You are not logged in.

Dear visitor, welcome to KDE-Forum.org. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

1

Wednesday, September 15th 2004, 1:05am

[kopete] 0.9.0 jabber+ssl+private cert = broken

Hi,

I have to two problems with 0.9.0 that I'm hoping someone can help me with. First off, I connect to a jabber server inside the company I work for. This server is configured to ONLY allow ssl authenticated connections. When I try to connect with 0.9.0, I get:

"Certificate of server [server name] could not be
validated for account [account name] : The
Certificate Authority is invalid."

I push "continue" and get:

"There was an error authenticating with the server: No
appropriate authentication mechanism available."

The server in question has a self-signed certificate from the company. I have imported this certificate into KDE (via control center --> security --> crypto --> SSL signers) and I have even gone to the trouble to manually add the x509 certificate to /opt/kde3/share/config/ksslcalist. While this works for konqueror and other KDE apps, it DOES NOT work for kopete. This makes kopete pretty much unusable for the primary purpose I use it for: working with co-workers around the world.

A similar problem: I have a jabber account on jabber.org.uk. When I try to connect to this server, I get the same error message about the certificate authority being invalid. However, it connects anyway. I assume it is doing this with the non-ssl login. However, encrypting traffic over the public internet is important to me.

All of this seemed to work just fine with 0.8.4. (BTW: I am using SuSE 9.0 with KDE 3.2.3) Is this just a large bug in kopete, or is there something else I need to do to configure kopete?

The other problem:
in 0.8.4:
enter used to give me a new line
cntrl+enter used to send a message
in 0.9.0:
these are backwards. Changing the shortcuts in settings->configure_shortcuts has NO effect on this behavior. How do I get the old behavior back?

Thanks!

2

Thursday, September 16th 2004, 10:59am

Login problem resolved

So, it seems that there may have actually been a bug in kopete 0.8.4 and earlier that is now fixed in 0.9.0...

First off, you can ignore warnings about not being able to validate ssl certificates. You'll get these errors connecting to any jabber server using a self-signed certificate. Since getting a certificate signed by a recognized signature authority costs money, and most jabber servers are set up by volunteers, you'll need to ignore these warnings with most servers. When the warning pops up, there's a check box that will cause kopete to ignore this error.

As for not being able to log in to our internal jabber server, in 0.8.4, I had "Allow plain-text password authentication" turned OFF. This worked in 0.8.4 and earlier versions of kopete. However, it does NOT work in 0.9.0. However, once I enabled plain text passwords in 0.9.0, I was able to log in. I can only figure that prior to 0.8.4, kopete was falling back to plain text even if you told it not to. Now that this is fixed in 0.9.0, my incorrect account settings stopped working.

3

Thursday, September 16th 2004, 11:39am

Fix for using control-enter to send messages

So, I found where to configure the old behavior of kopete 0.8.4 to use control-ener to send messages rather than just enter:

In under Settings-->Configure Shortcuts you can set "Send Message" to control-enter. However, you must do this inside a chat window. If you try and configure shortcuts in the contact list, only the shortcuts for the contact list will show up, and "Send Message" will not be there.

4

Thursday, December 2nd 2004, 5:56pm

I have the same certificate problem, with a difference. I also want to setup a corporate server, but in this case we have created a self signed root CA using OpenSSL tools. We distribute and install this root CA in all our computers, so we are able issue certificates for our servers using our root CA.

We have this working with web servers and Konqueror (after including the root CA in the KDE certificate store), so I don't understand why Kopete doesn't behave the same way. Why doesn't Kopete use the same libraries/package/whatever that Konqueror or the rest of KDE uses to stablish TLS/SSL connections?

Kopete seems to ignore the KDE root CA store, so I would bet that Kopete would also fail if any of those certificates were signed by recognized certification authorities. Just ignoring the warning is not a solution for me, as this implies that there is no trust chain checking and this breaks the whole trust environment you try to create using SSL certificates.

Best regards
Jose