[openssl-users] sendmail, openssl 1.1.1, tls1.3
ca+ssl-users at esmtp.org
Mon Oct 15 23:57:51 UTC 2018
On Mon, Oct 15, 2018, Carl Byington wrote:
> O CACertFile=/etc/pki/tls/certs/ca-bundle.crt
> pointing the CACertFile to 750KB file with 149 certificates. That just
> seems wrong, but perhaps there is some reason for it. If CACertFile is
However, do not list too many root CAs in that
file, otherwise the TLS handshake may fail; e.g.,
Please tell whoever is responsible for that default to fix it.
The certs should be in CACertPath if at all.
More information about the openssl-users