The jp2a tool, linked to libcurl-gnutls, has the same problem. See below. The curl command line tool itself uses openssl. So it seems the distinction is between libcurl3-openssl and libcurl3-gnutls.
$ jp2a -d https://www.vanbest.eu/images/sm_logo.png * About to connect() to www.vanbest.eu port 443 (#0) * Trying 2001:980:630b:1::13... * connected * Connected to www.vanbest.eu (2001:980:630b:1::13) port 443 (#0) * found 159 certificates in /etc/ssl/certs/ca-certificates.crt * server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none * Closing connection #0 * Peer certificate cannot be authenticated with given CA certificates Empty input file $ ldd /usr/bin/jp2a linux-vdso.so.1 => (0x00007fffcddff000) libjpeg.so.8 => /usr/lib/x86_64-linux-gnu/libjpeg.so.8 (0x00007f2e02cc0000) libcurl-gnutls.so.4 => /usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4 (0x00007f2e02a5f000) libncurses.so.5 => /lib/libncurses.so.5 (0x00007f2e02818000) libtinfo.so.5 => /lib/x86_64-linux-gnu/libtinfo.so.5 (0x00007f2e025ef000) libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f2e02265000) libidn.so.11 => /usr/lib/libidn.so.11 (0x00007f2e02032000) libssh2.so.1 => /usr/lib/libssh2.so.1 (0x00007f2e01e0e000) liblber-2.4.so.2 => /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2 (0x00007f2e01bff000) libldap_r-2.4.so.2 => /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2 (0x00007f2e019ad000) librt.so.1 => /lib/x86_64-linux-gnu/librt.so.1 (0x00007f2e017a5000) libgssapi_krb5.so.2 => /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2 (0x00007f2e01566000) libz.so.1 => /lib/x86_64-linux-gnu/libz.so.1 (0x00007f2e0134e000) libgnutls.so.26 => /usr/lib/x86_64-linux-gnu/libgnutls.so.26 (0x00007f2e0108e000) libgcrypt.so.11 => /lib/x86_64-linux-gnu/libgcrypt.so.11 (0x00007f2e00e10000) librtmp.so.0 => /usr/lib/librtmp.so.0 (0x00007f2e00bf7000) libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f2e009f3000) /lib64/ld-linux-x86-64.so.2 (0x00007f2e02f10000) libresolv.so.2 => /lib/x86_64-linux-gnu/libresolv.so.2 (0x00007f2e007dc000) libsasl2.so.2 => /usr/lib/x86_64-linux-gnu/libsasl2.so.2 (0x00007f2e005c1000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f2e003a5000) libkrb5.so.3 => /usr/lib/x86_64-linux-gnu/libkrb5.so.3 (0x00007f2e000d0000) libk5crypto.so.3 => /usr/lib/x86_64-linux-gnu/libk5crypto.so.3 (0x00007f2dffea7000) libcom_err.so.2 => /lib/libcom_err.so.2 (0x00007f2dffca4000) libkrb5support.so.0 => /usr/lib/x86_64-linux-gnu/libkrb5support.so.0 (0x00007f2dffa9a000) libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00007f2dff898000) libtasn1.so.3 => /usr/lib/libtasn1.so.3 (0x00007f2dff688000) libp11-kit.so.0 => /usr/lib/x86_64-linux-gnu/libp11-kit.so.0 (0x00007f2dff475000) libgpg-error.so.0 => /lib/x86_64-linux-gnu/libgpg-error.so.0 (0x00007f2dff272000) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org