On Fri, Aug 1, 2008 at 9:50 AM, Charles Bacon <[EMAIL PROTECTED]> wrote: > On Aug 1, 2008, at 6:45 AM, I8abyte wrote: > >> I tinkered with the -xo and the -xi options but no luck but I'm not >> sure I'm doing it correctly. The <dcau>false</dcau> inside the >> <rftOptions> block did nothing, it still complains about the CA path >> length. I'd still like to hear your take on it, or anyone else's. > > My naive question is, who's your issuer and why did they put a pathlen 2 > restriction on your certificate? It seems like either they could remove > that restriction or you could get a different issuer. > > > Charles >
I have trusted CAs ... I've cleared the diags ... does it matter one red-cent what the path length is besides zero "0"? I thought anything over "0" was chain-able ... educate me or point me elsewhere...
