Description of problem:
Per bug 1493181, the OpenSSL internal X509_NAME comparison function for SSL_* is case insensitive; this prevents adding CA names which differ in case. An example of public deployment of such CA names is known.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create cert bundle with cert subject names which differ only in case
2. call SSL_load_client_CA_file() on that bundle
certs differing in case in subject are treated as duplicates and one is ignored
both certs differing in case in subject name added to X509_NAME stack
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.