On 24 October 2015 at 15:01, Amos Jeffries <squid3 at treenet.co.nz> wrote: > Set the cache_peer sslcafile= option with the PEM file containing the CA > that was used to sign the office.abc.com server certificate. Do i need to do that if the signing CA is part of the OS root bundle ?