Hello - I'm trying to use the Net::SSL perl module to do a simple https request to PayPal.com. Everything seems to work fine, except I get the following message embedded in the response: Client-SSL-Warning: Peer certificate not verified Now, from how it looks, it is trying to tell me that the server certificate was not verified. Is this correct? (My client doesn't have a certificate, but from the other messages in the response, it seems to be referred to the server as the peer.) My guess is is that the PayPal's certificate is not being verified because I don't have the appropriate CA certificates stashed somewhere (they are signed by VeriSign). However, I tried to include the verisign .pem files that are included in the openssl distribution, and then I told the perl script to use them by setting the HTTPS_CA_DIR environment variable, but when I do that, the SSL negotiation fails with the following error: 500 (Internal Server Error) SSL negotiation failed: error:1407E086:SSL routines:SSL2_SET_CERTIFICATE:certificate verify failed ; at /usr/lib/perl5/site_perl/5.6.0/i386-linux/Net/SSL.pm line 138. What am I doing wrong? Sorry, I've been trying to read through the news group and documentation, but I'm still stumped. thanks, Steve ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
