in reply to LWP, "certificate verify failed" on known good certificate (paypal.com)

Maybe curl and openssl use the PEM files that are installed globally on your system while Mozilla::CA contains different certificates?

I'm not sure how you can easily/conveniently compare the certificate chains between Mozilla::CA and the OS. Maybe you can try and set the global certificate through 

    IO::Socket::SSL::default_ca(  SSL_ca_path => '/etc/ssl/...' );

[download]

Replies are listed 'Best First'.
Re^2: LWP, "certificate verify failed" on known good certificate (paypal.com)
by tunafish (Beadle) on May 31, 2015 at 07:46 UTC

    Nailed it!

    I fixed the problem by adding ssl_opts => { verify_hostname => 1, SSL_ca_file => '/path/to/servers/ca-bundle'} to LWP::UserAgent->new().

[reply]

In Section Seekers of Perl Wisdom