Bad certificate chain
rah at settrans.net
Fri Nov 1 22:01:40 GMT 2013
I'm trying to connect to jabber.earth.li using Pidgin. It tells me that
"The certificate for jabber.earth.li could not be validated. The
certificate chain presented is invalid."
There Pidgin bugs that mention not liking certificate chains that
contain certificates signed using md5WithRSAEncryption due to md5 being
Apparently, the certificate chain for jabber.earth.li uses exactly this
algorithm for the CA Cert root certificate:
and it's the root certificate that Pidgin doesn't like:
(21:58:00) certificate: Checking signature chain for uid=CN=jabber.earth.li
(21:58:00) certificate: ...Good signature by CN=CAcert Class 3 Root,OU=http://www.CAcert.org,O=CAcert Inc.
(21:58:00) certificate: ...Bad or missing signature by E=support at cacert.org,CN=CA Cert Signing Authority,OU=http://www.cacert.org,O=Root CA
Chain is INVALID
(21:58:00) certificate: Failed to verify certificate for jabber.earth.li
Is anybody aware of a work-around?
More information about the jabber-users