Trac is being migrated to new services! Issues can be found in our new
YouTrack instance and WIKI pages can be found on our
website.
- Timestamp:
-
Nov 24, 2010, 6:14:39 AM (13 years ago)
- Author:
-
John Bailey
- Comment:
-
--
Legend:
- Unmodified
- Added
- Removed
- Modified
-
|
v5
|
v6
|
|
| 1 | 1 | = MSN Certificate Error = |
| 2 | | MSN recently changed the certificate used on some of their servers. This certificate is used to negotiate a secure socket layer (SSL) session, or an encrypted connection, between the client (Windows Live Messenger, Pidgin, etc.) and the server(s). |
| | 2 | MSN recently changed the certificate used on some of their servers. This certificate is used to negotiate a secure socket layer (SSL) session, an encrypted connection, between the client (Windows Live Messenger, Pidgin, etc.) and the server(s). |
| 3 | 3 | |
| 4 | 4 | Unfortunately, not all the servers that are using this new certificate present the correct information to Pidgin for us to validate the certificate properly. Additional wrinkles are that not all omega.contacts.msn.com servers have been migrated to the new certificate, and that some of the servers that have been migrated are also correctly configured. Because of this, given enough attempts, you may actually achieve an occasional successful connection. Most of the time, however, you'll get an error message. |
| … |
… |
|
| 13 | 13 | [[BR]] |
| 14 | 14 | |
| 15 | | == Upgrade to Pidgin 2.7.6 or newer == |
| 16 | | In Pidgin 2.7.6, we began distributing the additional intermediate certificates that some of MSN's servers are not sending us. This will solve the problem for most people. If upgrading doesn't work, wait a few minutes and try connecting again. Also make sure you restarted Pidgin after upgrading! |
| | 15 | == Upgrade to Pidgin 2.7.7 or newer == |
| | 16 | In Pidgin 2.7.6, we began distributing the additional intermediate certificates that some of MSN's servers are not sending us. Although we thought this was enough, after we released 2.7.6 we discovered that some additional work was necessary. To fix that, we released Pidgin 2.7.7 with what we believe to be a complete fix to the problem. |
| 17 | 17 | |
| 18 | 18 | [[BR]] |
| 19 | 19 | |
| 20 | 20 | == If upgrading is not possible == |
| 21 | | If you can't upgrade to Pidgin 2.7.6 or newer, then here's how to fix the problem. This should work for any version of Pidgin from 2.5.0 to 2.7.5, inclusive. |
| | 21 | If you can't upgrade to Pidgin 2.7.7 or newer, then here's how to partially fix the problem. This should work for any version of Pidgin from 2.5.0 to 2.7.5, inclusive, but only if your SSL plugin is Mozilla NSS. (GNUTLS acts differently; this fix does not work for GNUTLS users without the additional changes that went into Pidgin 2.7.7.) |
| 22 | 22 | |
| 23 | | Note that while we verified the certificates we instruct you to download below, there is always a risk involved in downloading certificates, especially ones you have not personally verified, and adding them to your trusted CA store. This is why we strongly recommend upgrading to Pidgin 2.7.6 or newer, as you can be assured you've received the correct copy of certificates by doing so. If you're willing to trust us and take the risk, read on. |
| | 23 | Note that while we verified the certificates we instruct you to download below, there is always a risk involved in downloading certificates, especially ones you have not personally verified, from a website and adding them to your trusted CA store. Ordinarily you should avoid this practice. Instead of following the instructions below, we strongly recommend upgrading to Pidgin 2.7.7 or newer, which include the certificates and other fixes. |
| 24 | 24 | |
| 25 | 25 | === Get the new intermediate certificates === |
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!
