Hello With verify=3 and the certs loaded in the conf file with CAfile=startssl-chain.pem cert=mycert.pem, I get : CERT: Certificate not found in local repository Using the latest stunnel recompiled on a debian squeeze, the best I can get is: error queue: 140B0009: error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib SSL_CTX_use_PrivateKey_file: 906D06C: error:0906D06C:PEM routines:PEM_read_bio:no start line However, if I put these very same pem files in a directory as a CApath option instead (c_rehash applied) everything works fine. But The pem files are identical ! I've read http://stunnel.mirt.net/pipermail/stunnel-users/2010-November/002854.html but it seems a bit different The startssl-chain.pem was created with: wget http://www.startssl.com/certs/ca.pem wget http://www.startssl.com/certs/startssl.ca.pem cat sub.class1.server.ca.pem ca.pem > startssl-chain.pem I guess that may be the cause of the problem? What should I do to pass these pem files as stunnel.conf options instead of using the CApath? Guylhem