On 20/10/2021 10:56, Vishal Sinha wrote:
We are using openssl 1.1.1c version on our client and server. Client and Server are doing EAP-TLS authentication using certificates which are more than 4k in size (using 1 root CA and 2 intermediate CAs). We noticed that the server is not able to handle it gracefully due to insufficient buffer size during SSL handshake and hence authentication fails. To solve this issue, we increased the buffer size to 8k programmatically and authentication passed. Is there any other way to solve this problem?
Which buffer did you change? Do you have an example certificate that is shareable? Is it the certificate that is too large, or the whole chain?
Matt
