diff --git a/src/openvpn/pkcs11_mbedtls.c b/src/openvpn/pkcs11_mbedtls.c
index 66aefac..bf9d953 100644
--- a/src/openvpn/pkcs11_mbedtls.c
+++ b/src/openvpn/pkcs11_mbedtls.c
@@ -42,6 +42,16 @@
 static bool
 pkcs11_get_x509_cert(pkcs11h_certificate_t pkcs11_cert, mbedtls_x509_crt *cert)
 {
+    /* We set a maximum size for certificates so that the PKCS provider cannot crash OpenVPN by
+     * making it try to allocate 2^64 bytes. The maximum of 100.000 bytes is picked as a round
+     * number that easily accomodates the currently standardized quantum-safe signature algorithms.
+     * It is twice the size of a SLH-DSA (aka SPHINCS+) signature plus public key.
+     *
+     * However, there are additional digital signature schemes currently on the NIST on-ramp
+     * (e.g., some parameter settings for LESS) that have even larger public keys or signatures, so
+     * if those ever see use on smartcards, we will need to increase this number. */
+    const size_t max_cert_size = 100000;
+
     unsigned char *cert_blob = NULL;
     size_t cert_blob_size = 0;
     bool ret = false;
@@ -52,6 +62,12 @@
         goto cleanup;
     }
 
+    if (cert_blob_size > max_cert_size)
+    {
+        msg(M_WARN, "PKCS#11: Certificate too large: %lu bytes, maximum is %lu", cert_blob_size, max_cert_size);
+        goto cleanup;
+    }
+
     check_malloc_return((cert_blob = calloc(1, cert_blob_size)));
     if (pkcs11h_certificate_getCertificateBlob(pkcs11_cert, cert_blob, &cert_blob_size) != CKR_OK)
     {