Comment 0 for bug 911592

After upgrading to precise, when I try to send an email with evolution, I am presented with:
SSL Certificate check for smtp.canonical.com:

Issuer: CN=Thawte DV SSL CA,OU=Domain Validated SSL,O="Thawte, Inc.",C=US
Subject: CN=smtp.canonical.com,OU=Domain Validated,OU=Thawte SSL123 certificate,OU=Go to https://www.thawte.com/repository/index.html,O=smtp.canonical.com
Fingerprint: a2:ee:86:1c:94:4e:74:86:2c:24:2f:0e:6e:cc:cd:db
Signature: BAD

Do you wish to accept? Yes|No

I verified the certificate is valid using gnutls:
 * gnutls-cli -s --print-cert --x509cafile /etc/ssl/certs/ -p 587 smtp.canonical.com
 * > ehlo test
 * > starttls
 * in another terminal do 'kill -s SIGALRM <pid og gnutls-cli>'

Remembering that evolution uses nss, I then went to Edit/Preferences/Certificates/Authorities and discovered that many certificate autorities are missing from the list, including Thawte's Root CAs. I verified that Oneiric had the certificate authority, and it did along with many more. I am not sure if the bug is with nss or with evolution, but evolution in 12.04 is not seeing all the certificates it used to see in 11.10.

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libnss3 3.13.1.with.ckbi.1.88-1ubuntu2
ProcVersionSignature: Ubuntu 3.2.0-7.13-generic 3.2.0-rc7
Uname: Linux 3.2.0-7-generic x86_64
ApportVersion: 1.90-0ubuntu1
Architecture: amd64
Date: Tue Jan 3 21:34:09 2012
InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110425.2)
SourcePackage: nss
UpgradeStatus: Upgraded to precise on 2012-01-02 (1 days ago)