TLS failure because Facebook certificate was not trusted

[dreamlayers]

This morning in Ubuntu 21.10 purple-facebook failed to connect because the TLS certificate was not trusted. I saw that it was signed by "DigiCert SHA2 High Assurance Server", so I downloaded that certificate from https://www.digicert.com/kb/digicert-root-certificates.htm, used https://wiki.archlinux.org/title/User:Grawity/Adding_a_trusted_CA_certificate#System-wide_%E2%80%93_Debian,Ubuntu(update-ca-certificates) instructions to add it, and finally restarted Pidgin. Then I connected successfully.

So, the problem is fixed, but I note that what I installed was an intermediate certificate, not a root certificate. It probably should have been trusted because I already have "DigiCert High Assurance EV Root CA".

This might not be a bug in purple-facebook, but a problem with certificates in Ubuntu or the configuration of the Facebook server. I don't understand these things well enough to know for sure, and am partly posting this just to help others get past this error.

[Azizb750]

Hi, on Arch linux is solved installing the git version of purple-facebook (purple-facebook-git) instead of the stable one, since then I dont face any error about it, probably it has been fixed later, after the release of 0.9.6, but for a reason they didn't made an update with the hotfix. edit: I got the same issue too, but fixed it with the same way you did.

[akhepcat]

Still seeing it on 0.9.6-git_9ff9acf9fa14, though adding the cert as by Op does appear to mitigate the issue