The Perl Advent Calendar needs more articles for 2022. Submit your idea today!


Mozilla::CA - Mozilla's CA cert bundle in PEM format


    use IO::Socket::SSL;
    use Mozilla::CA;

    my $host = "";
    my $client = IO::Socket::SSL->new(
        PeerHost => "$host:443",
        SSL_verify_mode => 0x02,
        SSL_ca_file => Mozilla::CA::SSL_ca_file(),
        || die "Can't connect: $@";

    $client->verify_hostname($host, "http")
        || die "hostname verification failure";


Mozilla::CA provides a copy of Mozilla's bundle of Certificate Authority certificates in a form that can be consumed by modules and libraries based on OpenSSL.

The module provide a single function:


Returns the absolute path to the Mozilla's CA cert bundle PEM file.



For the bundled Mozilla CA PEM file the following applies:

    This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at

The Mozilla::CA distribution itself is available under the same license.