Hi,
So rlm_rest says "please check issuer certificate", and libcurl says "failed to validate peer".
Maybe libcurl is expecting the peer cert to be signed by the CA? And instead it's signed by an intermediary CA?
Try using the issuing CA instead of the root CA.
Neither root-only, intermediate-only, or both concatenated worked. But putting the individual CA certs for root and intermediate in two distinct files in the directory, c_rehash, and then using ca_path instead of ca_file *did* work. Thanks! Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 2, avenue de l'Université L-4365 Esch-sur-Alzette Tel: +352 424409 1 Fax: +352 422473 PGP key updated to 4096 Bit RSA - I will encrypt all mails if the recipient's key is known to me http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66