--- mutt_ssl_gnutls.c.orig
+++ mutt_ssl_gnutls.c
@@ -999,6 +999,7 @@
   unsigned int cert_list_size = 0;
   gnutls_certificate_status certstat;
   int certerr, i, preauthrc, savedcert, rc = 0;
+  int rcpeer;
 
   if (gnutls_auth_get_type (state) != GNUTLS_CRD_CERTIFICATE)
   {
@@ -1024,6 +1025,9 @@
   for (i = 0; i < cert_list_size; i++) {
     rc = tls_check_preauth(&cert_list[i], certstat, conn->account.host, i,
                            &certerr, &savedcert);
+    if (i == 0)
+      rcpeer = rc;
+
     preauthrc += rc;
 
     if (savedcert)
@@ -1049,7 +1053,7 @@
         dprint (1, (debugfile, "error trusting certificate %d: %d\n", i, rc));
 
       certstat = tls_verify_peers (state);
-      if (!certstat)
+      if (!certstat && !rcpeer)
         return 1;
     }
   }