The corporate email is accessible from the local network only and there is not strong need in the correct certificate (well, it's not what I can change, anyway). Every time I run KMail (usually, once a day, just after boot up), it warns me about certificate issue, and asks if I want to remember exception [Forever] or [For current session only]. I every time click [Forever], but the next time it is asked again. Could it be so that I misunderstand the meaning of this option?... Reproducible: Always Steps to Reproduce: 1. Boot into KDE, then Run KMail; 2. Click [Check Mail] 3. Get Certificate warning, with options to Proceed or Cancel; 4. After clicking [Proceed], it offers to remember exception Forever or For current session only; Click [Forever]. 5. Reboot your PC and try to get Email. Actual Results: Certificate warning appears again, asking to confirm the exception. Expected Results: I expect [Forever] option to remember my choice at least until the next major KDE upgrade, which might require me to cleanup ~/.kde directory..
"Get Certificate warning," ?:) I don't know how to have a certificate warning :)
Created attachment 74859 [details] Where is tells about the failure
Created attachment 74860 [details] Where it offers to accept it forever
Attached couple of screenshots. I'm not sure it is exactly about certificate, but I can definitely see the option <Forever>, which seem to have effect for the current session only. Another notice: the same warning (with the same options) appears when I first time try to send a message (separate check on SMTP?)
(In reply to Laurent Montel from comment #1) > "Get Certificate warning," ?:) > I don't know how to have a certificate warning :) If you have a self-signed certificate. See bug 233628 which claims to have this fixed in kio but I still have the problem with mail form KDE 4.14
I can confirm this behaviour also with a self signed certificate.
Confirming the issue with self-signed cert and kdepim 4.14.2 (debian/sid)
Let me add that I am having the same issue for a certificate that was signed by CACert.org and kdepim 4.14.2 (debian/sid). I was able to sort of "fix" this by manually importing that cert's CACert root certificate into the KDE cert store via "System Settings"-->"Network and Connections"-->"SSL Settings". I still get some messages about aborted IMAP operations now and then, which I can simply retry and it usually works, but the certificate requester does not show any longer for this certificate.
This is the case here under Arch Linux with certificates that do not match the domain but I have certified as acceptable. This is with version 5.0.3. My KMail version 4. 4.14.10 does not show this when connecting to the same services
I should add that this happens every time KMail checks mail, not just once a session.
This is not solved, right? I've been using Thunderbird for the past 2-3 years, because this certificate issue was very annoying. -- Now with Ubuntu 16.04 I wanted to switch back to KDE PIM (Kontact, akonadi, kmail, ...). Is there any solution or workaround? Situation: I am using my own imap/caldav server with self signed certificates / my own root ca. So my thought was to import the root ca into kleopatra and never ever receive any warnings concerning unknown/self signed certs again... Unfortunately, this remains a wish until today. Kontact / KMail 5.1.3 While I am not able to help with programming, I am willing to share debug information.
Hi Nik, (In reply to nik.knatterton from comment #11) > This is not solved, right? > [...] > I've been using Thunderbird for the past 2-3 years, because this certificate > issue was very annoying. -- Now with Ubuntu 16.04 I wanted to switch back to > KDE PIM (Kontact, akonadi, kmail, ...). > Is there any solution or workaround? > [...] Try importing the certificate manually via System Settings / Network / Settings / SSL. You might need to log out from and back into Plasma.
Hi Christian, thank you for the hint. In fact, I've tried that. Which leads to another bug (in my eyes): I click on "add", select the cert. It appears in the list as a "user certificate" (Benutzerzertifikate). Then I click on "apply". Once the window is closed and reopened, the cert has vanished again. :( Cheers Nik
Thanks for the hint. For me, importing the certificate worked. It appears properly under "User-added certificates". Debian Stable. However, I will have to see over the next couple of days, if the message dialogue indeed does not appear anymore.
What is the correct path where kde stores the user added certificates? Can the root ca cert simply be placed in that directory?