Bug 174867

Summary: Accept Certificate Forever should accept certificate next time
Product: [Applications] kontact Reporter: Rusty Russell <rusty>
Component: generalAssignee: kdepim bugs <kdepim-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: finex, jk, spammail01
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Ubuntu   
OS: Unspecified   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Rusty Russell 2008-11-11 14:23:05 UTC 
Version:            (using KDE 4.1.2)
Installed from:    Ubuntu Packages

Here's the problem dialog:
===
The server failed the authenticity check (ozlabs.org).

The host name did not match any of the valid hosts for this certificate
The root certificate of the certificate chain is self-signed, and untrusted
===
I hit Continue, then:
===
Would you like to accept this certificate forever without being prompted?
===
I hit "Forever", but I still get this same dialog every time I send mail...

(Side note: the word "forever" in the question above should probably be deleted)
Comment 1 FiNeX 2008-11-11 14:56:08 UTC 
I've had this problem too, but since some days I'm no more able to reproduce this issue in current trunk.
Comment 2 Jeremy Kerr 2009-02-12 06:49:55 UTC 
Same here, using KDE 4.2.0.

This occurs with kmail, konqueror and akregator (In all cases, the server being accessed has a cert signed by a non-trusted CA). Perhaps the bug is in part of the generic KDE SLL infrastructure?
Comment 3 Florian E.J. Fruth 2009-03-05 22:04:23 UTC 
This bug still exists on Debian SID with experimental branch of kde-4.2.1 (kmail 1.11.1).

I encountered the following: it seams that the actual certificate (the one from the mail-server) is trusted. The problem is that the corresponding CA (self-signed root-ca) is still not trusted. Maybe that's why this dialog pops up every time. When I select "Forever" the mail-server certificate gets added to the "~/.kde4/share/config/ksslcertificatemanager" - the rootca doesn't. To clarify this:

root.ca (not trusted, self-signed)
|
\--> mail.root.ca (trusted)
Comment 4 Florian E.J. Fruth 2009-04-21 21:05:11 UTC 
Bug still exists for kde-4.2.2 Debian/SID but I think I can pinpoint this issue a bit further: it seams to only happen on hosts which use SSL for SMTP _and_ POP3. The "Forever" switch seams to work as long as I only use POP3. As soon as I send a mail (with SSL on) I get the certificate warning again. When using POP3 again I get the warning again and so on. But only in cases when I switch between POP3 and SMTP.
Comment 5 Christophe Marin 2011-01-30 13:11:09 UTC 

*** This bug has been marked as a duplicate of bug 233628 ***