I recently had an issue with MSN under Pidgin on my 7-Stable system, and another user came up with a similiar issue under Gentoo GNU/Linux. The MSN account refused to login, sighting the following SSL Certificate related error in a popup:
'The certificate chain presented for contacts.msn.com is not valid.'
Thanks to the kind people in #Pidgin, I managed to find the Debug Window. I must be stupid, of course help -> debug window is a helpful thing, not a 'tool' ^_^. Quick look around the debug window yielded more useful information:
(21:44:03) gnutls: Attempting to load X.509 certificate from /usr/home/Terry/.purple/certificates/x509/tls_peers/contacts.msn.com
(21:44:03) certificate/x509/tls_cached: Peer cert did NOT match cached
After being pointed towards the GTE CyberTrust Global Root CA, I managed to find it via google here
. A quick move of it into /usr/local/purple/ca-certs/ and bingo. My guess is the old certificate in pidgins folder is outdated, hence the miss match.
MSN works again for the time being, posted in case any other sap gets it.