>How deep does the certificate chain have to be? It does not matter.
>If I have 2 self-signed CA certificates, and a non-CA certificate is received >for verification, will this hit the problem? >Also, is it a condition of the bug that both CA certificates have to have the >same subject names and keys, as suggested in the file? I think you are confused. The bug is not about CA's. It's about a non-CA fooling the runtime into treating it as if it were a CA and being able to issue a certificate. _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users