Index: src/http_ssl.c
===================================================================
--- src/http_ssl.c
+++ src/http_ssl.c
@@ -85,15 +85,42 @@
 ** Call this routine once before any other use of the SSL interface.
 ** This routine does initial configuration of the SSL module.
 */
 void ssl_global_init(void){
   if( sslIsInit==0 ){
+    char *system_store = NULL;
+    char *detected_store = NULL;
     SSL_library_init();
     SSL_load_error_strings();
     ERR_load_BIO_strings();
     OpenSSL_add_all_algorithms();
     sslCtx = SSL_CTX_new(SSLv23_client_method());
+#if defined(__MINGW32__)
+    /* TODO Load windows cert store here. */
+#elif defined(__linux__)
+    /* Linux has a few different places to find the root certificate bundle */
+    if(file_isfile("/etc/pki/tls/cert.pem")) {
+      /* This is for RedHat derived distros */
+      detected_store = "/etc/pki/tls/cert.pem";
+    }
+    else if(file_isfile("/etc/ssl/certs/ca-certificates.crt")) {
+      /* This is for Debian derived distros, and Arch */
+      detected_store = "/etc/ssl/certs/ca-certificates.crt";
+    }
+#elif defined(__FreeBSD__)
+    detected_store =  "/usr/local/share/certs/ca-root-nss.crt";
+#elif defined(__APPLE__)
+    /* No action necessary, OpenSSL on OS X appears
+       to load the system store automatically */
+#endif
+    system_store = db_get("certificate-bundle", detected_store);
+    if(system_store != NULL) {
+      SSL_CTX_load_verify_locations(sslCtx, system_store, NULL);
+      if(detected_store == NULL) {
+        free(system_store);
+      }
+    }
     sslIsInit = 1;
   }
 }
 
 /*