Bug 1196787 - System default CA bundle not set as default in compiled-in default or config
Summary: System default CA bundle not set as default in compiled-in default or config
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: mutt
Version: 6.8
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Matej Mužila
QA Contact: Lukáš Zachar
Filip Hanzelka
URL:
Whiteboard:
Depends On:
Blocks: 1359256 1388511
TreeView+ depends on / blocked
 
Reported: 2015-02-26 18:27 UTC by William Yardley
Modified: 2017-04-24 11:39 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The system default CA bundle has been set as default in the compiled-in default setting or configuration in *mutt* Previously, when connecting to a new system via TLS/SSL, the *mutt* email client required the user to save the certificate. With this update, the system Certificate Authority (CA) bundle is set in *mutt* by default. As a result, *mutt* now connects via SSL/TLS to hosts with a valid certificate without prompting the user to approve or reject the certificate.
Clone Of:
: 1388511 (view as bug list)
Environment:
Last Closed: 2017-03-21 11:18:17 UTC
Target Upstream Version:


Attachments (Terms of Use)
add path to system ca-bundle to default configuration (582 bytes, patch)
2015-07-24 10:16 UTC, Matej Mužila
no flags Details | Diff


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:0732 0 normal SHIPPED_LIVE mutt bug fix update 2017-03-21 12:43:40 UTC

Description William Yardley 2015-02-26 18:27:10 UTC
Description of problem:
When connecting to a new system via TLS / SSL, Mutt requires the user to save the certificate.

Version-Release number of selected component (if applicable):
1.5.20-7.20091214hg736b6a.el6

How reproducible:
Very


Steps to Reproduce:
1. Configure spoolfile (or folder, etc.) as imaps://[some host with valid cert]

Actual results:
Mutt prompts the user to save the certificate

Expected results:
Mutt uses the system default CA bundle in /etc/pki/tls/certs/ca-bundle.crt from the ca-certificates RPM.


Additional info:
Compiled in default is unset:
In muttrc(5):
       ssl_ca_certificates_file
              Type: path
              Default: “”

It also appears to not be configured in default configuration:
smtp01:$ rpm --verify mutt
smtp01:$ grep ssl_ca_certificates /etc/Muttrc | grep -v ^#
smtp01:$

Comment 2 Matej Mužila 2015-07-24 10:16:38 UTC
Created attachment 1055671 [details]
add path to system ca-bundle to default configuration

Comment 12 errata-xmlrpc 2017-03-21 11:18:17 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2017-0732.html


Note You need to log in before you can comment on or make changes to this bug.