<meta content="text/html; charset=ISO-8859-1"
<body text="#000000" bgcolor="#FFFFFF">
Thank you for clarifying.<br>
I generated a new self-signed certificate and verify=4 works.<br>
However, when I generate a non-self-signed certificate signed by a
third party CA, "verify=4" gives me the same error as in my initial
post. It still expects to find CA's certificate together with the
server's certificate in CAfile.<br>
The description in manpage is:<strong><a name="level_4"
level 4</a></strong> Ignore CA chain and only verify peer
Apparently the description is inaccurate.<br>