Okay, so I've figure out what the problem was with cert verification. Someone please apply that patch :P
Meanwhile, a certain module I've written that uses Crypt::SSLeay will need to work rather securely. And I've noticed at least one version (0.23, I think) that doesn't properly verify certs - I gave it a fake cert and it didn't even hiccup. So which versions properly verify certs? Is there a CVS server somewhere?... Mick.
