[Help-gnutls] How to restrict certification path length

Sascha Ziemann sascha.ziemann at secunet.com
Wed Jan 10 12:03:16 CET 2007


is it possible to specify the maximum certification path length in a
configuration file for certtool? Internet explorer reports the path
length of certificates made by certtool as unlimited.

I have a Root CA, which signs an Issuer CA, and an Issuer CA , which
signs client and server certificates. I would like to restrict the path
length of the Root CA to two and the path length of the issuer CA to one
in order to avoid any hacks made with the client or server certificates.


More information about the Gnutls-help mailing list