Gtalk => Certificate verification problem 0x204

[sexxxenator@…]

Using either im.bitlbee.org or testing.bitlbee.org, I get the following error when my GTalk account tries to connect:

"gtalk - Login error: Certificate verification problem 0x204: certificate hostname mismatch"

[wilmer]

And in #1297 someone is running into 08:47:48 <root> jabber - Login error: OAuth failure (Certificate verification problem 0x14: certificate hasn't got a known issuer)

I can repro this on im.bitlbee.org. testing.bitlbee.org is however working fine.

Both openssl s_client and gnutls-bin on the same machine see no problem and can find the right CA cert. I have no clue what GnuTLS (the lib actually used by BitlBee) is doing wrong here... I do see BitlBee opening the right ca-certificates.crt bulk file.

[adrianna.pinska@…]

I reported the 0x14 error. I can confirm that testing.bitlbee.org works for me, but im.bitlbee.org is still reporting the same error.

[k]

It seems to still be an issue.

[a]

I am still seeing this issue as well.

[wilmer]

I think this is/was an incompatibility between BitlBee/its use of GnuTLS, the GnuTLS version that comes with Ubuntu 14.04, and probably new TLS certs at Google.

Fortunately I've fixed this on im.bitlbee.org by upgrading to the new LTS release, so this is all fine again there now.

If anyone else has this problem, again on 14.04 ... sorry, I did not actually find out what's wrong. GnuTLS debugging logs were utterly unhelpful as well, and the gnutls-cli cmdline utility did not reproduce this either as it was also compiled against a different libgnutls. :<

[anonymous]

Same problem here today on both im & testing :{