sslcertificatelibpurple

Error "SSL peer presented an invalid certificate" on libpurple based connection attempt on ARM


I am using libpurple (libpurple.com) for developing a chat application. Everything works fine on x86 processor (Desktop)

However, the same code when run on the ARM (iMx Freescale) processor shows error :

"SSL peer presented an invalid certificate", while logging in.

I am using the Ubuntu OS. All the packages seems to be present for the ARM processor just like in the x86 machine. (including gnutls dev package)

Any clues would be appreciated...


Solution

  • I had posted the question to the pidgin mailing list thus:

    Hi all, I am using libpurple (package- 1:2.10.0-0ubuntu2) for developing a chat application. Everything works fine on x86 processor (Desktop - Ubuntu 11.10)

    However, the same chat application (after cross-compilation) when run on the ARM (iMx Freescale based on Ubuntu 11.10) processor shows error:

    "SSL peer presented an invalid certificate", while logging in.

    --1-- All the packages seems to be present for the ARM target just like in the x86 machine. (including gnutls dev package, as mentioned in FAQ http://developer.pidgin.im/wiki/Installing%20Pidgin#IhaveOpenSSLwhyisntPidginusingit).

    --2-- I have installed the ca-certificates package (updated it to the newest one in the Ubuntu repository for Ubuntu 11.10), using: 'apt-get install ca-certificates'.

    --3-- Also tried copying the contents of "~/.purple/certificates/x509/tls_peers/", from the properly working x86 machine to the target system.

    The SSL error still persists after these. Any help in resolving this issue would be highly appreciated. Thanks & Regards, Roy

    and a certain reply post read:

    -----Original Message----- From: Mark -----er [mailto:ma--@-----nt.net] Sent: Monday, June 11, 2012 8:42 PM To: Roy Samuel (RB--/---4) Cc: support@pidgin.im Subject: Re: Error: SSL peer presented an invalid certificate | running on ARM-ubuntu-11.10

    You could try to figure out why Pidgin thinks the certificate is invalid by running with "pidgin -d" to show lots of debug output (I'm a little surprised the error message you're seeing doesn't already say why it's invalid). The two most likely reasons I can think of are either the clock on your ARM computer is wrong, or Pidgin still can't find the CA certificates.

    On changing the date on the target ARM board to the current date, the error was resolved!