[Bug 50471] Kindle for PC 1.16.0 can't connect
WineHQ Bugzilla
wine-bugs at winehq.org
Thu Jul 21 18:44:07 CDT 2022
https://bugs.winehq.org/show_bug.cgi?id=50471
Alban Browaeys <prahal at yahoo.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |prahal at yahoo.com
--- Comment #14 from Alban Browaeys <prahal at yahoo.com> ---
I got it working with a slightly different fix:
I copied
https://android.googlesource.com/platform/system/ca-certificates/+/938033cd7545e0478de1822367f5f3751b180efe/files/facacbc6.0
ie "
-----BEGIN CERTIFICATE-----
MIIE0zCCA7ugAwIBAgIQGNrRniZ96LtKIVjNzGs7SjANBgkqhkiG9w0BAQUFADCB
yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp
U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW
ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0
aG9yaXR5IC0gRzUwHhcNMDYxMTA4MDAwMDAwWhcNMzYwNzE2MjM1OTU5WjCByjEL
MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZW
ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2ln
biwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJp
U2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9y
aXR5IC0gRzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1
nmAMqudLO07cfLw8RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbex
t0uz/o9+B1fs70PbZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIz
SdhDY2pSS9KP6HBRTdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQG
BO+QueQA5N06tRn/Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+
rCpSx4/VBEnkjWNHiDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/
NIeWiu5T6CUVAgMBAAGjgbIwga8wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8E
BAMCAQYwbQYIKwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAH
BgUrDgMCGgQUj+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVy
aXNpZ24uY29tL3ZzbG9nby5naWYwHQYDVR0OBBYEFH/TZafC3ey78DAJ80M5+gKv
MzEzMA0GCSqGSIb3DQEBBQUAA4IBAQCTJEowX2LP2BqYLz3q3JktvXf2pXkiOOzE
p6B4Eq1iDkVwZMXnl2YtmAl+X6/WzChl8gGqCBpH3vn5fJJaCGkgDdk+bW48DW7Y
5gaRQBi5+MHt39tBquCWIMnNZBU4gcmU7qKEKQsTb47bDN0lAtukixlE0kF6BWlK
WE9gyn6CagsCqiUXObXbf+eEZSqVir2G3l6BFoMtEMze/aiCKm0oHw0LxOXnGiYZ
4fQRbxC1lfznQgUy286dUV4otp6F01vvpX1FQHKOtw5rDgb7MzVIcbidJ4vEZV8N
hnacRHr2lVz2XTIIM6RUthg/aFzyQkqFOFSDX9HoLPKsEdao7WNq
-----END CERTIFICATE-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006
VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary
Certification Authority - G5
Validity
Not Before: Nov 8 00:00:00 2006 GMT
Not After : Jul 16 23:59:59 2036 GMT
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006
VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary
Certification Authority - G5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:24:08:08:29:7a:35:9e:60:0c:aa:e7:4b:3b:
4e:dc:7c:bc:3c:45:1c:bb:2b:e0:fe:29:02:f9:57:
08:a3:64:85:15:27:f5:f1:ad:c8:31:89:5d:22:e8:
2a:aa:a6:42:b3:8f:f8:b9:55:b7:b1:b7:4b:b3:fe:
8f:7e:07:57:ec:ef:43:db:66:62:15:61:cf:60:0d:
a4:d8:de:f8:e0:c3:62:08:3d:54:13:eb:49:ca:59:
54:85:26:e5:2b:8f:1b:9f:eb:f5:a1:91:c2:33:49:
d8:43:63:6a:52:4b:d2:8f:e8:70:51:4d:d1:89:69:
7b:c7:70:f6:b3:dc:12:74:db:7b:5d:4b:56:d3:96:
bf:15:77:a1:b0:f4:a2:25:f2:af:1c:92:67:18:e5:
f4:06:04:ef:90:b9:e4:00:e4:dd:3a:b5:19:ff:02:
ba:f4:3c:ee:e0:8b:eb:37:8b:ec:f4:d7:ac:f2:f6:
f0:3d:af:dd:75:91:33:19:1d:1c:40:cb:74:24:19:
21:93:d9:14:fe:ac:2a:52:c7:8f:d5:04:49:e4:8d:
63:47:88:3c:69:83:cb:fe:47:bd:2b:7e:4f:c5:95:
ae:0e:9d:d4:d1:43:c0:67:73:e3:14:08:7e:e5:3f:
9f:73:b8:33:0a:cf:5d:3f:34:87:96:8a:ee:53:e8:
25:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
1.3.6.1.5.5.7.1.12:
0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
X509v3 Subject Key Identifier:
7F:D3:65:A7:C2:DD:EC:BB:F0:30:09:F3:43:39:FA:02:AF:33:31:33
Signature Algorithm: sha1WithRSAEncryption
93:24:4a:30:5f:62:cf:d8:1a:98:2f:3d:ea:dc:99:2d:bd:77:
f6:a5:79:22:38:ec:c4:a7:a0:78:12:ad:62:0e:45:70:64:c5:
e7:97:66:2d:98:09:7e:5f:af:d6:cc:28:65:f2:01:aa:08:1a:
47:de:f9:f9:7c:92:5a:08:69:20:0d:d9:3e:6d:6e:3c:0d:6e:
d8:e6:06:91:40:18:b9:f8:c1:ed:df:db:41:aa:e0:96:20:c9:
cd:64:15:38:81:c9:94:ee:a2:84:29:0b:13:6f:8e:db:0c:dd:
25:02:db:a4:8b:19:44:d2:41:7a:05:69:4a:58:4f:60:ca:7e:
82:6a:0b:02:aa:25:17:39:b5:db:7f:e7:84:65:2a:95:8a:bd:
86:de:5e:81:16:83:2d:10:cc:de:fd:a8:82:2a:6d:28:1f:0d:
0b:c4:e5:e7:1a:26:19:e1:f4:11:6f:10:b5:95:fc:e7:42:05:
32:db:ce:9d:51:5e:28:b6:9e:85:d3:5b:ef:a5:7d:45:40:72:
8e:b7:0e:6b:0e:06:fb:33:35:48:71:b8:9d:27:8b:c4:65:5f:
0d:86:76:9c:44:7a:f6:95:5c:f6:5d:32:08:33:a4:54:b6:18:
3f:68:5c:f2:42:4a:85:38:54:83:5f:d1:e8:2c:f2:ac:11:d6:
a8:ed:63:6a
SHA1 Fingerprint=4E:B6:D5:78:49:9B:1C:CF:5F:58:1E:AD:56:BE:3D:9B:67:44:A5:E5
"
to /var/certmgr/web/user_trusted//facacbc6.0 (which is the file Amazon Kindle
ws looking after in crossover wine file debug traces ie "+file,+ntdll,+tid"
channels.
Now it works with Amazon Kindle "Windows 7" crossover install but not
PlayOnLinux "Windows 200" one. Per PlaOnLinux had (or still is I have not
checked) installed the amazon_kindle bottle as "Windows 2000".
As the PlayOnLinux "+file,+ntdll,+tid" debug traces showed in "Windows 2000"
mode no certs path is looked after. I do not know how to fix it as is so I
switched my PlayOnLinux amazon kindle setup to "Windows 7" and the issue also
vanished from the Amazon Kindle PlayOnLinux bottle.
NB: per
https://www.pcworld.com/article/418765/google-to-revoke-trust-in-a-symantec-root-certificate.html
this certificate is a security hazard so currently best is to limit it to wine
(seems /var/certmgr is). Maybe there is a mean to setup a store specific to a
bottle instead of all wine prefixes wide. Might be with mono certmgr.
Update: certmgr with wine-mono seems to do nothing.
I opened a cmd.com prompt inside the bottle, then pressed "y" on the prompt to
install as CA "VeriSign Class 3 Public Primary Certification Authority - G5"
certificate: "
c:\>c:\windows\mono\mono-2.0\lib\mono\4.5\certmgr -ssl https://www.amazon.com
Mono Certificate Manager - version 6.13.0.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
license
d.
X.509 Certificate v3
Issued from: C=US, O="VeriSign, Inc.", OU=VeriSign Trust Network, OU="(c)
200
6 VeriSign, Inc. - For authorized use only", CN=VeriSign Class 3 Public Primary
Certification Authority - G5
Issued to: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global
Ro
ot G2
Valid from: 11/6/2017 12:00:00 AM
Valid until: 11/5/2022 11:59:59 PM
*** WARNING: Certificate signature is INVALID ***
Import this certificate into the CA store ?y
"
but then the certificate is not added: "
Z:\usr\share\playonlinux\python>c:\windows\mono\mono-2.0\lib\mono\4.5\certmgr
-l
ist -c -m CA
Mono Certificate Manager - version 6.13.0.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
license
d.
Self-signed X.509 v3 Certificate
Serial Number: 1B114ACBF3260D8700
Issuer Name: C=US, S=Some-State, O=Wine, CN=Invalid dummy certificate
Subject Name: C=US, S=Some-State, O=Wine, CN=Invalid dummy certificate
Valid From: 3/13/2016 2:13:31 AM
Valid Until: 3/12/2016 2:13:31 AM
Unique Hash:
9D2EBDA266A2D56BBFFBE93085648ABA39B590A57053D4B92CA6B53E161E40C
258A63072B07E4D23CCFC58889EDCC81FEC463233C8DA6772B8B25DFAF46789CC
"
same when downloading the certificate and adding it:
from host:
curl
https://android.googlesource.com/platform/system/ca-certificates/+/d473643ceebe721d17ca0ba547466e7e5bfae0bf/files/facacbc6.0?format=TEXT
| base64 --decode > facacbc6.cer
then in the bottle cmd: "
Z:\usr\share\playonlinux\python>c:\windows\mono\mono-2.0\lib\mono\4.5\certmgr
-a
dd -c -m CA z:\home\prahal\Projects\WIP\totem-click-mouse\b\facacbc6.cer
Mono Certificate Manager - version 6.13.0.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
license
d.
Z:\usr\share\playonlinux\python>c:\windows\mono\mono-2.0\lib\mono\4.5\certmgr
-l
ist -c -m CA
Mono Certificate Manager - version 6.13.0.0
Manage X.509 certificates and CRL from stores.
Copyright 2002, 2003 Motus Technologies. Copyright 2004-2008 Novell. BSD
license
d.
Self-signed X.509 v3 Certificate
Serial Number: 1B114ACBF3260D8700
Issuer Name: C=US, S=Some-State, O=Wine, CN=Invalid dummy certificate
Subject Name: C=US, S=Some-State, O=Wine, CN=Invalid dummy certificate
Valid From: 3/13/2016 2:13:31 AM
Valid Until: 3/12/2016 2:13:31 AM
Unique Hash:
9D2EBDA266A2D56BBFFBE93085648ABA39B590A57053D4B92CA6B53E161E40C
258A63072B07E4D23CCFC58889EDCC81FEC463233C8DA6772B8B25DFAF46789CC
"
So it looks like the wine-mono in the bottle certificate store is just a
placeholder.
--
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.
More information about the wine-bugs
mailing list