Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't seem to get a self-signed cert fingerprint to be recognized #892

Closed
3 tasks done
ohmantics opened this issue May 17, 2023 · 1 comment · Fixed by #903 · May be fixed by #908
Closed
3 tasks done

Can't seem to get a self-signed cert fingerprint to be recognized #892

ohmantics opened this issue May 17, 2023 · 1 comment · Fixed by #903 · May be fixed by #908

Comments

@ohmantics
Copy link

Prerequisites

  • Tried the most recent nightly build
  • Checked if your issue is already reported.
  • Answered all the questions in this template (Or provide a working crystal ball).

What happened?

Using the Electron app, built locally, I pasted the SHA256 fingerprint of my self-signed server cert into the proper field in the Settings. (Not entirely clear how the fingerprint should be formatted. Does it have colons between bytes or not, etc.?)

I always get a verification error during STARTTLS.

Based on logging I did, options.ignoreCertErrors isn't being set anywhere, so we always raise an exception and bail out of the connection before upgrading completes.

What did you expect to happen?

I expected to be able to use the fingerprint feature to get around a self-signed cert not verifying.

Which Version

  • sieve dfeeac1 + local patches to debug via console logging in the Electron app
  • macOS 12.6.4
  • dovecot 2.3.20_1 in a FreeBSD 13.1 jail
@pavhofman
Copy link
Contributor

I am getting the same issue with the latest released version 0.6.1, on linux, self-signed certificate on the server, SHA1 fingerprint. The app does not get past the button CONTINUE on certificate warning screen, keeps repeating the screen.

This was referenced Oct 5, 2023
Closed
Merged
dxdxdt added a commit to dxdxdt/sieve that referenced this issue Oct 17, 2023
@dxdxdt
Improvements and fixes: thsmi#803 thsmi#892
063b277 
- Add facilities for using custom CA, client certificate and private key
- Use SNI if using custom client certificate and private key
- Fix broken `ignoreCertErrors()`
- Change behaviour of "Forget Password" button ...
  - The button becomes disabled after a click event rather than
    disappearing
  - The button clears both auth password and TLS private key passphrase
- Pressing 'Ctrl + Shift + I' or 'F12' combo launches dev tool
@dxdxdt dxdxdt mentioned this issue Oct 17, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@ohmantics @pavhofman