[request] improve "accept untrusted certificates" [duplicate]
asked 2014-06-13 12:32:30 +0300
With 1.0.6.17 came the nice feature to "accept untrusted certificates" in the settings of email accounts. This way all users / accounts that used some sort of self-signed certificates have a chance to access their email (this may have worked before but does not anymore).
But there is a caveat here: it's more or less a on / off switch which weakens security because _accepting untrusted certificates_ really means accept any certificate. Maybe there is some basic name checking going on but since there is no certificate chain to be checked, any certificate that _seems_ to be valid will be accepted.
Please build in a feature that I can determine which certificate is the right one and to be trusted in future. And / or build in a feature to load a certificate into some kind of certificate store so that even self signed certs are accepted without any hassle.
Duplicate of https://together.jolla.com/question/1607/gui-to-addtrust-ssl-root-certsself-signed-certs/ Please vote there. Thx.
VDVsx ( 2014-06-15 18:38:07 +0300 )edit