Hi All, We have a scenario where HA proxy might send a large of "Acceptable client certificate CA names" to the client as part of the "Certificate Request" message. What we see on the client side, is that it balks with the following error: >>> TLS 1.2 Alert [length 0002], fatal illegal_parameter 02 2f 139911422498632:error:1408E098:SSL routines:SSL3_GET_MESSAGE:excessive message size:s3_both.c:512: ---
Now, for the moment we worked arpound the problem by preventing the server from sending down the client certificate request, but we're wondering if: 1 - Anyone is aware of this issue or if there is a limitation to the number of names that the server can send down? 2 - Is there a way to send the client request, but avoid sending the list of "acceptable client certificate CA names" Regards, Mihir