Bug 94301

Summary: use central KDE certificate management
Product: [Unmaintained] kopete Reporter: Jose Gonzalez Gomez <jgonzalez.openinput>
Component: libkopeteAssignee: Kopete Developers <kopete-bugs-null>
Status: RESOLVED UNMAINTAINED    
Severity: wishlist CC: greg_g, m.debruijne, quazgar, wstephenson
Priority: NOR    
Version First Reported In: 0.40.0   
Target Milestone: ---   
Platform: Gentoo Packages   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Jose Gonzalez Gomez 2004-12-02 23:22:21 UTC 
Version:           0.9.1 (using KDE KDE 3.3.1)
Installed from:    Gentoo Packages
Compiler:          gcc-3.3.4, glibc-2.3.4.20040808-r1 
OS:                Linux

Kopete doesn't seem to be using the root CA configured in KDE (security -> crypto -> SSL signers)

I have installed and configured a corporate Jabber server (JabberD), and have activated the use of SSL, using our own root CA, and a server certificate signed by that root CA. This setup is working properly, and we have tested it with Konqueror after adding our root certificate to the KDE SSL signers.

When Kopete connects to the server, we get an error saying the following:

Certificate of server [server name] could not be validated for account [account name] : The Certificate Authority is invalid

So Kopete seems to be ignoring the KDE SSL signers store. In my investigations I have found that Kopete relies on app-crypt/qca-tls for the TLS/SSL part, but I have found little information about this library. I have also found that I'm not the only one with this problem:

http://www.kde-forum.org/viewtopic.php?t=3676&start=0&postdays=0&postorder=asc&highlight=

As you can see in this forum, the problem happens also with self signed certificates although you add it to the KDE SSL signers. So this seems to be a bug or missing feature in Kopete (although I don't understand why somebody would include SSL support without trust chain checking).
Comment 1 Matt Rogers 2005-01-28 07:51:25 UTC 
need to revisit for KDE 4
Comment 2 Will Stephenson 2005-03-02 08:47:26 UTC 
This is also the case for Groupwise, and any other protocol using SSL.  We'll have to have a rethink for KDE4 as Matt said.
Comment 3 quazgar 2010-01-06 00:45:12 UTC 
Can new CA certificates be added at all in KDE4?  See also http://forum.kde.org/viewtopic.php?f=18&t=82926
Comment 4 quazgar 2010-01-06 00:46:08 UTC 
PS: This bug might be related to bug #210356
Comment 5 Christoph Cullmann 2024-09-18 18:28:02 UTC 
Dear user, unfortunately Kopete is no longer maintained.

Please migrate to another solution, e.g. for Jabber a possibility is Kaidan, for Matrix a candidate is NeoChat.