When connecting to a server with lftp, I have the following issue:

Certificate verification: Not trusted: no issuer was found (AA:AA:AA:[...]:AA:AA)

Which indicates at least that the cert verification failed. I would like to whitelist that certificate. Obviously, disabling certificate verification is not an option due to security concerns.

Here is what I already tried:

• Following that guide to retrieve certs from the server, and use them with set ssl:ca-file. Following that guide, I have three certs. I tried them all, then concatenated together, which didn't change a thing. Also tried with ssl:cert-file.
• using the same method as above with openssl s_client -connect my.server.tld:21 -starttls ftp, which yields only one certificate
• setting ssl:ca-file to the system's ca store
• using gnutls-cli works fine with the -s option, so do the above openssl s_client commands.

The certificate seems to be signed by a valid chain of trust, as far as those commands report.

Filezilla works fine, but displays the following warning, which might be related:

Server sent unsorted certificate chain in violation of the TLS specifications

I have no control over the server as I do not host it myself, but the greeter identifies itself as Pure-FTPd.

Other clients that didn't work (lack of support for ftps, or for the specific server): ftp, ncftp, dolphin (KIO), curlftpfs, tnftp, firefox