Hi Marcus, - if (ret) + if (ret && endCert) ret = netconn_verify_cert( endCert, store, server ); In this case you'll return TRUE if endCert is NULL, implying that the certificate chain is valid when it most likely isn't, or at least its validity couldn't be verified. If you could add an "else ret = FALSE" branch that'd be preferable. Thanks, --Juan