Maybe you can analyze the SSL problem using analyze-ssl.pl?

Most likely you will have to tell the SSL socket that it's OK to connect to the other end, ideally by allowing a known good hash if you cannot add the site certificate.

Makes sense, the windows version does throw an error but it works, that error is

*******************************************************************
 Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
 is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER 
 together with SSL_ca_file|SSL_ca_path for verification.
 If you really don't want to verify the certificate and keep the
 connection open to Man-In-The-Middle attacks please set
 SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
[download]

Given the warning you show on the (working) Windows version and that you don't get the warning on the non-working Linux version I guess that you are using a very old version of IO::Socket::SSL on Windows which by default does not check any certificates while your Linux version is newer and does check certificates. The warning you see in Windows was removed about 4 years ago when the switch was made to checking certificates by default.

This leaves you with the following options to deal with the problem: The best way is to add the proper trust settings by specifying the issuer certificate with the SSL_ca_file option or use SSL_fingerprint option in newer versions of IO::Socket::SSL to just trust a specific certificate. The bad way is to ignore any security and simply disable certificate checking by setting SSL_verify_mode to 0 (SSL_VERIFY_NONE).

thank you noxxi !! I hacked in the old win ActiveState IO::Socket::SSL.pm into the linux dist. This communication path happens inside a secure network, so I am not worried (yet) about the insecure nature. Thanks again.

Please show us the relevant code, along with the relevant error messages.

Unfortunately it is on a locked down network. I'd have to take a pic with my phone. The error is comes from here POP3client.pm . There error says could not connect SSL socket host,995

   if ( $me->{USESSL} ) {
      if ( $me->Port() == 110 ) { $me->Port( 995 ); }
        eval {
      require IO::Socket::SSL;
    };
      $s = IO::Socket::SSL->new( PeerAddr => $me->Host(),
                 PeerPort => $me->Port(),
                 Proto    => "tcp",
                 Type      => SOCK_STREAM,
                 LocalAddr => $me->LocalAddr(),
                 Timeout   => $me->{TIMEOUT} )
    or $me->Message( "could not connect SSL socket [$me->{HOST}, $me->
+{PORT}]: $!" )
      and return 0;
      $me->{SOCKET} = $s;
[download]

I can reach the server and port using telnet.

The following will create a man in the middle attack vector, but perhaps it's worth a try to see if it helps. Add the following line to your socket initialization call (new()):

SSL_verify_mode => SSL_VERIFY_NONE
[download]