Relates :
|
|
Relates :
|
Currently the server is just throwing an exception when creating CertificateRequest, if all authorities cannot fit into the maximum allowed vector. An alternative approach is to send an empty list instead. This is what Microsoft suggests as a possible workaround: https://support.microsoft.com/en-us/kb/933430 (Method 3). RFC allows sending empty list of authorities: http://tools.ietf.org/html/rfc5246 The behavior can be controlled with a CL switch.
|