Monday, November 22, 2010

msn connectivity of Pidgin 2.6.6 in Windows 98

I very recently attempted to connect with Pidgin IM 2.6.6 (the last to run on Windows 98, AFAIK) to the .NET Messenger Service, which handles Windows Live Messenger connections. In short, I wanted to connect to msn, but it was impossible because of certificate issues.

The typical solution is to upgrade Pidgin to version 2.7.6, but this version relies on the gtk+ 2.10.xx or newer runtime (a library), which won't run on Windows 98/SE, so users of this operating system may feel stuck.

The solution is thus:
  • Close Pidgin.
  • The real solution is at SQuID's rants blog post or at the Pidgin developer site.
  • Caveats: The filenames must be
    Microsoft_Secure_Server_Authority_2010.pem
    and
    Microsoft_Secure_Server_Authority_2010.pem
    If by any chance the files saved save as *.pem.log
    or anything that does not directly end with a .pem extension, then rename them to *.pem (the asterisk stands for filenames).
The following was my initial solution, but there was a chance that it might not have worked. For other purposes, I left it as a tutorial on how to export and save certificates in W98/Me.
  • Go to
    C:\WINDOWS\Application Data\.purple\certificates\x509\tls_peers
    or
    C:\WINDOWS\Profiles\Profilename\Application Data\.purple\certificates\x509\tls_peers
  • There you will see what appear to be .com (command) files which are appropriately shown as such by Windows Explorer, but they are actually certificates. Amongst them you will see the omega.contacts.msn.com file. Back that file up by moving it somewhere else, but keep that directory window open and copy its address bar contents into the clipboard.
  • With Internet Explorer, connect to
    https://omega.contacts.msn.com
    You may get a denied directory listing, but perhaps the most important part of it is that you'll be presented with a new certificate. —
  • View the certificate, go to the Details tab.
  • In the Details tab, click the "Copy to File..." button;
  • In the Certificate Manager Export Wizard, click next;
  • Choose the Base64 encoded X.509 (.CER) format, click the Next button;
  • In the Export File Name step, browse to
    C:\WINDOWS\Application Data\.purple\certificates\x509\tls_peers
    or your profile location (best now to paste the location of .purple certificates into the File Name field and then pressing the Enter button for the filepicker to reach the folder), then write the filename as omega.contacts.msn.com, click Save. As the full filename path is now given in the "File name:" field, click Next.
  • In the next step, you'll see the certificate export summary, where you'll just have to click Finish and the system will prompt that the export has completed successfully. But that's not everything.
  • Restore the abovementioned tls_peers folder window and you'll see that omega.contacts.msn.com may not be that, but omega.contacts.msn.com.cer
    (that is, if you can see the .cer extension. If not, but the file has a certificate icon and not a program icon, go to View > Folder Options > View tab > and in Advanced Settings, uncheck "Hide file extensions for known file types", click OK).
    The solution is to rename the .cer file by removing .cer from the filename. Windows will ask for a confirmation as to changing the file extension (the renamed file will have .com extension). Confirm the rename.
  • If it's impossible to change Windows settings as to showing filename extensions (you may be using a work computer, but such a situation is rare with a Windows 9x PC), and if you still can access MS-DOS Prompt, then rename the file from there:
    Type

    cd "C:\WINDOWS\Application Data\.purple\certificates\x509\tls_peers"

    or just type

    cd "

    and paste the certificate directory address by accessing the window menu (click once on the MS-DOS icon and choose Paste from the Edit submenu), type another quote,
    press Enter.
    Your profile directory path may vary as stated above depending on settings.

    Use dir command to get a directory listing. That should show short and long file names. If you see omega.contacts.msn.com.cer as the filename of the msn certificate, rename it:

    rename omega.contacts.msn.com.cer omega.contacts.msn.com

    That should do it. Type exit, press Enter key to close the MS-DOS Prompt window.
  • Now start Pidgin and see what happens at the msn login. I could successfuly log in, so you should hopefully not have any trouble either.
I got the initial above solution from Ticket #12906 at the Pidgin developer site.