View Single Post
  #1   (View Single Post)  
Old 19th January 2009
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default Pidgin MSN connection issues, invalid SSL Certificate chain

I recently had an issue with MSN under Pidgin on my 7-Stable system, and another user came up with a similiar issue under Gentoo GNU/Linux. The MSN account refused to login, sighting the following SSL Certificate related error in a popup:

Code:
'The certificate chain presented for contacts.msn.com is not valid.'
Thanks to the kind people in #Pidgin, I managed to find the Debug Window. I must be stupid, of course help -> debug window is a helpful thing, not a 'tool' ^_^. Quick look around the debug window yielded more useful information:

Code:
(21:44:03) gnutls: Attempting to load X.509 certificate from /usr/home/Terry/.purple/certificates/x509/tls_peers/contacts.msn.com
(21:44:03) certificate/x509/tls_cached: Peer cert did NOT match cached
After being pointed towards the GTE CyberTrust Global Root CA, I managed to find it via google here. A quick move of it into /usr/local/purple/ca-certs/ and bingo. My guess is the old certificate in pidgins folder is outdated, hence the miss match.

MSN works again for the time being, posted in case any other sap gets it.
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote