Important Notice: We're experiencing email notification issues. If you've posted a question in the community forums recently, please check your profile manually for responses while we're working to fix this.

Avatar for Username

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Certificate validation on Imaps

  • 1 reply
  • 0 have this problem
  • 4 views
  • Paskiausią atsakymą parašė tron2

tron2
tron2
more options

Hi, I'm trying to find out where (in the code) the app checks the server certificate. I consider myself a programmer (thanks Edsger!) but after some browsing I did not find the way in the repo.

The issue is that in my experience, every time the server cert is changed (Imaps, LetsEncrypt) k9 asks me to validate the new cert. And I have 2 things I want to check: -Another user says he is also using K9 and he's never presented with a cert issue on change -I want to see the possibility of directly accepting the new cert iif stored cert is about to expire, new cert comes from the same authority (root CA) and PK is the same.

Any help in this regard is appreciated! -Carlos

Hi, I'm trying to find out where (in the code) the app checks the server certificate. I consider myself a programmer (thanks Edsger!) but after some browsing I did not find the way in the repo. The issue is that in my experience, every time the server cert is changed (Imaps, LetsEncrypt) k9 asks me to validate the new cert. And I have 2 things I want to check: -Another user says he is also using K9 and he's never presented with a cert issue on change -I want to see the possibility of directly accepting the new cert iif stored cert is about to expire, new cert comes from the same authority (root CA) and PK is the same. Any help in this regard is appreciated! -Carlos

All Replies (1)

tron2
tron2 Klausimą uždavęs asmuo
more options

I guess I found the place, and the answer to my dilemma. The code seems to be at mail/common/src/main/java/com/fsck/k9/mail/ssl/TrustManagerFactory.java and the exception is raised only for not default trusted certs. My phone is old and LetsEncrypt root CA seems not there.

Helpful?

Užduoti klausimą

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.