Bad certificate chain

Bob Ham rah at
Fri Nov 1 22:01:40 GMT 2013

Hi there,

I'm trying to connect to using Pidgin.  It tells me that

  "The certificate for could not be validated. The
  certificate chain presented is invalid."

There Pidgin bugs that mention not liking certificate chains that
contain certificates signed using md5WithRSAEncryption due to md5 being

Apparently, the certificate chain for uses exactly this
algorithm for the CA Cert root certificate:

and it's the root certificate that Pidgin doesn't like:

(21:58:00) certificate: Checking signature chain for
(21:58:00) certificate: ...Good signature by CN=CAcert Class 3 Root,OU=,O=CAcert Inc.
(21:58:00) certificate: ...Bad or missing signature by E=support at,CN=CA Cert Signing Authority,OU=,O=Root CA
Chain is INVALID
(21:58:00) certificate: Failed to verify certificate for

Is anybody aware of a work-around?


Bob Ham

More information about the jabber-users mailing list