Certificate problem

[jjzhuang]

Please see reply to http://bugzilla.zimbra.com/show_bug.cgi?id=15652

[phoenix]

[quote user="friedmar"]Of cause I used https. All Input is correct. Any idea?[/QUOTE]I've moved this post to the correct forum/thread, review this thread for details.

[fisch09]

same for me on OS X in firefox, safari, camino using a self signed cert on the server.
Cheers

Andre

[soxfan]

I'd love to be able to take the Zimbra desktop for a test drive, but I'm running into this same certificate problem. I've tried on both a WinXP machine and a Linux (FC6) box, with the same result. I've read over this thread and also the notes on bug 15652, which mostly discusses this issue under Mac OS X, but I don't see any concrete solution. Does a new bug need to be created for WinXP and/or Linux clients?

[jjzhuang]

Right now this is in a state where I believe it's a real issue since some many people ran into it but I can't reproduce it. Once we manage to reproduce this issue we can fix it. I've just bumped it up to a P1 and will try to address this soon.
BTW, if anyone on the thread can volunteer to setup a test account on a server with this issue, please send a private email to jjzhuang@zimbra.com. Thanks!

[jjzhuang]

This issue has been verified and fixed. We will provide a patch release with a few key fixes including this one. No date yet but should be soon.
The problem was caused by the fact that our existing code only allows a single certificate in chain when dealing with untrusted certificates. The fix adds support for more than one.
Currently in alpha release state we make zdesktop accept untrusted certificates by default. If this is undesirable, set the key ssl_allow_untrusted_certs=false in localconfig.xml. Of course this is not ideal. We will implement a user-interactive acceptance mechanism in a later release.

[jjzhuang]

Most likely it will be next week. Thanks!