building ca chain -- duplicates
Here in 2.2.1, I build the ca chain on my client with some mbedtls_x509_crt_parse_file() and mbedtls_x509_crt_parse_path() applied to likely locations for the ca bundle, but thanks to symlinks I end up with four or five copies of each cert.
I'm trying to stick to the function interface as much as possible and not dig through data structures very much to minimize rewriting over time, but I haven't found anything to take care of this.
The solution would be to create a 'smarter' certificate chain builder that checks the chains for duplicates before adding them.
Not something currently on our roadmap.