Comment 11 for bug 245634

 Let me try again.

In my message above (https://bugs.launchpad.net/bzr/+bug/245634/comments/9), I mention "cacert.pem" which I downloaded from the curl/libcurl website. I also mention "ca-bundle.crt" which is what is shipped with Fedora 9.

If I run: "curl --cacert ./cacert.pem https://launchpad.net >xxx"
it works and there is html in the xxx file.

If I copy ca-bundle.crt to my local directory and run: "curl --cacert ./ca-bundle.crt https://launchpad.net >xxx"
it also works and there is html in the xxx file.

*** This leads me to conclude that the bundle shipped with Fedora 9 does include the correct CA certificate ***

On the other hand, if I run: "curl https://launchpad.net >xxx"

or "curl --cacert /etc/pki/tls/certs/ca-bundle.crt https://launchpad.net >xxx"

it DOES NOT work and I get: curl: (60) Peer certificate cannot be authenticated with known CA certificates

Furthermore, if I run: "curl -v --cacert ./ca-bundle.crt https://launchpad.net >xxx"
in an attempt to get more diagnostic information, it ALSO DOES NOT WORK! Here I get:

* About to connect() to launchpad.net port 443 (#0)
* Trying 91.189.90.211... connected
* Connected to launchpad.net (91.189.90.211) port 443 (#0)
* CAfile: ./ca-bundle.crt
  CApath: none
* Bad certificate received. Subject = 'CN=launchpad.net,OU=Domain Control Validated,O=launchpad.net', Issuer = '<email address hidden>,CN=Starfield Secure Certification Authority,OU=http://www.starfieldtech.com/repository,O="Starfield Technologies, Inc.",L=Scottsdale,ST=Arizona,C=US'
* NSS error -8179
* Closing connection #0
* Peer certificate cannot be authenticated with known CA certificates

curl: (60) Peer certificate cannot be authenticated with known CA certificates

Just adding "-v" should not make the command fail!