-
Bug
-
Resolution: Awaiting Response
-
Normal
-
None
-
None
https://bugreports.qt.io/browse/QTBUG-42134 for details.
relevant response from QT devs is:
Richard Moore added a comment - 22/Oct/14 10:42 PM
The server is configured incorrectly. It should be sending leaf and intermediate certificates, but not the root certificate since that needs to be in the trust store. This isn't a bug in Qt.
You can see the problem here:
Certificate chain
0 s:/OU=Domain Control Validated/CN=*.mojang.com
i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
1 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./OU=http://certs.starfieldtech.com/repository//CN=Starfield Secure Certificate Authority - G2
i:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
2 s:/C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Root Certificate Authority - G2
i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
3 s:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
i:/C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority
The server should only be sending the first two certificates, not the 3rd which is the root.