Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Author

Topic: CA Root certificate not trusted (Read 377 times)

FiendCoin
sr. member
Activity: 462
Merit: 263
The devil is in the detail.
CA Root certificate not trusted
March 20, 2017, 02:41:49 AM
#4
Quote from: mocacinno on March 20, 2017, 02:33:28 AM
Quote from: Abdussamad on March 20, 2017, 02:24:54 AM
yes electrum servers use self-signed certs. these are the servers that give electrum blockchain data not the website where you download electrum from.
 
btw you did download electrum from electrum.org right? if you did that then it's ok. i ask because there are malware copies floating around so you have to make sure you download it from the official site.

This is great advice, i only wanted to add that a second option is to check the signature.
All releases of electrum should be signed by ThomasV
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6

If the signature checks out, it doesn't really matter where you downloaded the release Wink (altough it might be a good idear to download from electrum.org, so you're sure you have the lastest stable release)

Edit
Howto (linux):
Code:
wget https[Suspicious link removed]
wget https[Suspicious link removed].asc
gpg --keyserver pgp.mit.edu --recv-keys 0x2BD5824B7F9470E6
gpg --verify electrum-2.8.1-portable.exe.asc


Thanks for the replies, I did download from electrum.org

The cert thing had me worried, not so much now  Smiley
mocacinno
legendary
Activity: 3584
Merit: 5243
https://merel.mobi => buy facemasks with BTC/LTC
Re: CA Root certificate not trusted
March 20, 2017, 02:33:28 AM
#3
Quote from: Abdussamad on March 20, 2017, 02:24:54 AM
yes electrum servers use self-signed certs. these are the servers that give electrum blockchain data not the website where you download electrum from.
 
btw you did download electrum from electrum.org right? if you did that then it's ok. i ask because there are malware copies floating around so you have to make sure you download it from the official site.

This is great advice, i only wanted to add that a second option is to check the signature.
All releases of electrum should be signed by ThomasV
https://pgp.mit.edu/pks/lookup?op=vindex&search=0x2BD5824B7F9470E6

If the signature checks out, it doesn't really matter where you downloaded the release Wink (altough it might be a good idear to download from electrum.org, so you're sure you have the lastest stable release)

Edit
Howto (linux) for the 2.8.1-portable binary for windows:
Code:
wget https://download.electrum.org/2.8.1/electrum-2.8.1-portable.exe
wget https://download.electrum.org/2.8.1/electrum-2.8.1-portable.exe.asc
gpg --keyserver pgp.mit.edu --recv-keys 0x2BD5824B7F9470E6
gpg --verify electrum-2.8.1-portable.exe.asc

The output contained this line:
Good signature from "Thomas Voegtlin (https://electrum.org) <[email protected]>"

So, it doesn't matter where i downloaded it, it was signed by ThomasV, thus it was real Smiley
Abdussamad
legendary
Activity: 3682
Merit: 1580
Re: CA Root certificate not trusted
March 20, 2017, 02:24:54 AM
#2
yes electrum servers use self-signed certs. these are the servers that give electrum blockchain data not the website where you download electrum from.
 
btw you did download electrum from electrum.org right? if you did that then it's ok. i ask because there are malware copies floating around so you have to make sure you download it from the official site.
FiendCoin
sr. member
Activity: 462
Merit: 263
The devil is in the detail.
Re: CA Root certificate not trusted
March 19, 2017, 03:53:34 PM
#1
Avast is telling me that I need to add a security exclusion for Electrum and I shouldn't have to do that if it was legitimate.

Is this normal?
Bitcoin Forum>Bitcoin>Development & Technical Discussion>Wallet software>Electrum
Jump to: