Keep getting "Accept certificate for steamcdn-a.akamaihd.net?"

[CapsAdmin]

This started happening a while ago and I keep getting the same message over and over. Sometimes it can appear up to 20 times in a row.

Accept certificate for steamcdn-a.akamaihd.net?

The certificate for steamcdn-a.akamaihd.net could not be validated.

The certificate is not trusted because no certificate that can verify it is currently trusted.

You get the option to accept, reject or view certificate. Accepting does not work but I didn't try reject (assuming that will kill the connection). View certificate shows

Certificate Information

Common name: a248.e.akamai.net

Issued By: CN=Symantec Class 3 ECC 256 bit SSL CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Fingerprint (SHA1): 6c:a1:8f:21:bc:f7:c2:40:91:d6:be:44:f5:a9:60:e9:c8:e4:5f:4b

Activation date: Fri Apr  8 02:00:00 2016

Expiration date: Sun Apr  9 01:59:59 2017

The certificate information seems to always be the same.

[EionRobb]

Are you able to get a debug log (from the buddy list, Help->Debug Window) as you reconnect to the account to try and trigger the accept/reject window again, and get out a bit more debug info?

[Spanguole]

From my observations this happens when someone in the friendlist changes their avatar and as the client tries to fetch that new avatar, it fails to validate the signatures of the cdn servers. (Been having this for a quite a while myself, too)

[EionRobb]

Is this still happening with Pidgin 2.12 that just came out yesterday? There were some changes in it that might have helped

[Spanguole]

Yes, still getting it.

[EionRobb]

@Spanguole can you get a debug log from Pidgin (from the buddy list, Help->Debug Window) when you get the popup? Can you also provide the details from Help->Build Information?

[Spanguole]

Well, building pidgin and this plugin to use gnutls instead of nss worked around this issue.