Cannot permanently whitelist self-signed certificate
Bug description
Gajim refuses to permanently whitelist the certificate of my jabber server (jabber.ralfj.de). On first startup, it correctly complains that the certificate is self-signed, and I tell it to remember this certificate. However, on next startup, it complains that the fingerprint does not match, even though the certificate did not change. I can tell it to ignore this error. Then, on the third startup, I am back to the original error message. The two mismatching fingerprints it shows are the ones from my CA, and from my server. It seems that Gajim remembers the server fingerprint when I get the first message, and compares it with the CA certificate on second startup (or vice versa). Of course, this does not work.
Steps to reproduce
- Get an account at a jabber server which uses a certificate issued by a self-signed custom CA (you can get an account on my server, if you need it for testing)
- Start Gajim, connect the account, accept the certificate
- Restart Gajim
Expected behaviour: Gajim silently accepts the certificate if it did not change. Actual behaviour: Gajim complains about a certificate change.
Software versions
OS version: Debian testing
GTK version: 2.24.22
PyGTK version: 2.24.0