The -tlsVerifyDepth option is used to define the verification depth, in other words the maximum permissible number of certificates between the FTP client certificate and the certificate which is known to the FTP server.
Here you must note the following:
If the value 1 (default) is specified as the maximum depth, the client certificate must have been signed directly by a Certificate Authority (CA) that the FTP server knows for it to be accepted.
If the maximum depth is exceeded, the connection is cleared, unless mandatory verification of the FTP client certificate has been disabled with -tlsVerifyClient NONE (see "-tlsVerifyClient") or -tlsVerifyClient OPTIONAL.
Specifying the depth as 0 is meaningless. In this case only self-signed certificates would be permissible.
-tlsVerifyDepth |
<depth> |
<depth>
Maximum permissible number of certificates between the FTP client certificate and the certificate which is known to the FTP server.
Default: 1