Bug #222

Gmail SSL cannot be verified.

Added by Edd Barrett almost 5 years ago. Updated over 2 years ago.

Status:ResolvedStart date:10/17/2014
Priority:NormalDue date:
Assignee:-% Done:


Category:-Spent time:-
Target version:-



I'm running sylpheed-3.4.2 on OpenBSD/amd64. When I set up my gmail account and enter my application-specific IMAP password, I get a warning that gmail's SSL server could not be verified:

The SSL certificate of imap.gmail.com cannot be verified by the following reason:
unable to get local issuer certificate

Subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=imap.gmail.com
Issuer: /C=US/O=Google Inc/CN=Google Internet Authority G2
Issued date: Sep 24 10:09:05 2014 GMT
Expire date: Dec 23 00:00:00 2014 GMT

SHA1 fingerprint: 2B:AB:9D:FE:EC:44:C8:0D:F7:AD:9D:5C:62:81:D1:B9:36:9B:A2:32
MD5 fingerprint: 4E:EF:3F:F0:5E:72:58:42:3D:DB:5A:90:08:E5:8D:0F

Do you accept this certificate?

This makes me very nervous, and I am forced to hit reject.

What I find odd is that my offlineimap config, which connects to the same server, can connect and verify the cert. There I am just using a sslcacertfile option.

Is this a bug in sylpheed, or a misconfiguration, or...?



#1 Updated by Hiroyuki Yamamoto over 4 years ago

It seems that Sylpheed cannot find appropriate SSL certificates.

Sylpheed looks for them by the following order:


(for each directory, the following certs bundle files are checked)

- ca-certificates.crt
- ca-bundle.crt
- ca-root.crt
- certs.crt

If OpenBSD stores certs bundle in another location,
you have to copy or symlink it to ~/.sylpheed-2.0/certs.crt as a workaround.

#2 Updated by Amit Kulkarni almost 3 years ago


Edd committed a patch to fix this issue alongwith Daniel Jakots. Can you please add this patch to Sylpheed SVN?



#3 Updated by Hiroyuki Yamamoto over 2 years ago

  • Status changed from New to Resolved

Fixed in svn r3526. Thanks!

Also available in: Atom PDF