I think that is a long standing openssl bug that it demands full chains, and more so it trips up not only when the chain is incomplete, but also where there are extra chains, which are redundant; and if any of them have untrusted certs, or certs of small sizes / old hashes (aka legacy chains) it also refuses to establish connections.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1919563 Title: updated sssd with smart cards now brick systems without full cert chain To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1919563/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
