GNOME Bugzilla – Bug 494418
Certificate validation errors are not displayed to the user
Last modified: 2010-08-11 10:04:21 UTC
Please describe the problem: While seeing if #359574 was still present in Evolution, I discovered that Evolution did not display any kind of indication that the certificate presented by the web server did not verify. Steps to reproduce: Actual results: Expected results: Evolution *MUST* not talk to a web server if its certificate fails to validate. That is, the certificate must: * not have a valid until date earlier than the current date * not have a valid from date later than the current date * not present a host name (in the CN or dnsname attributes) that does not match the host name that Evolution connected to * be possible to create a chain of trust from the CA certificates known to NSS to the certificate presented. * probably some other stuff... Does this happen every time? Other information:
To clarify for future readers, this bug appears to be about HTTP access to calendars. SSL/TLS for mail servers uses a different mechanism. Evolution is actually relying on the default behavior of libsoup. See bug 543455.
This can be blocked on bug 600447 now.
Bug 600447 is WONTFIX, hence this is WONTFIX too...