Bug 261205

Summary: SSL certificate problem (In relation with Bug: 260265)
Product: [Unmaintained] kdelibs Reporter: Nassos Kourentas <nassos>
Component: generalAssignee: kdelibs bugs <kdelibs-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: adawit, mcguire, wstephenson
Priority: NOR    
Version: 4.5   
Target Milestone: ---   
Platform: openSUSE   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Nassos Kourentas 2010-12-25 07:37:30 UTC 
Version:           4.5 (using KDE 4.5.90) 
OS:                Linux

In relation with Bug: 260265 (https://bugs.kde.org/show_bug.cgi?id=260265), Mr Thomas McGuire (mcguire@kde.org), urged me to report the following issue:

"When I press the button (in kontact/kmail) to check the emails of a pop3 account (via akonadi), in the event of connecting
with a server whose SSL certificate is weak (not valid/safe), the Akonadi resource generates a warning that the server failed the authenticity check, which in turn, leads the user to take the responsibility upon herself whether to accept the certificate (either for the current session, or forever), or decline it altogether...
If the user chooses to accept the provided certificate _forever_, the akonadi
resource will periodically (each and every time it is invoked that is) keep on
complaining about the very same certificate issue, thus, _ignoring_ the
specific user request for the system to accept the (less safe) certificate!

I would like to underline the fact that the above issue is repeated each and
every time that very pop3 account is checked for emails (that is every 1 minute
as that's exactly the time interval I have configured in the corresponding pop3
account's settings, since I constantly receive input via that very channel...).
Thus, it gets extremely irritating to be interrupted on a minutely basis from
whatever else I might be doing :-(

Reproducible: Always

Steps to Reproduce:
Simply attempt to check emails of pop3 account (via akonadi) whose SSL certificate is weak

Actual Results:  
Although the user explicitly confirms that she accepts the weak SSL certificate _forever_, the corresponding weak certificate dialog insists on popping up constantly (each and every time the pop3 account is being checked, that is).

Expected Results:  
The user would expect that, once she has explicitly accepted the weak SSL certificate, the corresponding weak certificate dialog should seize to exist.

Should anyone have any further queries please do not hesitate to contact me.

Thanks in advance,

Nassos
Comment 1 Thomas McGuire 2011-01-13 13:46:20 UTC 
Bug 259987 might be related.
Comment 2 Will Stephenson 2011-02-08 07:35:36 UTC 

*** This bug has been marked as a duplicate of bug 233628 ***