@@ -82,10 +82,12 @@
  *		X509 certificate.
  *
  *------------------------------------------------------*
  */
 
+#define CERT_STR_SIZE 16384
+
 Tcl_Obj*
 Tls_NewX509Obj( interp, cert)
     Tcl_Interp *interp;
     X509 *cert;
 {
@@ -96,11 +98,12 @@
     char subject[BUFSIZ];
     char issuer[BUFSIZ];
     char serial[BUFSIZ];
     char notBefore[BUFSIZ];
     char notAfter[BUFSIZ];
-    char certStr[BUFSIZ];
+    char certStr[CERT_STR_SIZE], *certStr_p;
+    int certStr_len, toRead;
 #ifndef NO_SSL_SHA
     int shai;
     char sha_hash_ascii[SHA_DIGEST_LENGTH * 2 + 1];
     unsigned char sha_hash_binary[SHA_DIGEST_LENGTH];
     const char *shachars="0123456789ABCDEF";
@@ -134,13 +137,27 @@
 	n = max(n, 0);
 	serial[n] = 0;
 	(void)BIO_flush(bio);
 
         if (PEM_write_bio_X509(bio, cert)) {
-            n = BIO_read(bio, certStr, min(BIO_pending(bio), BUFSIZ - 1));
-            n = max(n, 0);
-            certStr[n] = 0;
+            certStr_p = certStr;
+            certStr_len = 0;
+            while (1) {
+                toRead = min(BIO_pending(bio), CERT_STR_SIZE - certStr_len - 1);
+                toRead = min(toRead, BUFSIZ);
+                if (toRead == 0) {
+                    break;
+                }
+                dprintf("Reading %i bytes from the certificate...", toRead);
+                n = BIO_read(bio, certStr_p, toRead);
+                if (n <= 0) {
+                    break;
+                }
+                certStr_len += n;
+                certStr_p   += n;
+            }
+            *certStr_p = '\0';
             (void)BIO_flush(bio);
         }
 
 	BIO_free(bio);
     }