Heya!
Seems like SSL questions are _the_ best blockers for my brains!
I upgraded a server from ubuntu lucid to trusty and since then, with all ssl client programs, I always get the error stated in the title.
I found posts mentioning that I should work with update-ca-certificates and link everything to /etc/ssl/certs/ca-certificates.crt, which does work for things like curl. But it doesn't work with puppet and is ugly!
So I played with strace to see what's wrong and the issue is that whatever the website, it always prompts for a non-existing certificate:
google.ca: /etc/ssl/certs/578d5c04.0
www.instantssl.com: /etc/ssl/certs/157753a5.0
www.digicert.com: /etc/ssl/certs/244b5494.0
I also looked at the certificate chains but I found no interesting common points.
Lastly, I made sure to upgrade all my certificate packages.
Anyone got some inspiration? =D
Thanks!