It's not actually typically the case that a X.509 certificate will include the address of a root certificate or really even the address of any certificate higher in any certification chain. You can use openssl -x509 -out /dev-null -text -in file_containing_certificate to see what's actually in the certificate but I suspect you'll be disappointed. It's also not likely that you need a root certificate . You should be able to tell fetchmail that the CA certificate for the cite is a trust anchor and that it should just chain from there. Roots aren't actually special. If fetchmail just uses openssl you may only need to drop the CA certificate into a directory of certificates and possibly run c_rehash. _______________________________________________ Blinux-list mailing list Blinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/blinux-list