OpenSSL 1.1.1 on Centos 8 Ticket-based resumption I'm getting a repeatable error from a client call to SSL_connect() of "14228044:SSL routines:construct_ca_names:internal error". Packet capture shows an Alert being sent by the client before anything is received from the server. The error only occurs when the client is trying to resume a previous session, and (here's the odd part) only when the client is set up to offer a client certificate. [I can change the client config to stop it offering this client-cert, and the resumption works just fine] I *think* possibly also the precise nature of that client cert matters; a testcase I set up away from my production system failed to induce the error. The client cert is loaded using SSL_CTX_use_certificate_chain_file(); the file contains a private-key and a 3-element chain with a Lets Encrypt cert (leaf, signer, CA-root). The CA is sha1/rsa, the other two are sha256/rsa. The preceding TLS session is logged as using "TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256" Any ideas? -- Thanks, Jeremy
