https://redmine.ruby-lang.org/https://redmine.ruby-lang.org/favicon.ico?17113305112014-02-08T20:46:23ZRuby Issue Tracking SystemRuby master - Bug #9504: X509 certificate incorrectly loaded (because of try-pem-first-else-asn1)https://redmine.ruby-lang.org/issues/9504?journal_id=450322014-02-08T20:46:23Zrep (Mark Schloesser)ms@mwcollect.org
<ul></ul><p>My patch means you can load the certificate like this:</p>
<pre><code>x509 = OpenSSL::X509::Certificate.new(cert, "DER")
</code></pre>
<p>I guess having some module level constants for this (<code>FILETYPE_PEM</code>, <code>FILETYPE_ASN1</code>) would be better. Sadly I'm not a ruby guy by day, and I'd appreciate if someone cleans this up to be more clean :)</p> Ruby master - Bug #9504: X509 certificate incorrectly loaded (because of try-pem-first-else-asn1)https://redmine.ruby-lang.org/issues/9504?journal_id=455992014-03-03T16:29:20Znagachika (Tomoyuki Chikanaga)nagachika00@gmail.com
<ul><li><strong>Status</strong> changed from <i>Open</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>MartinBosslet (Martin Bosslet)</i></li></ul><p>Hello, Mark.<br>
Thank you for your reporting.</p>
<p>Martin, could you handle this?</p> Ruby master - Bug #9504: X509 certificate incorrectly loaded (because of try-pem-first-else-asn1)https://redmine.ruby-lang.org/issues/9504?journal_id=541242015-09-13T03:10:45Zzzak (zzak _)
<ul><li><strong>Assignee</strong> changed from <i>MartinBosslet (Martin Bosslet)</i> to <i>7150</i></li></ul> Ruby master - Bug #9504: X509 certificate incorrectly loaded (because of try-pem-first-else-asn1)https://redmine.ruby-lang.org/issues/9504?journal_id=806012019-08-11T17:41:52Zjeremyevans0 (Jeremy Evans)merch-redmine@jeremyevans.net
<ul><li><strong>File</strong> <a href="/attachments/7985">nested-asn1-9504.patch</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/7985/nested-asn1-9504.patch">nested-asn1-9504.patch</a> added</li><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Feedback</i></li><li><strong>Backport</strong> deleted (<del><i>1.9.3: UNKNOWN, 2.0.0: UNKNOWN, 2.1: UNKNOWN</i></del>)</li></ul><p>I worked on implementing support for adding a :format keyword to <code>OpenSSL::X509::Certificate#initialize</code>, allowing you to specify <code>format: :der</code> if you didn't want to try loading it as a PEM. A patch for that is attached (for the ruby-openssl repository).</p>
<p>For the certificate provided, using LibreSSL 3.0.0, both <code>PEM_read_bio_X509</code> and <code>d2i_X509_bio</code> with the certificate return NULL, with the OpenSSL error: "nested asn1 error". Are you actually able to get the certificate to work with a modern version of OpenSSL or LibreSSL?</p> Ruby master - Bug #9504: X509 certificate incorrectly loaded (because of try-pem-first-else-asn1)https://redmine.ruby-lang.org/issues/9504?journal_id=868472020-07-30T18:45:25Zjeremyevans0 (Jeremy Evans)merch-redmine@jeremyevans.net
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Closed</i></li></ul>