On 10/15/2011 6:37 AM, al_9x at yahoo.com wrote: > If the leaf (server) cert is declared trusted (added to the cafile), > there is no point in walking the trust chain. > Please explain why it's necessary to add the whole chain to cafile. Why is just the server cert insufficient? Thanks.