It seems that using SSLCACertificateFile only the first certificate is checked against client requests.
Could it be the way the CACertificateFile was created (e.g. missing commas or separators between certs)?