Description of problem: In Fedora 12, I could use strict-SSL in Empathy for Google Chat (strict meaning encryption required, don't ignore errors). In Fedora 13 this now just says "Certificate untrusted". My settings: [x] Encryption required (TLS/SSL) [ ] Ignore SSL certificate errors Server: talk.google.com Port: 5222 [ ] Use old SSL Version-Release number of selected component (if applicable): telepathy-gabble-0.9.11-1.fc13.x86_64 I downgraded to telepathy-gabble-0.8.13-1.fc12.x86_64 (leaving all other telepathy/empathy packages at current F13) and it works again.
If I remember correctly this regression is due to tp-gabble using Wocky for XMMP instead of Loudmouth. I'll have to look into this a bit to see when this will be fixed in Wocky.
No it's not Wocky who's guilty, it's tp-gabble itself. It passes a wrong path to CA cert bundle to Wocky. The path is hardcoded in tp-gabble: src/connection.c: 1895 static gboolean 1896 _gabble_connection_connect (TpBaseConnection *base, 1897 GError **error) 1898 { ... 1914 /* system certs */ 1915 wocky_connector_add_ca (priv->connector, 1916 "/etc/ssl/certs/ca-certificates.crt"); it obviously doesn't match Fedora convention (/etc/pki/tls/certs/ca-bundle.crt). A workaround is to create a symlink, either system-wide -- as root to that path, or per user -- to ~/.config/telepathy/certs/something.pem.
*** Bug 613223 has been marked as a duplicate of this bug. ***
telepathy-gabble-0.9.11-2.fc13 has been submitted as an update for Fedora 13. http://admin.fedoraproject.org/updates/telepathy-gabble-0.9.11-2.fc13
telepathy-gabble-0.9.11-2.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update telepathy-gabble'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/telepathy-gabble-0.9.11-2.fc13
telepathy-gabble-0.9.11-2.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report.