On Wed, 1 Apr 2015 23:41:55 +0200 Mickaël Bucas <mbu...@gmail.com> wrote:
> 2015-04-01 19:19 GMT+02:00 Gevisz <gev...@gmail.com>:
Correction:
This question does *not* specifically relates to Gentoo distribution
> > but, as far as I have not subscribed to any other mailing list,
> > I dare to ask it here.
> >
> > So, I am using Claws Mail that downloads e-mails from several
> > google mail accounts (all are mine :) and about once or twice
> > in a month get into the situation when Claws asks me to verify
> > and change the google certificates, first in one direction and
> > soon after that (usually during the next downloading of my e-mails)
> > - in another.
Actually it does it for every gmail account and at different times.
So, yesterday, I "veryfied" google certificates *a lot* of times.
> > The situation is illustrated by the 2 message screenshots that are
> > attached to this e-mail.
> >
> > The strange thing for me is that, first, the Claws asks me to verify
> > and accept a newer certificate complaing that the old one is in some
> > aspect "bad", and soon after that it complains about a newer certificate
> > and asks me to verify and and accept the older one.
> >
> > I suspect that it is google that makes something wrong here.
> >
> > What do you think?
>
> Hi Gevisz
>
> I had a similar behavior with another tools : offlineimap
> It seems that Google changes certificates very often and/or uses
> different certificates on different connections
Probably, but why they do it?
> For offlineimap, the solution is to use an option to check certificates :
> sslcacertfile = /etc/ssl/certs/ca-certificates.crt
>
> Maybe there is an option to do the same in Claws Mail.
> I found "Bug 2199 - Claws doesn't propery verify certification chain"
> [1] which affected a GMail user.
> It's fixed, so you may find what's been done.
>
> Best regards
>
> Mickaël Bucas
>
> [1] http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=2199
Thank you for the link. I will study it later, in the evening.
