It seems that X509_STORE_CTX_init arbitrarily limits the depth of the cert chain that can be checked to 9 certificates. Is this a bug, feature (dos prevention?) or just arbitrary? If it is a feature then it would be nice to provide a API call to modify the default. I'll send a patch if such a thing would be accepted.
/Sam ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
