https://bugs.kde.org/show_bug.cgi?id=312550 Dawit Alemayehu changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |UNCONFIRMED Ever confirmed|1 |0 --- Comment #18 from Dawit Alemayehu --- (In reply to comment #17) > Since Firefox and Chromium don't complain about the certificate, just KDE > apps (Kopete, Akonadi and Konqueror) I think it's unlikely that it's a > problem with the system certificates. Yes, it is, but do not take my word for it. You can test this for yourself. 1.) Get the Mozilla certificate bundle (cacert.pem) from curl site: http://curl.haxx.se/docs/caextract.html or any other place you want. 2.) ALT+F2 and type "SSL" and select SSL Preferences from the list to launch the SSL certificate management dialog. 3.) Click on "Add" and choose the certificate bundle from Mozilla and press OK. 4.) Visit the site reported in this report again and see if any SSL errors are reported. I guarantee you that the SSL errors will no longer be there. And if you check the SSL preferences dialog you would see that 5 new certificates are imported as the result of the process I outline above. If you disable the Versign certificate under the "User-added certificates" section, you can disable/remove that certificate and see if the error returns or not for yourself. As far as the site listed in comment #12, you get SSL warnings in both Chromium and Firefox so that certificate is not a trusted one. Anyhow, missing certificates are the cause for the warning shown here. And on my system at least that is most certainly due to "ca-certificates 20130906-1" not containing all the certificates that are in Mozilla's bundle. > I tried to investigate what could be prompting KDE (or Qt, I don't know) to > reject that certificate, but I don't know much about SSL/TSL and it turns > out that it is more complicated than I thought, so it was taking much more > time than I have and I had to stop. > > I did found out that it's a cross-certificate. I's certificate 1b here: > > http://stackoverflow.com/questions/10682863/how-does-it-work-found-one-ssl- > certificate-two-different-chains-and-two-differe > > Given that it's not a trivial certificate, and that there's bug 162485 (KDE > 4 SSL Certificate support incomplete), I'm more inclined to think that it's > a bug in KDE or Qt. That is simply not correct. > Perhaps this bug should depend on bug #162485. That is a very old bug report that is not applicable today for the reasons I stated in my previous comment. KDE no longer installs its own certificate bundle. Instead it relies on Qt and the certificate bundles it uses. Perhaps Qt's implementation was deficient when that bug report was opened, but that is most certainly not the case now. As a result the bug report itself has already been addressed and should have been closed. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ Konq-bugs mailing list Konq-bugs@kde.org https://mail.kde.org/mailman/listinfo/konq-bugs