[Juser] jabber.org certificate and Psi

Peter Saint-Andre stpeter at jabber.org
Fri Dec 22 10:23:45 CST 2006

Maximilian Engelhardt wrote:
> On Fr, 2006-12-22 at 15:12 +0100, Matthias Wimmer wrote:
>> Hal Rottenberg schrieb:
>>> We'd love to help you out at http://forum.psi-im.org.  There's some
>>> config settings to change to prevent the error from happening or to
>>> trust the cert explicitly.
>> Sure you can instruct Psi to ignore the error, but I don't think that 
>> this is an error on Psi's side. It's just that jabber.org currently 
>> (last tested some days ago, I don't think it has changed yet) presents 
>> an invalid certificate (wrong subject).
> I would agree with Matthias here. His explanation about the false domain
> name in the certificate sounds reasonable to me and I also think it
> should be fixed on the server side. I know I can make Psi ignore the
> certificate warning (in fact, as albert corrected me on MUC, it's a
> warning, not an error), but then I would be vulnerable to
> man-in-the-middle attacks.

I'll work to install a corrected certificate today.


Peter Saint-Andre
Jabber Software Foundation

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 7358 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/juser/attachments/20061222/3c2744ec/attachment-0001.bin>

More information about the JUser mailing list