Hi Rob, > As Matthias already said, disabling the sslcertck option makes a > mockery of using SSL. Not necessarily. When checking the certificate's fingerprint with sslfingerprint, nosslcertck should suppress all warnings about incomplete certificate chains. Best regards, -hannes