I guess that line 217 in zpwmatch.c should read return ok ? NULL : "Authentication Failed"; and not return (strcmp(cr, spw->sp_pwdp) == 0) ? NULL : "Authentication Failed"; like now... I was to hasty about my previous TLS investigatron results. Something is badly broken, still. But probably not SSL support itself but rather AUTH logic... Continue investigation. Eugene