Bug #282

SSL certificates can not be verified due to limited search path

Added by Andrew Savchenko about 1 month ago.

Status:NewStart date:11/03/2017
Priority:NormalDue date:
Assignee:Hiroyuki Yamamoto% Done:

0%

Category:LibSylphSpent time:-
Target version:3.6

Description

Hi,

in the Alt Linux distribution using Sylpheed 3.6.0 I found a problem that server
SSL certificates can't be verified, e.g.:

The SSL certificate of pop.gmail.com cannot be verified by the following
reason:
unable to get local issuer certificate

Subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=pop.gmail.com
Issuer: /C=US/O=Google Inc/CN=Google Internet Authority G2
Issued date: Oct 17 10:18:24 2017 GMT
Expire date: Dec 29 00:00:00 2017 GMT

SHA1 fingerprint: E1:7D:37:37:17:3E:AE:3C:E6:F7:1E:44:1E:F2:BF:0E:93:3A:68:92
MD5 fingerprint: B4:59:E7:91:3A:CE:31:44:27:DA:5C:3D:A6:27:8C:98

This happens because in Alt Linux certificates bundle is located in the
/usr/share/ca-certificates directory and sylpheed searches in the /etc,
/etc/ssl and /etc/ssl/certs.

Proposed patch fixes this problem by adding /usr/share/ca-certificates to the
list of search directories. This patch was accepted by the Alt Linux.

sylpheed-3.6.0-alt-certdir.patch Magnifier (398 Bytes) Andrew Savchenko, 11/03/2017 08:10 PM

Also available in: Atom PDF