Page 13 of 47 FirstFirst ... 38910111213141516171823 ... LastLast
Results 241 to 260 of 923
Like Tree236Likes
  1. #241  
    Here is another one, I wonder why the whole trustchain is not working correctly. Usually those servercert changes are common and are not a problem as long the cerchain to the CA is correct. Shouldn't we just add the new geotrust CA cert and google G2 cert to the trusted CAs folder on device instead of adding them in certmanager and shouldn't bother about the imap certs anymore?

    Mambo eerg Certificate Nr 5:

    Code:
    -----BEGIN CERTIFICATE-----
    MIIEdjCCA16gAwIBAgIIEnxXzw7BqNMwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
    BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
    cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwODA4MTIzMjMwWhcNMTUxMTA2MDAwMDAw
    WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
    TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOaW1h
    cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTJXIB
    MyD47rW3Z2GiCj9AUrbzESDm4i4zzHgEuYAFiEusMU9+CykQ7XaQBdrle4iCmLXV
    oDSRtHHtgOmjv2A4DpTTt5wuyc9efbg/5xPAgQbVVV9O9e8XyIyMaLxbNDn4Lkgy
    9+Vjb7bnaqQJrhAB6DOO4kFxGaV96K4lDu+2ohx4GRSt+xx5UxFflZs9nPqlonKb
    QQmZzoAExN6dbimUPiRAWMULpqrhfeefhpuDb9OGbkZwGJge/0vXBJfXvQlu519y
    4KsdgnxMHBEIz3lvjUl3H+lRy4kD4Lkvc5yj9fq+a0fak2GDqyqtKqdqKjffVMSk
    bQdPZtEcKDGPKnEhAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
    KwYBBQUHAwIwGQYDVR0RBBIwEIIOaW1hcC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
    XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
    MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
    A1UdDgQWBBTm7SXsqTNaRrJF/cAo1sQDcEvNoTAMBgNVHRMBAf8EAjAAMB8GA1Ud
    IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW
    eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB
    RzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBn8ykxJossVT887b/CihQ9aGV6fRWm
    MeiRRYXTzh99cH62q3YZjp0iohToI5ZF2Vwgab2OmQt/FmtMIKRRTYTskF1kB7cv
    Ye/xZzJMPBwLllk4c8983QFPpIMbnnA6jPhbglYvxPGzqS9OkO/WU4l31fb08lNr
    oylG3nmc3l/ikdwX66TO0eTCCqWj+fNc4azftjnV6nhjXDz5qOoGuSRZuiTVzVcc
    xiACW+zWlOBmIW92U9QPBtiORX34v1sD4UjgrklvA0hW9UzWHvTe+qRRVVdHN8fb
    T04SH1IUGCcI2x6zTMAhJ3ecJkqxt/I/SlIOjArG+7J/H6NUD/fH1Nak
    -----END CERTIFICATE-----
    Attached google5imap.pem now as .pem.txr rename to .pem and open it with Certmanager or internals Pro.
    Attached Files Attached Files
    Rnp, frantid and gsfx like this.
  2. #242  
    Quote Originally Posted by gizmo21 View Post
    Here is another one, I wonder why the whole trustchain is not working correctly. Usually those servercert changes are common and are not a problem as long the cerchain to the CA is correct. Shouldn't we just add the new geotrust CA cert and google G2 cert to the trusted CAs folder on device instead of adding them in certmanager and shouldn't bother about the imap certs anymore?
    While I do understand that Google feels lonely and wants some extra 'special time' with me in our regular certificate ritual...yeah, we need a more permanent solution. This is getting out of hand.

    On the other hand, I do like the irony that Google has trust issues, since I don't really trust Google either
    TJs11thPre, Rnp and blk like this.
  3. #243  
    Quote Originally Posted by gizmo21 View Post
    Here is another one, I wonder why the whole trustchain is not working correctly. Usually those servercert changes are common and are not a problem as long the cerchain to the CA is correct. Shouldn't we just add the new geotrust CA cert and google G2 cert to the trusted CAs folder on device instead of adding them in certmanager and shouldn't bother about the imap certs anymore?
    Code:
    -----BEGIN CERTIFICATE-----
    MIIEdjCCA16gAwIBAgIIEnxXzw7BqNMwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
    BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
    cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwODA4MTIzMjMwWhcNMTUxMTA2MDAwMDAw
    WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
    TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOaW1h
    cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTJXIB
    MyD47rW3Z2GiCj9AUrbzESDm4i4zzHgEuYAFiEusMU9+CykQ7XaQBdrle4iCmLXV
    oDSRtHHtgOmjv2A4DpTTt5wuyc9efbg/5xPAgQbVVV9O9e8XyIyMaLxbNDn4Lkgy
    9+Vjb7bnaqQJrhAB6DOO4kFxGaV96K4lDu+2ohx4GRSt+xx5UxFflZs9nPqlonKb
    QQmZzoAExN6dbimUPiRAWMULpqrhfeefhpuDb9OGbkZwGJge/0vXBJfXvQlu519y
    4KsdgnxMHBEIz3lvjUl3H+lRy4kD4Lkvc5yj9fq+a0fak2GDqyqtKqdqKjffVMSk
    bQdPZtEcKDGPKnEhAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
    KwYBBQUHAwIwGQYDVR0RBBIwEIIOaW1hcC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
    XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
    MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
    A1UdDgQWBBTm7SXsqTNaRrJF/cAo1sQDcEvNoTAMBgNVHRMBAf8EAjAAMB8GA1Ud
    IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW
    eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB
    RzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBn8ykxJossVT887b/CihQ9aGV6fRWm
    MeiRRYXTzh99cH62q3YZjp0iohToI5ZF2Vwgab2OmQt/FmtMIKRRTYTskF1kB7cv
    Ye/xZzJMPBwLllk4c8983QFPpIMbnnA6jPhbglYvxPGzqS9OkO/WU4l31fb08lNr
    oylG3nmc3l/ikdwX66TO0eTCCqWj+fNc4azftjnV6nhjXDz5qOoGuSRZuiTVzVcc
    xiACW+zWlOBmIW92U9QPBtiORX34v1sD4UjgrklvA0hW9UzWHvTe+qRRVVdHN8fb
    T04SH1IUGCcI2x6zTMAhJ3ecJkqxt/I/SlIOjArG+7J/H6NUD/fH1Nak
    -----END CERTIFICATE-----
    @grabber: Wouldn't a "root certificate update" ipk you done for globalsign, work here too?

    http://m.webosnation.com/globalsign-root-certificate-updater


    * the geotrust root CA is located here, but only as text sadly
    https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1426

    * the intermediate google G2, should be the first one here:
    https://pki.google.com/
    Last edited by gizmo21; 08/09/2015 at 02:19 PM.
    TJs11thPre and Rnp like this.
  4. #244  
    Quote Originally Posted by gizmo21 View Post
    Here is another one, I wonder why the whole trustchain is not working correctly. Usually those servercert changes are common and are not a problem as long the cerchain to the CA is correct. Shouldn't we just add the new geotrust CA cert and google G2 cert to the trusted CAs folder on device instead of adding them in certmanager and shouldn't bother about the imap certs anymore?
    Code:
    -----BEGIN CERTIFICATE-----
    MIIEdjCCA16gAwIBAgIIEnxXzw7BqNMwDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
    BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
    cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwODA4MTIzMjMwWhcNMTUxMTA2MDAwMDAw
    WjBoMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
    TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEXMBUGA1UEAwwOaW1h
    cC5nbWFpbC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTJXIB
    MyD47rW3Z2GiCj9AUrbzESDm4i4zzHgEuYAFiEusMU9+CykQ7XaQBdrle4iCmLXV
    oDSRtHHtgOmjv2A4DpTTt5wuyc9efbg/5xPAgQbVVV9O9e8XyIyMaLxbNDn4Lkgy
    9+Vjb7bnaqQJrhAB6DOO4kFxGaV96K4lDu+2ohx4GRSt+xx5UxFflZs9nPqlonKb
    QQmZzoAExN6dbimUPiRAWMULpqrhfeefhpuDb9OGbkZwGJge/0vXBJfXvQlu519y
    4KsdgnxMHBEIz3lvjUl3H+lRy4kD4Lkvc5yj9fq+a0fak2GDqyqtKqdqKjffVMSk
    bQdPZtEcKDGPKnEhAgMBAAGjggFBMIIBPTAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
    KwYBBQUHAwIwGQYDVR0RBBIwEIIOaW1hcC5nbWFpbC5jb20waAYIKwYBBQUHAQEE
    XDBaMCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lBRzIuY3J0
    MCsGCCsGAQUFBzABhh9odHRwOi8vY2xpZW50czEuZ29vZ2xlLmNvbS9vY3NwMB0G
    A1UdDgQWBBTm7SXsqTNaRrJF/cAo1sQDcEvNoTAMBgNVHRMBAf8EAjAAMB8GA1Ud
    IwQYMBaAFErdBhYbvPZotXb1gba7Yhq6WoEvMBcGA1UdIAQQMA4wDAYKKwYBBAHW
    eQIFATAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vcGtpLmdvb2dsZS5jb20vR0lB
    RzIuY3JsMA0GCSqGSIb3DQEBCwUAA4IBAQBn8ykxJossVT887b/CihQ9aGV6fRWm
    MeiRRYXTzh99cH62q3YZjp0iohToI5ZF2Vwgab2OmQt/FmtMIKRRTYTskF1kB7cv
    Ye/xZzJMPBwLllk4c8983QFPpIMbnnA6jPhbglYvxPGzqS9OkO/WU4l31fb08lNr
    oylG3nmc3l/ikdwX66TO0eTCCqWj+fNc4azftjnV6nhjXDz5qOoGuSRZuiTVzVcc
    xiACW+zWlOBmIW92U9QPBtiORX34v1sD4UjgrklvA0hW9UzWHvTe+qRRVVdHN8fb
    T04SH1IUGCcI2x6zTMAhJ3ecJkqxt/I/SlIOjArG+7J/H6NUD/fH1Nak
    -----END CERTIFICATE-----
    1. Should this particular cert be designated number 5, or is there already a five? Need to keep track of what's installed...

    2. Do these supersede previous certs or is each cert, new or old, necessary as long as the date is valid?

    3. Is Google just using a daily cert randomizer?? Lol

    4. New websites always ask me about trusting a new cert. Can a patch bring this function to the email app?
    Sporting my 13th Pre device, a NOS unlocked ROW Pre3!
  5. #245  
    You could name that 5. or 3rd imap or...

    The point is we should not update the last in chain cert *imap.google.com) as it should be trusted automagically by the root ca and intermediate cert (which are google2 google3 pem in the first .zip by grabber i think.)

    perhaps i'll try out grabbers own replacecerts.sh to get those 2 certs to /etc/ssl/certs/trustedcerts.

    @grabber See my updated post above.
  6. #246  
    yes i prefer all things automagical!

    confirming that this "google5" cleared yellow triangles on my Tpad today.

    odd that my Pre2 did not have triangles today, but i'm installing cert anyway.
    Sporting my 13th Pre device, a NOS unlocked ROW Pre3!
  7. #247  
    hhm tried the adding of the 2 CA certs via internalz pro and deleting all 5 certs in the certmanager, rebooted.

    But it failed to get the imap cert trusted on his own (=automagically). Don't know why right now, so i added only the 5th one (imap ...fb081Nr) and it worked. So no automatic trustchain working for me right now.
  8. #248  
    Quote Originally Posted by CvvB View Post
    My gmail stopped working today. Digging around, I found three more certificates. I am attaching them here just in case someone was looking for some new certificates.
    As I've done before, I downloaded and unzipped these three new .pem files from Post #230 onto my pc, emailed them as attchments to myself and my wife, then opened and trusted the certificates which is the way I've done the previous ones. Unlike the previous certificates updated here earlier in this thread, no love this time; it did not correct the invalid certificate problem and no gmail sync. So then I saved them from my email (they went automatically into media/internals/downloads) and I opened and trusted them from there using Internalz, and still no effect.

    I knew that the earlier certificate updates had been way too easy so far and was waiting for this to bite me in the **** at some point :-(

    Is there a step I'm missing? Do I need to sideload these rather than save them from email attachment? Do I need to move them to a different folder before opening and trusting? Do I need to delete any of the other certificates before opening and trusting these?

    Help please.
  9. #249  
    Hello again, another day, another new certificate for the TP and the Pre3, working once again.

    Thanks, guys!
  10. #250  
    Quote Originally Posted by gizmo21 View Post
    Any news on 1.4.5 cert updates (have a request in german forum) ?

    Or are 1.x devices considered offline now?
    I haven't seen any updates yet on 1.4.5 version. Both Yahoo and Gmail don't work with IMAP. I have Yahoo POP3 working for incoming, but not outgoing. Gmail is working for outgoing, but not incoming. WTF.

    I am going to try out all these certificates on Palm Pre one more time. And see if anything gets going.

    Thanks.
    Sent via HP TouchPad using Forums
  11. #251  
    Quote Originally Posted by TJs11thPre View Post
    yes i prefer all things automagical!

    confirming that this "google5" cleared yellow triangles on my Tpad today.

    odd that my Pre2 did not have triangles today, but i'm installing cert anyway.
    TJ:

    Is the "google5" you are you talking about the three .pem files in CvvB's Post #230, or another certificate that hasn't been posted as an attachment?

    Please advise.

    Thanks in advance!
  12. #252  
    For the record, you don't even need the Google internet authority cert or the geotrust cert, just the IMAP.gmail.com cert. the existing ones in webOS are fine. I don't know why we have to keep updating the IMAP cert, but I'm starting to suspect it's because of the old pre-installed cert, which webOS falls back to as the trusted cert when they update it on the server. I'm going to try to test my theory when I have time.
  13. #253  
    Quote Originally Posted by palmpre06062009 View Post
    I haven't seen any updates yet on 1.4.5 version. Both Yahoo and Gmail don't work with IMAP. I have Yahoo POP3 working for incoming, but not outgoing. Gmail is working for outgoing, but not incoming. WTF.



    I am going to try out all these certificates on Palm Pre one more time. And see if anything gets going.



    Thanks.

    Don't bother. They simply won't work on 1.4.5. Anyone try replacing the entire OpenSSL layer on 1.4.5 yet? I kind of wonder if the email client layer, which can is in Java, would need to be modified to make use of SHA256.
  14. #254  
    Quote Originally Posted by Grabber5.0 View Post
    Don't bother. They simply won't work on 1.4.5. Anyone try replacing the entire OpenSSL layer on 1.4.5 yet? I kind of wonder if the email client layer, which can is in Java, would need to be modified to make use of SHA256.
    Matt:

    Did you see my questions above in Post #248 and #250?

    Any help would be appreciated.

    Thanks in advance :-)
  15. #255  
    Matt:

    Did you see my questions above in Post #248 and #250?

    Any help would be appreciated.

    Thanks in advance :-)
    I hadn't done anything with it yet, so I couldn't answer it yet. The cert from post #248 posted by Gizmo is the latest, and replaces all other imap.gmail.com certs. The only way I have gotten the new ones to work is to remove the old one BEFORE I add the new one. I think that may be because removing the old one removes the sym link, and the new cert seems to have the same hash code.

    --Sent from my TouchPad Go using Communities
  16. #256  
    Quote Originally Posted by Grabber5.0 View Post
    I hadn't done anything with it yet, so I couldn't answer it yet. The cert from post #248 posted by Gizmo is the latest, and replaces all other imap.gmail.com certs. The only way I have gotten the new ones to work is to remove the old one BEFORE I add the new one. I think that may be because removing the old one removes the sym link, and the new cert seems to have the same hash code.

    --Sent from my TouchPad Go using Communities
    Pardon my ignorance, but how do I convert Gizmo's certificate code in that post to a .pem file, or is there a way to paste that code somewhere/somehow?

    Thanks in advance
  17. #257  
    https://pivotce.com/2015/03/05/guide-fixing-yahoo-mail/

    7. Open a text editor (notepad will do), paste in the text, then select each block in turn from (and including) the header and footer lines.
    —–BEGIN CERTIFICATE—–
    (data here)
    —–END CERTIFICATE—–

    Paste each block into a new file & save them separately as, “yahoo1.pem”, “yahoo2.pem”, “yahoo3.pem”. Any name will do, but the .pem suffix makes it a certificate file webOS will recognise. If you wish to make backups, the proper description and expiry date might make a good naming scheme.
  18. #258  
    Got it! Thanks!!

    TP back up. Moving on to Pre3 and Veer.

    Appreciate you guys patience and hard work!!
  19. #259  
    Sorry I couldn't reply sooner.

    The cert I've referred to as #5 is in post 241 of this thread, didn't install at first try on the phone itself for me either, when using Internals to change the extension from txt to pem.

    SO - I used windows, opened an existing cert I had saved on the PC, (Google4 in this example) deleted it's text and pasted the text from the quote in the forum, then Save As to name it google5, then move it to the phone through USB. This way the cert triggered the Cert Mgr and I trusted. It cleared the triangle's on my TPad.
    Sporting my 13th Pre device, a NOS unlocked ROW Pre3!
  20. #260  
    Quote Originally Posted by Grabber5.0 View Post
    For the record, you don't even need the Google internet authority cert or the geotrust cert, just the IMAP.gmail.com cert. the existing ones in webOS are fine. I don't know why we have to keep updating the IMAP cert, but I'm starting to suspect it's because of the old pre-installed cert, which webOS falls back to as the trusted cert when they update it on the server. I'm going to try to test my theory when I have time.
    FYI: pretty sure I've deleted the pretrusted files from my pre2 but not my TPad. Today when the tp had triangles, the pre2 did not; it still worked. This may be confirming your theory.

    But I have not been deleting previous imaps. My pre2 has 3 in the cert Mgr and my tp has more (4-5?) I think but its not on hand to check.

    On the Pre2,
    Along with the 7999...0 and d76c...0 files, the 64d5dbd5 file now has .0, .1, and .2 versions in my /var/ssl/certs and /var/ssl/certs/trusted certs folders, but none are in the /etc/ssl folders.
    Sporting my 13th Pre device, a NOS unlocked ROW Pre3!

Similar Threads

  1. Replies: 23
    Last Post: 09/04/2015, 11:51 AM
  2. "Requested encryption not supported by server"
    By freebirds in forum webOS Tips, Info & Resources
    Replies: 14
    Last Post: 02/28/2015, 07:33 AM
  3. Replies: 3
    Last Post: 11/10/2014, 04:31 AM
  4. CM9 Encryption Unsuccessful Touchpad Error
    By JackisBack in forum Android on webOS
    Replies: 6
    Last Post: 08/04/2012, 11:51 AM
  5. Can not access 128 encryption server (sercurity) error code 18
    By quedawg in forum Palm OS Devices & Apps
    Replies: 0
    Last Post: 02/06/2005, 02:16 PM

Posting Permissions