Self-signed cert and Pidgin.

Joshua Judson Rosen rozzin at hackerposse.com
Mon Mar 30 19:11:08 EDT 2015


Is the `Tools -> Certificates' option in the menu of any use?


-- 
"Don't be afraid to ask (λf.((λx.xx) (λr.f(rr))))."


On 2015-03-30 10:25, Ken D'Ambrosio wrote:
> Hey, all.  I've got a cert that has two "problems" with it:
> 
> 1) It's self-signed, and
> 2) Its associated with a hostname that's inaccessible externally; the 
> *service* is accessible externally, but through port forwarding.
> 
> To work around #2, I set up an /etc/hosts entry; based on what I 
> understand about SSL (or *think* I understand; I'm pretty hazy on 
> certain parts), that should be okay.  But #1 seems to be an issue.  When 
> I try to fire up Pidgin, here's what I get:
> -----------------
> Unable to validate certificate
> The certificate for foo.com could not be validated.  The certificate 
> chain presented is invalid.
> -----------------
> 
> I've googled until I'm blue in the face, tried to toggle the various 
> features in the advanced tab in Pidgin's XMMP settings, tried to copy 
> the PEM file everywhere and running various update-ca-certificates 
> commands, etc., to no avail.  (Truly, it astonishes me that there's no 
> "accept the damn cert, already" feature, but not sure what's to be done 
> about that.)
> 
> Anyone have this issue?  Any suggestions on a work-around?  The 
> surprising thing is that this is relatively new; my home machine works 
> fine.  I almost wonder if it's an Ubuntu "feature," as my Mint system 
> seems happy enough -- maybe something's been updated in SSL or somesuch, 
> and it hasn't percolated to Mint yet.  Though as I haven't done a new 
> Mint install, even that's pure speculation on my part.
> 
> Thanks for any insights...
> 
> -Ken
> _______________________________________________
> gnhlug-discuss mailing list
> gnhlug-discuss at mail.gnhlug.org
> http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
> 


More information about the gnhlug-discuss mailing list