Facebook certificate is untrusted

I've had this happening to me for a while and I'm glad to see someone else has reported it. It now makes it far less likely someone is reading my conversations.

Just for posterity, I also have the same certificate: SHA1 is 22 E5 0E EE AF 2D AF 8E 44 03 77 19 6C 4D 95 73 4D EE 94 D9

Same here, SHA1 is 22 E5 0E EE AF 2D AF 8E 44 03 77 19 6C 4D 95 73 4D EE 94 D9

Those certificates had been added to KDE, according to http://bugs.kde.org/show_bug.cgi?id=141757

See also https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/742889

It appears that three of DigiCert's certificates have been added to the system CA list, but not the one mentioned above. I implemented the following workaround on my maverick system:

1. Export the required certificate from Firefox
- Preferences -> Advanced -> View Certificates
- Scroll down to DigiCert section
- Select "DigiCert High Assurance CA-3"
- Export as "X.509 Certificate (PEM)" to "/tmp/DigiCert_High_Assurance_CA-3.crt"
- Open a terminal window
- Run "sudo mv /tmp/DigiCert_High_Assurance_CA-3.crt /usr/share/ca-certificates/mozilla
- Run "sudo chown root.root /usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_CA-3.crt"
- Run "sudo dpkg-reconfigure ca-certificates"
- Select "Yes"
- Scroll down and mark the new certificate

Before this change, a certificate notice would appear everytime I went online in empathy chat. After this change, I went "offline" and "online" in empathy chat, and the certificate warning did not appear.

Actually, I'm having this problem in Empathy. Even if I choose to remember the choice to trust the certificate, it still comes up each time I log into facebook. I also tried Mike Pelley's steps above and that didn't seem to help. I'll add a screenshot of the message.

This is a ca-certificates package issue not a gwibber it self, please keep your eyes over that report.

please! I need aid! S.O.S.
 I not, like removing to this persecution from my PC, cellular and telephone! that
 I can do?
I have spent much in tools and it always returns the insect!
That I do?

http !!!
#+bug/746973
### I CANNOT!

Remember, this bug report is a duplicate of bug #12982. Comment here only if you think the duplicate status is wrong.

@Mike Pelley : Your workaround works like a charm, now I don't have warning anymore :D
I'm under Ubuntu Natty 11.04 beta1 amd64

@To DEV : Is it possible to implement this certificate in the natty beat2 ?

FYI, here are the exact commands i used to solved the pb, thanks to Mike Pelley :

1/ Open Firefox and connect to https://www.facebook.com with your facebook account
Go into the firefox Edit menu and click on Preferences -> Advanced -> View Certificates
Scroll down to DigiCert section
Select "DigiCert High Assurance CA-3"
Export as "X.509 Certificate (PEM)" to /tmp/DigiCertHighAssuranceCA-3.crt

2/ Open a terminal window
sudo cp /tmp/DigiCertHighAssuranceCA-3.crt /usr/share/ca-certificates/mozilla/DigiCert_High_Assurance_CA-3.crt
sudo dpkg-reconfigure ca-certificates
select the new DigiCert_High_Assurance_CA-3.crt and press space on it
validate with OK
disconnect / reconnect empathy, the certificate doesn't show anymore.

Same here - all certs except the new one I added seem to be selected. I missed this and didn't select the new cert every time I ran dpkg-reconfigure. Therefore: ****Check that the new cert is selected in the list!!****

ca-certificates problem, not telepathy problem.

Has anyone actually checked the validity of the certificate?