From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-163524-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id BBD1F13888F
	for <garchives@archives.gentoo.org>; Fri,  3 Apr 2015 06:26:19 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 3D4EBE08E9;
	Fri,  3 Apr 2015 06:26:13 +0000 (UTC)
Received: from mail-wg0-f42.google.com (mail-wg0-f42.google.com [74.125.82.42])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 10B80E081D
	for <gentoo-user@lists.gentoo.org>; Fri,  3 Apr 2015 06:26:11 +0000 (UTC)
Received: by wgbdm7 with SMTP id dm7so103753398wgb.1
        for <gentoo-user@lists.gentoo.org>; Thu, 02 Apr 2015 23:26:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=date:from:to:subject:message-id:in-reply-to:references:mime-version
         :content-type:content-transfer-encoding;
        bh=kpzC2HZPo2sL7gvtS+bDMyLl5W71mNdupYwHfJDHHbE=;
        b=mZmG20cAInLf2m/H8P6isUlPLu/dwmx3jI73R4PuL8fs4lSjvqKTUZ4yHHQRdFHzgF
         XsLUSJh0eLRpplhJ8xK7YznVgqCXYowETc3j8HB5ksHB0ok+cH1oF0irErw7fPSLnK8O
         qy0YYsJbDyNj3rP+E3AHqExWTMi3mKhgyRbU5rVuGLBNcibzbUICSlVCSU65aSjxXkdN
         6sttdCQUu0e0rs39dX8XYmX8qmzbkqB3IkyjrPT9k9tylFY9CPyK0bZGDKsOEemQEaFL
         6LBIcEalMRQZUvXA6e8wHA9Rj7TvBC+gfd6aWqNKT4bwStZf1JYEJuLpka2KtjRW/kPa
         D38g==
X-Received: by 10.180.85.130 with SMTP id h2mr31420871wiz.3.1428042371003;
        Thu, 02 Apr 2015 23:26:11 -0700 (PDT)
Received: from gen2ws.local (dynamic-109-121-71-131.adsl.eunet.rs. [109.121.71.131])
        by mx.google.com with ESMTPSA id fm10sm1399207wib.7.2015.04.02.23.26.10
        for <gentoo-user@lists.gentoo.org>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 02 Apr 2015 23:26:10 -0700 (PDT)
Date: Fri, 3 Apr 2015 08:26:12 +0200
From: bitlord <bitlord0xff@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] [OT] Strange behaviour of google certificates.
Message-ID: <20150403082612.7ac5da5a@gen2ws.local>
In-Reply-To: <551d04d3.6a93700a.614c.4814@mx.google.com>
References: <551c290c.08cd700a.0b06.1f04@mx.google.com>
	<20150402075240.GB20058@waltdnes.org>
	<551d04d3.6a93700a.614c.4814@mx.google.com>
X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.27; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Archives-Salt: adff23a9-bedb-4bea-be72-c5b2501bc86c
X-Archives-Hash: fb18cae2137b9f58915552f65d9f31b5

On Thu, 2 Apr 2015 11:57:26 +0300
Gevisz <gevisz@gmail.com> wrote:

> On Thu, 2 Apr 2015 03:52:40 -0400 "Walter Dnes"
> <waltdnes@waltdnes.org> wrote:
> 
> > On Wed, Apr 01, 2015 at 08:19:45PM +0300, Gevisz wrote
> > 
> > > So, I am using Claws Mail that downloads e-mails from several
> > > google mail accounts (all are mine :) and about once or twice
> > > in a month get into the situation when Claws asks me to verify
> > > and change the google certificates, first in one direction and
> > > soon after that (usually during the next downloading of my
> > > e-mails)
> > > - in another.
> > > 
...
> > 
> >   The 2 servers probably have different certificates, which is why
> > you get this behaviour.  I suggest going into "apk mode" and
> > putting an entry into your hosts file <G>, like...
> > 
> > 173.194.192.108     pop.gmail.com
> > 
> >   This will force your system to always use the same server, and
> > avoid the re-validation every time you hit the other server from
> > the one you used the previous time.
> 
> Thank you for your advice. Added that line to my /etc/hosts file.
> After that Claws asked to verify the google certificate once again,
> but I hope that that was the last time this month and that that
> madness with google certificates finally ends. (Because in the last 2
> days this situation repeated at least 20 or more times.)
> 
> 


By looking at the screenshoots that is >=claws-mail-3.10.x (I think
that is the version when it got support for validating certificate
chains)? There is a option in Configuration > Edit Accounts ... then
for every account you have "SSL" options, you can check to accept
"unknown valid certificates" so it will do it automatically, won't ask
if there is a new certificate and it is valid.