Important Notice: We're experiencing email notification issues. If you've posted a question in the community forums recently, please check your profile manually for responses while we're working to fix this.

Avatar for Username

Търсене в помощните статии

Избягвайте измамите при поддръжката. Никога няма да ви помолим да се обадите или изпратите SMS на телефонен номер или да споделите лична информация. Моля, докладвайте подозрителна активност на "Докладване за злоупотреба".

Научете повече

Certificate validation on Imaps

  • 1 отговор
  • 0 имат този проблем
  • 4 изгледи
  • Последен отговор от tron2

tron2
tron2
more options

Hi, I'm trying to find out where (in the code) the app checks the server certificate. I consider myself a programmer (thanks Edsger!) but after some browsing I did not find the way in the repo.

The issue is that in my experience, every time the server cert is changed (Imaps, LetsEncrypt) k9 asks me to validate the new cert. And I have 2 things I want to check: -Another user says he is also using K9 and he's never presented with a cert issue on change -I want to see the possibility of directly accepting the new cert iif stored cert is about to expire, new cert comes from the same authority (root CA) and PK is the same.

Any help in this regard is appreciated! -Carlos

Hi, I'm trying to find out where (in the code) the app checks the server certificate. I consider myself a programmer (thanks Edsger!) but after some browsing I did not find the way in the repo. The issue is that in my experience, every time the server cert is changed (Imaps, LetsEncrypt) k9 asks me to validate the new cert. And I have 2 things I want to check: -Another user says he is also using K9 and he's never presented with a cert issue on change -I want to see the possibility of directly accepting the new cert iif stored cert is about to expire, new cert comes from the same authority (root CA) and PK is the same. Any help in this regard is appreciated! -Carlos

Всички отговори (1)

tron2
tron2 Задаващият въпроса
more options

I guess I found the place, and the answer to my dilemma. The code seems to be at mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java and the exception is raised only for not default trusted certs. My phone is old and LetsEncrypt root CA seems not there.

Полезно?

Задаване на въпрос

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.