merge 561918 563253 thanks Hi,
I've got exactly the same problem here with Evolution 2.28 and my Googlemail-Account. It is caused by bug #561918 [1]. You should check my message there. Cheers Alexander Kurtz [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561918 Am Freitag, den 01.01.2010, 13:28 +0000 schrieb Sam Morris: > Package: libnss3-1d > Version: 3.12.5-1 > Severity: grave > Justification: renders package unusable > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Since upgrading libnss3-1d to 3.12.5, I have been unable to connect to my > company's email server. Evolution gives me this dialog: > > SSL Certificate check for imap.example.com: > > Issuer: serialNumber=88888888,CN=Go Daddy Secure Certification > Authority,OU=http://certificates.godaddy.com/repository,O="GoDaddy.com, > Inc.",L=Scottsdale,ST=Arizona,C=US > Subject: CN=*.example.com,OU=Domain Control > Validated,O=*.example.com > Fingerprint: ec:cf:43:7f:87:84:f0:63:ec:b4:5d:60:e5:7e:6b:23 > Signature: BAD > > No problem with iceweasel, thunderbird, etc. but they don't appear to use the > split-out package of NSS. > > I reported the same bug against gnutls, #563127. The maintainer found that > gnutls refused to accept the certificate because it was issues by a "V1 CA". > Sadly I'm no X.509 expert so I don't know what that really means. The > certificate in question was issued in April 2009, so it's not exactly ancient. > > Please tell me if you'd like the server address to debug this further > yourself, > or whether there are any command line utilities for NSS that I can use as the > equivalent of gnutls-bin/'openssl s_client' to debug further. > > Because this coincides with the upgrade from 3.12.4 to 3.12.5 I am assuming > that NSS made a similar policy change to GnuTLS, to stop trusting V1 CAs. If > this is the kind of thing that a user of NSS can override, please let me know > and I'll forward that information to the (evolution) upstream bug at > <https://bugzilla.gnome.org/show_bug.cgi?id=605773>. > > - -- System Information: > Debian Release: squeeze/sid > APT prefers testing > APT policy: (430, 'testing'), (420, 'unstable'), (410, 'experimental') > Architecture: amd64 (x86_64) > > Kernel: Linux 2.6.32-trunk-amd64 (SMP w/4 CPU cores) > Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) > Shell: /bin/sh linked to /bin/dash > > Versions of packages libnss3-1d depends on: > ii dpkg 1.15.5.4 Debian package management system > ii libc6 2.10.2-2 GNU C Library: Shared libraries > ii libnspr4-0d 4.8.2-1 NetScape Portable Runtime Library > ii libsqlite3-0 3.6.21-2 SQLite 3 shared library > ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime > > libnss3-1d recommends no packages. > > libnss3-1d suggests no packages. > > - -- no debconf information > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > > iEYEARECAAYFAks9+IoACgkQshl/216gEHgbmgCg4/dEMui2RE3t+GgVJ9je7ouJ > AB0AmgOjth0/Cy2emJ/RkhIl56IzQ0Ec > =kMHW > -----END PGP SIGNATURE----- > > >
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
