<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Thank you for clarifying.<br>
I generated a new self-signed certificate and verify=4 works.<br>
<br>
However, when I generate a non-self-signed certificate signed by a
third party CA, "verify=4" gives me the same error as in my initial
post. It still expects to find CA's certificate together with the
server's certificate in CAfile.<br>
The description in manpage is:<strong><a name="level_4"
class="item"><br>
<br>
level 4</a></strong> Ignore CA chain and only verify peer
certificate.
<br>
<br>
Apparently the description is inaccurate.<br>
</body>
</html>