File nma-ca-system-certs.patch of Package NetworkManager-gnome

Index: nm-applet-0.7.0/src/applet.glade
===================================================================
--- nm-applet-0.7.0.orig/src/applet.glade
+++ nm-applet-0.7.0/src/applet.glade
@@ -1443,7 +1443,7 @@ Shared Key</property>
       <child>
 	<widget class="GtkTable" id="table8">
 	  <property name="visible">True</property>
-	  <property name="n_rows">6</property>
+	  <property name="n_rows">7</property>
 	  <property name="n_columns">2</property>
 	  <property name="homogeneous">False</property>
 	  <property name="row_spacing">6</property>
@@ -1574,9 +1574,71 @@ Shared Key</property>
 	  </child>
 
 	  <child>
-	    <widget class="GtkLabel" id="eap_tls_private_key_label">
+	    <widget class="GtkFileChooserButton" id="eap_tls_user_cert_button">
 	      <property name="visible">True</property>
-	      <property name="label" translatable="yes">Private Key:</property>
+	      <property name="title" translatable="yes">Select A File</property>
+	      <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
+	      <property name="local_only">True</property>
+	      <property name="show_hidden">False</property>
+	      <property name="do_overwrite_confirmation">False</property>
+	      <property name="width_chars">-1</property>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">1</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">1</property>
+	      <property name="bottom_attach">2</property>
+	      <property name="x_options">fill</property>
+	      <property name="y_options">fill</property>
+	    </packing>
+	  </child>
+
+	  <child>
+	    <widget class="GtkCheckButton" id="show_checkbutton">
+	      <property name="visible">True</property>
+	      <property name="can_focus">True</property>
+	      <property name="label" translatable="yes">Show password</property>
+	      <property name="use_underline">True</property>
+	      <property name="relief">GTK_RELIEF_NORMAL</property>
+	      <property name="focus_on_click">True</property>
+	      <property name="active">False</property>
+	      <property name="inconsistent">False</property>
+	      <property name="draw_indicator">True</property>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">1</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">6</property>
+	      <property name="bottom_attach">7</property>
+	      <property name="x_options">fill</property>
+	      <property name="y_options"></property>
+	    </packing>
+	  </child>
+
+	  <child>
+	    <widget class="GtkEntry" id="eap_tls_private_key_password_entry">
+	      <property name="visible">True</property>
+	      <property name="can_focus">True</property>
+	      <property name="editable">True</property>
+	      <property name="visibility">False</property>
+	      <property name="max_length">0</property>
+	      <property name="text" translatable="yes"></property>
+	      <property name="has_frame">True</property>
+	      <property name="activates_default">False</property>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">1</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">5</property>
+	      <property name="bottom_attach">6</property>
+	      <property name="y_options"></property>
+	    </packing>
+	  </child>
+
+	  <child>
+	    <widget class="GtkLabel" id="eap_tls_private_key_password_label">
+	      <property name="visible">True</property>
+	      <property name="label" translatable="yes">Private Key Password:</property>
 	      <property name="use_underline">False</property>
 	      <property name="use_markup">False</property>
 	      <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -1594,37 +1656,17 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">0</property>
 	      <property name="right_attach">1</property>
-	      <property name="top_attach">3</property>
-	      <property name="bottom_attach">4</property>
+	      <property name="top_attach">5</property>
+	      <property name="bottom_attach">6</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options"></property>
 	    </packing>
 	  </child>
 
 	  <child>
-	    <widget class="GtkFileChooserButton" id="eap_tls_private_key_button">
-	      <property name="visible">True</property>
-	      <property name="title" translatable="yes">Select A File</property>
-	      <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
-	      <property name="local_only">True</property>
-	      <property name="show_hidden">False</property>
-	      <property name="do_overwrite_confirmation">False</property>
-	      <property name="width_chars">-1</property>
-	    </widget>
-	    <packing>
-	      <property name="left_attach">1</property>
-	      <property name="right_attach">2</property>
-	      <property name="top_attach">3</property>
-	      <property name="bottom_attach">4</property>
-	      <property name="x_options">fill</property>
-	      <property name="y_options">fill</property>
-	    </packing>
-	  </child>
-
-	  <child>
-	    <widget class="GtkLabel" id="eap_tls_private_key_password_label">
+	    <widget class="GtkLabel" id="eap_tls_private_key_label">
 	      <property name="visible">True</property>
-	      <property name="label" translatable="yes">Private Key Password:</property>
+	      <property name="label" translatable="yes">Private Key:</property>
 	      <property name="use_underline">False</property>
 	      <property name="use_markup">False</property>
 	      <property name="justify">GTK_JUSTIFY_LEFT</property>
@@ -1650,30 +1692,30 @@ Shared Key</property>
 	  </child>
 
 	  <child>
-	    <widget class="GtkEntry" id="eap_tls_private_key_password_entry">
+	    <widget class="GtkFileChooserButton" id="eap_tls_private_key_button">
 	      <property name="visible">True</property>
-	      <property name="can_focus">True</property>
-	      <property name="editable">True</property>
-	      <property name="visibility">False</property>
-	      <property name="max_length">0</property>
-	      <property name="text" translatable="yes"></property>
-	      <property name="has_frame">True</property>
-	      <property name="activates_default">False</property>
+	      <property name="title" translatable="yes">Select A File</property>
+	      <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
+	      <property name="local_only">True</property>
+	      <property name="show_hidden">False</property>
+	      <property name="do_overwrite_confirmation">False</property>
+	      <property name="width_chars">-1</property>
 	    </widget>
 	    <packing>
 	      <property name="left_attach">1</property>
 	      <property name="right_attach">2</property>
 	      <property name="top_attach">4</property>
 	      <property name="bottom_attach">5</property>
-	      <property name="y_options"></property>
+	      <property name="x_options">fill</property>
+	      <property name="y_options">fill</property>
 	    </packing>
 	  </child>
 
 	  <child>
-	    <widget class="GtkCheckButton" id="show_checkbutton">
+	    <widget class="GtkCheckButton" id="eap_tls_ca_cert_system">
 	      <property name="visible">True</property>
 	      <property name="can_focus">True</property>
-	      <property name="label" translatable="yes">Show password</property>
+	      <property name="label" translatable="yes">Use System CA Certificates</property>
 	      <property name="use_underline">True</property>
 	      <property name="relief">GTK_RELIEF_NORMAL</property>
 	      <property name="focus_on_click">True</property>
@@ -1684,28 +1726,8 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">1</property>
 	      <property name="right_attach">2</property>
-	      <property name="top_attach">5</property>
-	      <property name="bottom_attach">6</property>
-	      <property name="x_options">fill</property>
-	      <property name="y_options"></property>
-	    </packing>
-	  </child>
-
-	  <child>
-	    <widget class="GtkFileChooserButton" id="eap_tls_user_cert_button">
-	      <property name="visible">True</property>
-	      <property name="title" translatable="yes">Select A File</property>
-	      <property name="action">GTK_FILE_CHOOSER_ACTION_OPEN</property>
-	      <property name="local_only">True</property>
-	      <property name="show_hidden">False</property>
-	      <property name="do_overwrite_confirmation">False</property>
-	      <property name="width_chars">-1</property>
-	    </widget>
-	    <packing>
-	      <property name="left_attach">1</property>
-	      <property name="right_attach">2</property>
-	      <property name="top_attach">1</property>
-	      <property name="bottom_attach">2</property>
+	      <property name="top_attach">3</property>
+	      <property name="bottom_attach">4</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options">fill</property>
 	    </packing>
@@ -1955,7 +1977,7 @@ Shared Key</property>
       <child>
 	<widget class="GtkTable" id="table10">
 	  <property name="visible">True</property>
-	  <property name="n_rows">4</property>
+	  <property name="n_rows">5</property>
 	  <property name="n_columns">2</property>
 	  <property name="homogeneous">False</property>
 	  <property name="row_spacing">6</property>
@@ -2058,6 +2080,25 @@ Shared Key</property>
 	  </child>
 
 	  <child>
+	    <widget class="GtkVBox" id="eap_ttls_inner_auth_vbox">
+	      <property name="visible">True</property>
+	      <property name="homogeneous">False</property>
+	      <property name="spacing">0</property>
+
+	      <child>
+		<placeholder/>
+	      </child>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">0</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">4</property>
+	      <property name="bottom_attach">5</property>
+	      <property name="x_options">fill</property>
+	    </packing>
+	  </child>
+
+	  <child>
 	    <widget class="GtkLabel" id="eap_ttls_inner_auth_label">
 	      <property name="visible">True</property>
 	      <property name="label" translatable="yes">Inner Authentication:</property>
@@ -2078,8 +2119,8 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">0</property>
 	      <property name="right_attach">1</property>
-	      <property name="top_attach">2</property>
-	      <property name="bottom_attach">3</property>
+	      <property name="top_attach">3</property>
+	      <property name="bottom_attach">4</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options"></property>
 	    </packing>
@@ -2095,29 +2136,32 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">1</property>
 	      <property name="right_attach">2</property>
-	      <property name="top_attach">2</property>
-	      <property name="bottom_attach">3</property>
+	      <property name="top_attach">3</property>
+	      <property name="bottom_attach">4</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options">fill</property>
 	    </packing>
 	  </child>
 
 	  <child>
-	    <widget class="GtkVBox" id="eap_ttls_inner_auth_vbox">
+	    <widget class="GtkCheckButton" id="eap_ttls_ca_cert_system">
 	      <property name="visible">True</property>
-	      <property name="homogeneous">False</property>
-	      <property name="spacing">0</property>
-
-	      <child>
-		<placeholder/>
-	      </child>
+	      <property name="can_focus">True</property>
+	      <property name="label" translatable="yes">Use System CA Certificates</property>
+	      <property name="use_underline">True</property>
+	      <property name="relief">GTK_RELIEF_NORMAL</property>
+	      <property name="focus_on_click">True</property>
+	      <property name="active">False</property>
+	      <property name="inconsistent">False</property>
+	      <property name="draw_indicator">True</property>
 	    </widget>
 	    <packing>
-	      <property name="left_attach">0</property>
+	      <property name="left_attach">1</property>
 	      <property name="right_attach">2</property>
-	      <property name="top_attach">3</property>
-	      <property name="bottom_attach">4</property>
+	      <property name="top_attach">2</property>
+	      <property name="bottom_attach">3</property>
 	      <property name="x_options">fill</property>
+	      <property name="y_options">fill</property>
 	    </packing>
 	  </child>
 	</widget>
@@ -2771,7 +2815,7 @@ Shared Key</property>
       <child>
 	<widget class="GtkTable" id="table13">
 	  <property name="visible">True</property>
-	  <property name="n_rows">5</property>
+	  <property name="n_rows">6</property>
 	  <property name="n_columns">2</property>
 	  <property name="homogeneous">False</property>
 	  <property name="row_spacing">6</property>
@@ -2886,8 +2930,8 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">0</property>
 	      <property name="right_attach">2</property>
-	      <property name="top_attach">4</property>
-	      <property name="bottom_attach">5</property>
+	      <property name="top_attach">5</property>
+	      <property name="bottom_attach">6</property>
 	      <property name="x_options">fill</property>
 	    </packing>
 	  </child>
@@ -2913,31 +2957,14 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">0</property>
 	      <property name="right_attach">1</property>
-	      <property name="top_attach">3</property>
-	      <property name="bottom_attach">4</property>
+	      <property name="top_attach">4</property>
+	      <property name="bottom_attach">5</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options"></property>
 	    </packing>
 	  </child>
 
 	  <child>
-	    <widget class="GtkComboBox" id="eap_peap_inner_auth_combo">
-	      <property name="visible">True</property>
-	      <property name="items" translatable="yes"> </property>
-	      <property name="add_tearoffs">False</property>
-	      <property name="focus_on_click">True</property>
-	    </widget>
-	    <packing>
-	      <property name="left_attach">1</property>
-	      <property name="right_attach">2</property>
-	      <property name="top_attach">3</property>
-	      <property name="bottom_attach">4</property>
-	      <property name="x_options">fill</property>
-	      <property name="y_options">fill</property>
-	    </packing>
-	  </child>
-
-	  <child>
 	    <widget class="GtkLabel" id="eap_peap_version_label">
 	      <property name="visible">True</property>
 	      <property name="label" translatable="yes">PEAP Version:</property>
@@ -2958,14 +2985,31 @@ Shared Key</property>
 	    <packing>
 	      <property name="left_attach">0</property>
 	      <property name="right_attach">1</property>
-	      <property name="top_attach">2</property>
-	      <property name="bottom_attach">3</property>
+	      <property name="top_attach">3</property>
+	      <property name="bottom_attach">4</property>
 	      <property name="x_options">fill</property>
 	      <property name="y_options"></property>
 	    </packing>
 	  </child>
 
 	  <child>
+	    <widget class="GtkComboBox" id="eap_peap_inner_auth_combo">
+	      <property name="visible">True</property>
+	      <property name="items" translatable="yes"> </property>
+	      <property name="add_tearoffs">False</property>
+	      <property name="focus_on_click">True</property>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">1</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">4</property>
+	      <property name="bottom_attach">5</property>
+	      <property name="x_options">fill</property>
+	      <property name="y_options">fill</property>
+	    </packing>
+	  </child>
+
+	  <child>
 	    <widget class="GtkComboBox" id="eap_peap_version_combo">
 	      <property name="visible">True</property>
 	      <property name="items" translatable="yes">Version 0
@@ -2975,6 +3019,28 @@ Version 1</property>
 	    </widget>
 	    <packing>
 	      <property name="left_attach">1</property>
+	      <property name="right_attach">2</property>
+	      <property name="top_attach">3</property>
+	      <property name="bottom_attach">4</property>
+	      <property name="x_options">fill</property>
+	      <property name="y_options">fill</property>
+	    </packing>
+	  </child>
+
+	  <child>
+	    <widget class="GtkCheckButton" id="eap_peap_ca_cert_system">
+	      <property name="visible">True</property>
+	      <property name="can_focus">True</property>
+	      <property name="label" translatable="yes">Use System CA Certificates</property>
+	      <property name="use_underline">True</property>
+	      <property name="relief">GTK_RELIEF_NORMAL</property>
+	      <property name="focus_on_click">True</property>
+	      <property name="active">False</property>
+	      <property name="inconsistent">False</property>
+	      <property name="draw_indicator">True</property>
+	    </widget>
+	    <packing>
+	      <property name="left_attach">1</property>
 	      <property name="right_attach">2</property>
 	      <property name="top_attach">2</property>
 	      <property name="bottom_attach">3</property>
Index: nm-applet-0.7.0/src/wireless-security/eap-method-peap.c
===================================================================
--- nm-applet-0.7.0.orig/src/wireless-security/eap-method-peap.c
+++ nm-applet-0.7.0/src/wireless-security/eap-method-peap.c
@@ -144,6 +144,11 @@ fill_connection (EAPMethod *parent, NMCo
 		g_object_set_data (G_OBJECT (connection), NMA_PATH_CA_CERT_TAG, NULL);
 	}
 
+	widget = glade_xml_get_widget (parent->xml, "eap_peap_ca_cert_system");
+	g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_SYSTEM_CA_CERTS,
+		      gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)),
+		      NULL);
+
 	if (method->ignore_ca_cert)
 		g_object_set_data (G_OBJECT (connection), NMA_CA_CERT_IGNORE_TAG, GUINT_TO_POINTER (TRUE));
 	else
@@ -210,6 +215,10 @@ nag_user (EAPMethod *parent)
 		return NULL;
 
 	/* Nag the user if the CA Cert is blank, since it's a security risk. */
+	widget = glade_xml_get_widget (parent->xml, "eap_peap_ca_cert_system");
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
+	  return NULL;
+
 	widget = glade_xml_get_widget (parent->xml, "eap_peap_ca_cert_button");
 	g_assert (widget);
 	filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
@@ -330,6 +339,12 @@ inner_auth_combo_init (EAPMethodPEAP *me
 	return combo;
 }
 
+static void
+ca_cert_system_toggled (GtkToggleButton *togglebutton, gpointer user_data)
+{
+  gtk_widget_set_sensitive (GTK_WIDGET (user_data), !gtk_toggle_button_get_active (togglebutton));
+}
+
 EAPMethodPEAP *
 eap_method_peap_new (const char *glade_file,
                      WirelessSecurity *parent,
@@ -337,6 +352,7 @@ eap_method_peap_new (const char *glade_f
 {
 	EAPMethodPEAP *method;
 	GtkWidget *widget;
+	GtkWidget *ca_button;
 	GladeXML *xml;
 	GladeXML *nag_dialog_xml;
 	GtkFileFilter *filter;
@@ -388,6 +404,7 @@ eap_method_peap_new (const char *glade_f
 	}
 
 	widget = glade_xml_get_widget (xml, "eap_peap_ca_cert_button");
+	ca_button = widget;
 	g_assert (widget);
 	gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
 	gtk_file_chooser_button_set_title (GTK_FILE_CHOOSER_BUTTON (widget),
@@ -403,6 +420,18 @@ eap_method_peap_new (const char *glade_f
 			gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
 	}
 
+	widget = glade_xml_get_widget (xml, "eap_peap_ca_cert_system");
+	g_signal_connect (widget, "toggled",
+			  G_CALLBACK (ca_cert_system_toggled),
+			  ca_button);
+	if (s_8021x) {
+	  gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), nm_setting_802_1x_get_system_ca_certs (s_8021x));
+	  gtk_widget_set_sensitive (GTK_WIDGET (ca_button), !nm_setting_802_1x_get_system_ca_certs (s_8021x));
+	}
+	g_signal_connect (G_OBJECT (widget), "toggled",
+			  (GCallback) wireless_security_changed_cb,
+			  parent);
+
 	widget = inner_auth_combo_init (method, glade_file, connection);
 	inner_auth_combo_changed_cb (widget, (gpointer) method);
 
Index: nm-applet-0.7.0/src/wireless-security/eap-method-tls.c
===================================================================
--- nm-applet-0.7.0.orig/src/wireless-security/eap-method-tls.c
+++ nm-applet-0.7.0/src/wireless-security/eap-method-tls.c
@@ -220,6 +220,11 @@ fill_connection (EAPMethod *parent, NMCo
 		                   NULL);
 	}
 
+	widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_system");
+	g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_SYSTEM_CA_CERTS,
+			    gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)),
+			    NULL);
+
 	if (method->ignore_ca_cert) {
 		g_object_set_data (G_OBJECT (connection),
 		                   method->phase2 ? NMA_PHASE2_CA_CERT_IGNORE_TAG : NMA_CA_CERT_IGNORE_TAG,
@@ -275,6 +280,10 @@ nag_user (EAPMethod *parent)
 		return NULL;
 
 	/* Nag the user if the CA Cert is blank, since it's a security risk. */
+	widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_system");
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
+		return NULL;
+
 	widget = glade_xml_get_widget (parent->xml, "eap_tls_ca_cert_button");
 	g_assert (widget);
 	filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
@@ -412,6 +421,12 @@ setup_filepicker (GladeXML *xml,
 		g_signal_connect (G_OBJECT (widget), "notify::filter", (GCallback) reset_filter, filter);
 }
 
+static void
+ca_cert_system_toggled (GtkToggleButton *togglebutton, gpointer user_data)
+{
+	gtk_widget_set_sensitive (GTK_WIDGET (user_data), !gtk_toggle_button_get_active (togglebutton));
+}
+
 EAPMethodTLS *
 eap_method_tls_new (const char *glade_file,
                     WirelessSecurity *parent,
@@ -420,6 +435,7 @@ eap_method_tls_new (const char *glade_fi
 {
 	EAPMethodTLS *method;
 	GtkWidget *widget;
+	GtkWidget *ca_button;
 	GladeXML *xml;
 	GladeXML *nag_dialog_xml;
 	NMSetting8021x *s_8021x = NULL;
@@ -517,6 +533,19 @@ eap_method_tls_new (const char *glade_fi
 	                  parent, method, connection,
 	                  phase2 ? NMA_PATH_PHASE2_PRIVATE_KEY_TAG : NMA_PATH_PRIVATE_KEY_TAG);
 
+	ca_button = glade_xml_get_widget (xml, "eap_tls_ca_cert_button");
+	widget = glade_xml_get_widget (xml, "eap_tls_ca_cert_system");
+	g_signal_connect (widget, "toggled",
+				   G_CALLBACK (ca_cert_system_toggled),
+				   ca_button);
+	if (s_8021x) {
+		gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), nm_setting_802_1x_get_system_ca_certs (s_8021x));
+		gtk_widget_set_sensitive (GTK_WIDGET (ca_button), !nm_setting_802_1x_get_system_ca_certs (s_8021x));
+	}
+	g_signal_connect (G_OBJECT (widget), "toggled",
+				   (GCallback) wireless_security_changed_cb,
+				   parent);
+
 	widget = glade_xml_get_widget (xml, "show_checkbutton");
 	g_assert (widget);
 	g_signal_connect (G_OBJECT (widget), "toggled",
Index: nm-applet-0.7.0/src/wireless-security/eap-method-ttls.c
===================================================================
--- nm-applet-0.7.0.orig/src/wireless-security/eap-method-ttls.c
+++ nm-applet-0.7.0/src/wireless-security/eap-method-ttls.c
@@ -138,6 +138,11 @@ fill_connection (EAPMethod *parent, NMCo
 		g_object_set_data (G_OBJECT (connection), NMA_PATH_CA_CERT_TAG, NULL);
 	}
 
+	widget = glade_xml_get_widget (parent->xml, "eap_ttls_ca_cert_system");
+	g_object_set (G_OBJECT (s_8021x), NM_SETTING_802_1X_SYSTEM_CA_CERTS,
+		      gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)),
+		      NULL);
+
 	if (method->ignore_ca_cert)
 		g_object_set_data (G_OBJECT (connection), NMA_CA_CERT_IGNORE_TAG, GUINT_TO_POINTER (TRUE));
 	else
@@ -197,6 +202,11 @@ nag_user (EAPMethod *parent)
 		return NULL;
 
 	/* Nag the user if the CA Cert is blank, since it's a security risk. */
+	/* Nag the user if the CA Cert is blank, since it's a security risk. */
+	widget = glade_xml_get_widget (parent->xml, "eap_ttls_ca_cert_system");
+	if (gtk_toggle_button_get_active (GTK_TOGGLE_BUTTON (widget)))
+	  return NULL;
+
 	widget = glade_xml_get_widget (parent->xml, "eap_ttls_ca_cert_button");
 	g_assert (widget);
 	filename = gtk_file_chooser_get_filename (GTK_FILE_CHOOSER (widget));
@@ -367,6 +377,12 @@ inner_auth_combo_init (EAPMethodTTLS *me
 	return combo;
 }
 
+static void
+ca_cert_system_toggled (GtkToggleButton *togglebutton, gpointer user_data)
+{
+  gtk_widget_set_sensitive (GTK_WIDGET (user_data), !gtk_toggle_button_get_active (togglebutton));
+}
+
 EAPMethodTTLS *
 eap_method_ttls_new (const char *glade_file,
                      WirelessSecurity *parent,
@@ -374,6 +390,7 @@ eap_method_ttls_new (const char *glade_f
 {
 	EAPMethodTTLS *method;
 	GtkWidget *widget;
+	GtkWidget *ca_button;
 	GladeXML *xml;
 	GladeXML *nag_dialog_xml;
 	GtkFileFilter *filter;
@@ -425,6 +442,7 @@ eap_method_ttls_new (const char *glade_f
 	}
 
 	widget = glade_xml_get_widget (xml, "eap_ttls_ca_cert_button");
+	ca_button = widget;
 	g_assert (widget);
 	gtk_file_chooser_set_local_only (GTK_FILE_CHOOSER (widget), TRUE);
 	gtk_file_chooser_button_set_title (GTK_FILE_CHOOSER_BUTTON (widget),
@@ -440,6 +458,18 @@ eap_method_ttls_new (const char *glade_f
 			gtk_file_chooser_set_filename (GTK_FILE_CHOOSER (widget), filename);
 	}
 
+	widget = glade_xml_get_widget (xml, "eap_ttls_ca_cert_system");
+	g_signal_connect (widget, "toggled",
+			  G_CALLBACK (ca_cert_system_toggled),
+			  ca_button);
+	if (s_8021x) {
+	  gtk_toggle_button_set_active (GTK_TOGGLE_BUTTON (widget), nm_setting_802_1x_get_system_ca_certs (s_8021x));
+	  gtk_widget_set_sensitive (GTK_WIDGET (ca_button), !nm_setting_802_1x_get_system_ca_certs (s_8021x));
+	}
+	g_signal_connect (G_OBJECT (widget), "toggled",
+			  (GCallback) wireless_security_changed_cb,
+			  parent);
+
 	widget = glade_xml_get_widget (xml, "eap_ttls_anon_identity_entry");
 	if (s_8021x && nm_setting_802_1x_get_anonymous_identity (s_8021x))
 		gtk_entry_set_text (GTK_ENTRY (widget), nm_setting_802_1x_get_anonymous_identity (s_8021x));