I think you need to implement that yourself. It doesn't seem "that hard". You can use the SSL_verify_callback callback of IO::Socket::SSL to do the store and verification. You can get at the certificate with Net::SSLeay::PEM_get_string_X509() (according to the documentation) and then compare or store.