QtMoko v48 neofreerunner

Neil Jerram neil at ossau.homelinux.net
Wed Oct 3 01:07:32 CEST 2012 

"dmatthews.org" <mail at dmatthews.org> writes:

> Here's some more smtp debugging - I'm now using the mail.inbox.lv server which supports unencrypted and TLS access
>
> Trying port 587 with TLS:-
>
> Sep 24 20:01:37 neo Qtopia: 250-STARTTLS^M
> Sep 24 20:01:37 neo Qtopia: 250-AUTH LOGIN PLAIN^M
> Sep 24 20:01:37 neo Qtopia: 250-ENHANCEDSTATUSCODES^M
> Sep 24 20:01:37 neo Qtopia: 250-8BITMIME^M
> Sep 24 20:01:37 neo Qtopia: 250 DSN" 
> Sep 24 20:01:37 neo Qtopia: SMTP :  StartTLS: sent: STARTTLS 
> Sep 24 20:01:37 neo Qtopia: SMTP :  response: "220 2.0.0 Ready to start TLS" 
> Sep 24 20:01:38 neo Qtopia: Encrypted connect warnings: "'The root certificate of the certificate chain is self-signed, and untrusted'" 
> Sep 24 20:01:38 neo Qtopia: SMTP :  Closed connection 
> Sep 24 20:01:38 neo Qtopia: socketError: 13 : "The root certificate of the certificate chain is self-signed, and untrusted" 

Hi David,

I was just looking again at your reports about SMTP.  I think there are
several different factors for the different cases, and I haven't
understood most of them yet.  But I wonder if one relevant factor, for
some of the "untrusted" cases, is that the QtMoko v48 rootfs doesn't
include any CA certificates.

I suddenly remembered that I also get lots of SSL error popups when
using Arora.  But after doing an "apt-get install ca-certificates", I
don't see those anymore, so presumably they were caused by the lack of
any CA certificates.

Also an odd thing about about those popups is that they don't indicate
the actual problem, i.e. that the root certificate is untrusted.
Instead they typically just say

  No Error
  No Error
  No Error

:-)

That could just be an Arora-specific problem, but it could be a more
general problem with how certificate-related errors are propagated up
through Qt.

Anyway, you may like to:

- try "apt-get install ca-certificates", restart QtMoko, and see if any
  of your SMTP cases succeed after that

- see if your working v35 rootfs has CA certificates in it (at
  /etc/ssl/certs).

Regards,
        Neil

More information about the community mailing list