Re: "Unable to validate certificate"

2018-01-10 Thread Eion Robb
Hi Phil, Pidgin on Windows stores ca-certs in the C:\Program Files (x86)\Pidgin\ca-certs folder, as this is where the libnss plugin loads them from. Cheers, Eion On 11 January 2018 at 12:26, Phil Smith III wrote: > Alex Oren write: > >OK, found it: >

Re: "Unable to validate certificate"

2018-01-10 Thread Phil Smith III
Alex Oren write: >OK, found it: >https://pki.goog/roots.pem OK. I know a moderate amount about certs; what trust store does Pidgin use on Windows? Mind you, the messages have stopped, so maybe it's using the Windows trust store and that got updated...

Re: "Unable to validate certificate"

2018-01-10 Thread Dave Warren
Fair enough, thanks. This causes issues in companies using certificates signed by their internal (private) root. There are ways to work around the issue, of course, but it adds more hoops to jump through. On 2018-01-10 14:48, Eion Robb wrote: I made an attempt at loading certs from the

Re: "Unable to validate certificate"

2018-01-10 Thread Eion Robb
I made an attempt at loading certs from the Windows store, however its not possible to do this in libpurple without also using the win32 SSL/TLS system - certificates and SSL/TLS transports are tied together. Unfortunately a lot of protocols had issues when going via Window's stunnel SSL libraries

Re: "Unable to validate certificate"

2018-01-10 Thread pidgin
On 2018-01-10 1:16 PM, Dave Warren wrote: Is there any particular reason that pidgin doesn't use the existing Windows certificate store? This would seem to alleviate the need to juggle with certificates manually. Or did I miss part of the plot here? Probably because Pidgin is not a

Re: "Unable to validate certificate"

2018-01-10 Thread Dave Warren
ailto:pid...@alexoren.com> [mailto:pid...@alexoren.com <mailto:pid...@alexoren.com>] Sent: Friday, January 05, 2018 5:27 PM To: Phil Smith III <phs3st...@cox.net <mailto:phs3st...@cox.net>>; Pidgin <support@pidgin.im <mailto:support@pidgin.im>> Subject: Re: &quo

Re: "Unable to validate certificate"

2018-01-09 Thread Alex Oren
On 2018-01-09 6:04 PM, Eion Robb wrote: Yes, we did that for the G2 intermediate cert as part of the windows installer.  For the G3 cert, we also need to add the Google Trust Services root CA to Pidgin (on top of the intermediate G3 cert) OK, found it: https://pki.goog/roots.pem

Re: "Unable to validate certificate"

2018-01-09 Thread Eion Robb
Hi Alex, Yes, we did that for the G2 intermediate cert as part of the windows installer. For the G3 cert, we also need to add the Google Trust Services root CA to Pidgin (on top of the intermediate G3 cert) Cheers, Eion On 8 January 2018 at 15:30, Alex Oren wrote: > On

Re: "Unable to validate certificate"

2018-01-07 Thread Alex Oren
On 2018-01-07 3:36 PM, Eion Robb wrote: https://textslashplain.com/2017/10/23/google-internet-authority-g3/ has some info about the new Root CA and Intermediate CA certs that Google are rolling out.  On Pidgin on Windows we don't include the new "Google Trust Services" ca-cert, so it'll keep

Re: "Unable to validate certificate"

2018-01-07 Thread Eion Robb
[mailto:pid...@alexoren.com] > Sent: Friday, January 05, 2018 5:27 PM > To: Phil Smith III <phs3st...@cox.net>; Pidgin <support@pidgin.im> > Subject: Re: "Unable to validate certificate" > > I am still getting those popups. > > Why wouldn't Pidgin rememb

RE: "Unable to validate certificate"

2018-01-06 Thread Phil Smith III
3st...@cox.net>; Pidgin <support@pidgin.im> Subject: Re: "Unable to validate certificate" I am still getting those popups. Why wouldn't Pidgin remember the accepted certificate? On 05/01/2018 10:04 PM, Phil Smith III wrote: > Saw that, but it *seems* slightly different. > >

Re: "Unable to validate certificate"

2018-01-05 Thread Wade Smart
ry 05, 2018 2:57 PM >> To: phs3stuff <phs3st...@cox.net>; support@pidgin.im >> Subject: Re: "Unable to validate certificate" >> >> Similar issue here: >> >> The certificate for 0.client-channel.google.com could not be >> validated. >>

Re: "Unable to validate certificate"

2018-01-05 Thread pidgin
upport@pidgin.im Subject: Re: "Unable to validate certificate" Similar issue here: The certificate for 0.client-channel.google.com could not be validated. The certificate is not trusted because no certificate that can verify it is currently trusted. There's an issue on

RE: "Unable to validate certificate"

2018-01-05 Thread Phil Smith III
? -Original Message- From: pid...@alexoren.com [mailto:pid...@alexoren.com] Sent: Friday, January 05, 2018 2:57 PM To: phs3stuff <phs3st...@cox.net>; support@pidgin.im Subject: Re: "Unable to validate certificate" Similar issue here: The certificate for 0.client-channel.

Re: "Unable to validate certificate"

2018-01-05 Thread pidgin
Similar issue here: The certificate for 0.client-channel.google.com could not be validated. The certificate is not trusted because no certificate that can verify it is currently trusted. There's an issue on Bitbucket: