Support for TLS_CACERTDIR has been broken. See bug 513270 I had a simmilar problem. Using an explicit TLS_CACERT with the specific crt/pem file works around.
-- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
