On Sat, Dec 01, 2012 at 04:03:10PM +0100, Carsten Schoenert wrote: > Hello Mike, > > Giacomo and Andre reported there are problems with the libnss3 package > 3.13.6-1. But I don't know there to look into icedove te get the bug. > And I probably believe it's not a icedove related bug. > > Do you have any ideas there to look or what Giacomo and Andre can else > do to track down the problem? > > Maybe to start it's practical to install *-dbg packages and run icedove > in the debugger?
According to an NSS upstream author, one of the changes in 3.14 is that md5 signature of certificates are now rejected. Can you all check whether the certificate on your servers use such signatures? See https://wiki.mozilla.org/CA:MD5and1024 You can check your server certificate with openssl: openssl s_client -connect hostname:587 -starttls < /dev/null | sed -n '/BEGIN/,/END/p' | openssl x509 -text (look for "Signature Algorithm") Mike -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
