GPGSM: Chain too long on cross signed certificate
Open, NormalPublic

Description

Attached is a certificate that made Kleopatra crash (related issue) but it also
causes GPGSM to fail when it is used as a recipient with:

gpgsm: certificate chain too long

gpgsm: can't encrypt to 'guido@guido-w.de': Bad certificate chain

The likely cause for it is that it has a cyclic issuer chain where:

The Comodo CA certificate is signed by AddTrust External CA Root, which itself
is cross signed by UTN - DATACorp SGC, meaning UTN - DATACorp SGC is itself
again signed by AddTrust.

Details

External Link
https://bugs.kde.org/show_bug.cgi?id=376563
Version
master
aheinecke set External Link to https://bugs.kde.org/show_bug.cgi?id=376563.
aheinecke set Version to master.
aheinecke added a subscriber: aheinecke.