On Tue, Sep 06, 2016 at 10:52:32PM +0200, Jakob Bohm wrote: > Could this be related to the recent work to treat the list of > certificates as a SET of potentially relevant certificates > rather than as an ordered list of certificates that must form > the trust chain? No, just a violation of the PEM format. PEM files are text files so NUL bytes are not supported. It so happens that leading NUL bytes don't work well as C strings, and the PEM reader assumes that a zero length input line is effectively EOF. -- Viktor.