Correction: The cert issuer is Startcom Ltd, not Startcom LLC. -- Greetings; Stunnel 4.56 running under Win 7 SP1 x86. Recently, the owners of a server I regularly connect to updated their server certificate; the former had expired at the end of May. As soon as that event occurred, I deleted the old certificate, then used the "save peer certificate" function of Stunnel to get the updated one. However, the new certificate fails to verify, even with the verify = 4 option in Stunnel. The error message is similar to what I used to get when doing a verify = 3 with some certificates. The general error output of Stunnel is: CERT: Verification error: unable to get local issuer certificate 2013.06.09 16:37:46 LOG4[608:2336]: Certificate check failed: depth=0 When I open the new certificate with: openssl x509 -text -in certname.pem and view the certificate details, I'm not seeing anything obvious. The certificate is within a valid date range, and contains the same basic elements as other certs I've viewed. The certificate appears to have been issued by Startcom LLC. If I comment out the verify statement, I'm able to successfully negotiate an SSL connection with the server. I realize that this may be more of an openssl issue than an issue with Stunnel. Nevertheless, I thought I'd start here and throw it out to the floor for comments. Anyone have any ideas or have run into this issue? Regards, Thomas -- Attention: This message and all attachments are private and may contain information that is confidential and privileged. If you received this message in error, please notify the sender by reply email and delete the message immediately. _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org https://www.stunnel.org/cgi-bin/mailman/listinfo/stunnel-users