Use $OPENSSL_X509_CERT_FILE to get the CA certificates. diff -ru -x '*~' LWP-Protocol-https-6.02-orig/lib/LWP/Protocol/https.pm LWP-Protocol-https-6.02/lib/LWP/Protocol/https.pm --- LWP-Protocol-https-6.02-orig/lib/LWP/Protocol/https.pm 2011-03-27 13:54:01.000000000 +0200 +++ LWP-Protocol-https-6.02/lib/LWP/Protocol/https.pm 2011-10-07 13:23:41.398628375 +0200 @@ -21,6 +21,11 @@ } if ($ssl_opts{SSL_verify_mode}) { unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { + if (defined $ENV{'OPENSSL_X509_CERT_FILE'}) { + $ssl_opts{SSL_ca_file} = $ENV{'OPENSSL_X509_CERT_FILE'}; + } + } + unless (exists $ssl_opts{SSL_ca_file} || exists $ssl_opts{SSL_ca_path}) { eval { require Mozilla::CA; };