Ubuntu

TLS certificate details are inadequate

Reported by Peter Berry on 2008-09-10
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Pidgin
New
Unknown
pidgin (Ubuntu)
Low
Unassigned

Bug Description

Binary package hint: pidgin

Trying to connect to MSN using Pidgin 2.5.0 on Hardy, I get a warning: "Accept certificate for login.live.com? The root certificate this one claims to be issued by is unknown to Pidgin." Clicking on "View Certificate..." however neglects to tell me who this root CA is. All it shows is the "common name", SHA1 fingerprint, and dates of activation and expiry.

Forest (foresto) wrote :

Agreed. Pidgin is asking me to decide whether to accept a root certificate based on insufficient information. Useless. I'm attaching an example, which appeared today when connecting to google talk.

Forest (foresto) wrote :

I'm using pidgin 1:2.4.1-1ubuntu2.2 on ubuntu hardy.

Changed in pidgin:
status: Unknown → New
Cory Dodt (corydodt) wrote :

With Google Talk it's worse - the popup keeps coming back no matter how many times you accept it. How can I make this *go* *away*.

Martin von Gagern (gagern) wrote :

I would wish for a feature to export the certificate, so that I can work with other tools (like openssl) to get more details, verify it externally, or whatever. This is especially important for XMPP servers, as getting at their certificate outside a Jabber client is tricky business at best.
See also related bug #302314 about recent causes for such error messages.

Magnus S (magnuss) on 2008-12-24
Changed in pidgin:
status: New → Confirmed
Changed in pidgin (Ubuntu):
importance: Undecided → Low
Pedro Villavicencio (pedro) wrote :

Thanks for the report, it has been some time without any response or feedback in this bug report and we are wondering if this is still an issue for you with the latest release of Ubuntu the Natty Narwhal, May you please test with that version and comment back if you're still having or not the issue? Please have a look at http://www.ubuntu.com/download to know how to install that version.Thanks in advance.

Changed in pidgin:
status: New → Incomplete
Changed in pidgin (Ubuntu):
status: Confirmed → Incomplete
Changed in pidgin:
status: Incomplete → New
Peter Berry (pwberry) wrote :

Tools -> Certificates -> select certificate -> Get Info still shows only common name, fingerprint, activation date and expiry date. Not the root CA.

Changed in pidgin (Ubuntu):
status: Incomplete → New
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.