:||Runtime testing required:||---|
Description DEMAINE Benoît-Pierre, aka DoubleHP 2008-12-15 12:13:15 UTC
Since a few days, my pidgin complains: > Invalid certificate authority signature > > The certificate chain presented by rsi.hotmail.com does not have a valid digital signature from the Certificate Authority from which it claims to have a signature. People from IRC answered: > it's "known" in as much as MSN/Hotmail changed their signing certificates, and your system/distribution may not have the newest version > the newest versions of pidgin ship with the correct certificates, but your system may override those Note: I am using stable machine, and unmasked 2.5.2 to get benefit of various bugfixes. This bug may be linked with bug 244374 , or with any bug dealing about ca-certs. Please, fix this bug before stabilisation (bug 248137 ) but do not make it block.
Comment 1 DEMAINE Benoît-Pierre, aka DoubleHP 2008-12-15 12:13:27 UTC
Created attachment 175324 [details] /tmp/emerge--info
Comment 2 Panagiotis Christopoulos (RETIRED) 2008-12-15 12:31:05 UTC
(In reply to comment #0) > Since a few days, my pidgin complains: > > > Invalid certificate authority signature > > > > The certificate chain presented by rsi.hotmail.com does not have a valid... Please try to backup your ~/.purple/certificates/x509/tls_peers and remove the certificates from that folder. Then restart pidgin. Theoritically, you'll see a window at startup asking whether you want to accept a rsi.hotmail.com new certificate. Please, reply, with any results.
Comment 3 Panagiotis Christopoulos (RETIRED) 2008-12-15 12:38:48 UTC
Hm, but maybe finally, I'm the one who didn't understand what you're trying to explain here. I'll assign the bug to the proper team, for further investigation.
Comment 4 DEMAINE Benoît-Pierre, aka DoubleHP 2008-12-15 12:52:38 UTC
After dhp@moon-gen-3:~/.purple/certificates/x509$ mv tls_peers tls_peers_arch_2008_12_15 dhp@moon-gen-3:~/.purple/certificates/x509$ I get the same error message, only one about MSN, and exactly the same. I would have been surprised the problem is my user profile. The problem may rather be in /etc/ca-certificates/ ... IIRC.