This is strange... on lucid it doesn't even attempt to check for the CA file. Using the script you provided on a Karmic machine I get the following:
now cas.ucdavis.edu... open("/etc/host.conf", O_RDONLY) = 3 open("/etc/resolv.conf", O_RDONLY) = 3 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3 open("/etc/ld.so.cache", O_RDONLY) = 3 open("/lib/libnss_mdns4_minimal.so.2", O_RDONLY) = 3 open("/etc/ld.so.cache", O_RDONLY) = 3 open("/lib/tls/i686/cmov/libnss_dns.so.2", O_RDONLY) = 3 open("/etc/resolv.conf", O_RDONLY) = 3 open("/dev/urandom", O_RDONLY|O_NOCTTY|O_NONBLOCK) = 4 open("/etc/ssl/certs/594f1775.0", O_RDONLY|O_LARGEFILE) = 4 open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3 open("/etc/ssl/certs/594f1775.0", O_RDONLY|O_LARGEFILE) = 4 try ssl to google... open("/etc/hosts", O_RDONLY|O_CLOEXEC) = 3 open("/etc/gai.conf", O_RDONLY) = 3 open("/etc/ssl/certs/7651b327.0", O_RDONLY|O_LARGEFILE) = 4 open("/dev/urandom", O_RDONLY) = 0 open("/dev/urandom", O_RDONLY) = 0 open("/dev/urandom", O_RDONLY) = 0 I'm puzzled why Lucid doesn't check for the CA. As you can see from above the server's cert is offered and verified on a Karmic machine. The file referenced above (/etc/ssl/certs/594f1775.0) exists on both machines and has the same sha1sum: 03de306e6bead81b0de390a2c47ba264139e4e69 /etc/ssl/certs/594f1775.0 Long shot, but, I did notice that the Issuer CN on the cas.ucdavis.edu cert doesn't have a value. Is it required? -- fopen fails on some SSL urls https://bugs.launchpad.net/bugs/592442 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs