Evolution Exchange Connector broken for self-signed server certificates

Binary package hint: evolution-exchange

The Evolution (2.30.3) Exchange connector and Evolution+TLS in general is badly broken in Maverick -- it will not accept a self-signed server certificate. You can manually add the server certificate, and override the trust values, but Evolution will not save your settings. If at any time you attempt to connect to a exchange server that uses a self signed certificate, Evolution locks up and can only be killed.

The following procedure works around and thus demonstrates the problem:

1) Go to Edit->Preferences->Mail Accounts, and disable the exchange account
2) from another shell: evolution --force-shutdown
3) Go to the exchange server web access using a browser -- save the server certificate (varies by browser)
4) Restart evolution
5) Go to Edit->Preferences->Certificates->Contact Certificates->Import
6) Select saved server certificate, click open
7) Select server certificate, click Edit
8) Select "Trust the authenticity of this certificate"
9) Click "Edit CA Trust"
10) Select all three CA trust settings, click OK, click OK
11) Go to Edit->Preferences->Mail Accounts, select exchange account, click Edit
12) Click on Receiving Email->Authenticate
13) Enter your exchange account password, click OK, click OK
14) Go to Edit->Preferences->Mail Accounts, enable exchange account

And at that point, it will connect to exchange and work correctly... but we aren't quite done. Evolution will completely forget about the CA trust settings we specified at shutdown, so this procedure will have to be repeated with every start of Evolution.

Recommendations:
1) Fix CA trust settings so that they save.
2) Notify the user when the certificate isn't trusted, instead of locking up so hard you have to use kill.