Comment 8 for bug 302314

I would like to add another data point to this issue. I was having the same issue as Bernard_Ivo in that I kept getting asked whether to accept the talk.google.com certificate each time I started pidging. I have a talk.gmail.com certificate in ~/.purple/certificates/x509/tls_peers already so I didn't understand why I was getting the error. Creating the etc symlink in my home directory didn't resolve the issue.

Then I deleted talk.gmail.com cert and restarted Pidgin. It then asked me *twice* about the Gmail cert! Then I realized: I have two Gmail talk accounts (one Gmail, the other Google Apps). I disabled one of the two, restarted Pidgin, and got to warning. I closed and restarted again to verify that I still got no warning.

So then I re-enabled both accounts, deleted talk.google.com cert and restarted. I verified that the two "talk.google.com" certificates were *different*. One came from gmail.com and one came from talk.google.com. So the root problem here seems to be that the connection server is being redirected based on whether you're using Google Apps or Gmail, and Pidgin stores the cert based on the name of the initial server, not the one that is actually performing SSL.

So, for those that are also having this problem, do you have 2 different Gmail/Google Apps accounts as well?

As an aside, following Bryan C's fix (comment #1 from 2008-11-26) fixed this problem. These accounts were both originally connecting to port 5223; I switched to force SSL connection to port 443 for both of them and no longer get a warning for either one.