353325 – Can't connect to jabber servers with self signed or cacert certificates

Bug 353325 - Can't connect to jabber servers with self signed or cacert certificates

Summary: Can't connect to jabber servers with self signed or cacert certificates

Status:	CONFIRMED

Alias:	None

Product:	telepathy
Classification:	Frameworks and Libraries
Component:	general (show other bugs)
Version:	15.08.2
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	Future
Assignee:	Telepathy Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-09-29 15:32 UTC by Andreas Schneider
Modified:	2017-01-05 11:05 UTC (History)
CC List:	3 users (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Andreas Schneider 2015-09-29 15:32:23 UTC

ktp is not able to connect to jabber server which require PFS, e.g. jabber.ccc.de

https://twitter.com/jabbercccde/status/623052278828822528

Reproducible: Always

Steps to Reproduce:
1. Try to connect to jabber.ccc.de

Actual Results:  
Connection fails

Comment 1 kde-bugs 2015-09-29 22:17:00 UTC

This has nothing to to with PFS. The service got disconnected since a day.
https://twitter.com/jabbercccde/status/648871207962562560
https://twitter.com/jabbercccde/status/648871246411747328

Please wait some time to see if jabber.ccc.de will come backe again or not. Noone knows...

Comment 2 Andreas Schneider 2015-10-01 08:17:28 UTC

New server is up and running, so try yourself ...

Comment 3 Andreas Schneider 2015-12-09 11:09:45 UTC

jabber.ccc.de works just fine with Pidgin but not with KTP, please try yourself ...

Comment 4 Martin Klapetek 2015-12-09 16:58:27 UTC

Can you please try connecting with Empathy and post the results?

Comment 5 Christoph Erhardt 2015-12-30 11:51:11 UTC

I did some testing on Fedora 23.

* Empathy successfully connects to jabber.ccc.de. (Side note: It constantly complains that the CAcert certificate is untrusted - even after I ticked the checkbox "Remember this choice for future connections".)
* KDE Telepathy always fails to connect: "There was a network error, check your connection". There is no warning concerning the certificate.

I'm relatively sure that the issue has nothing to do with forward secrecy. I have a secondary XMPP account on another server that deploys PFS, and KDE Telepathy has no problems connecting to that account. Maybe it's an issue with the untrusted server certificate?

Comment 6 Andreas Schneider 2017-01-05 11:01:18 UTC

Yes, seems to be an issue with CACert certificate.

Comment 7 Andreas Schneider 2017-01-05 11:05:59 UTC

Changing it to confirmed.