Beats me. When I look at my cert with openssl x509 -text, I don't see
a path length constraint.
Charles
On Aug 1, 2008, at 2:34 PM, I8abyte wrote:
On Fri, Aug 1, 2008 at 9:50 AM, Charles Bacon <[EMAIL PROTECTED]>
wrote:
On Aug 1, 2008, at 6:45 AM, I8abyte wrote:
I tinkered with the -xo and the -xi options but no luck but I'm not
sure I'm doing it correctly. The <dcau>false</dcau> inside the
<rftOptions> block did nothing, it still complains about the CA path
length. I'd still like to hear your take on it, or anyone else's.
My naive question is, who's your issuer and why did they put a
pathlen 2
restriction on your certificate? It seems like either they could
remove
that restriction or you could get a different issuer.
Charles
I have trusted CAs ... I've cleared the diags ... does it matter one
red-cent what the path length is besides zero "0"? I thought anything
over "0" was chain-able ... educate me or point me elsewhere...
