0

About a week ago JungleDisk Desktop backup started warning it couldn't upload a "database" file (that it uses for speed), and was falling back to a regular upload, which succeeds.

Example message:

Warning Details (Jungle Disk Desktop 3.16 Mac Intel)
------------------------
Database file update failed (falling back to normal upload)
Exception Code: xHTTPRequestFailed (59)
Time: 6/13/13 8:20:24 PM (GMT-5)
Detailed Message: HTTP error (60) Peer certificate cannot be authenticated with known CA certificates: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Error Location: JungleHTTP.cpp:1002 
   via JungleServerRequest.cpp:130 
   via JungleDiskAdv.cpp:1831

I contacted JungleDisk support online. The rep had a number of suggestions. I've tried all except the last one: Delete /Library/Preferences/cacert.pem O_o

  1. Go to the following location on your hard drive in /Library/Preferences/
  2. Once there, remove or rename the following files: cacert.pem and .com.jungledisk.service.status (if you see it)
  3. Then go to the Jungle Disk Activity Monitor's menu to select Help > Manage Background Program and stop, then start the service here.

IIUC /Library/Preferences/cacert.pem is normally managed by OS X KeyChain and has all my root certificates. It seems ... weird ... to let JungleDisk plop its own file there. It's not that I actively distrust them. It just seems like a file that requires extraordinary trust.

  • Am I justified or paranoid?
  • If I'm justified, what should I do instead?
Greg Hendershott
  • 387

1 Answers1

0

It seems that /Library/Preferences/cacert.pem is not managed by OS X Key Chain. It appears to be a file that JungleDisk put there originally.

I base that on:

  1. Examining some of the certs in there, which don't match the OS X Key Chain GUI.

  2. When I delete the file and let JD recreate it, it exactly matches the original.

Greg Hendershott
  • 387