New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto/x509: ParseCertificate error: PrintableString contains invalid character #21339
Comments
the certificate can be parsed in php... `// isPrintable reports whether the given b is in the ASN.1 PrintableString set.
}` |
How did you generate this certificate? |
not my certificate...i can't change it |
I'm sorry, this certificate is not valid. Some implementations may accept it, but Go's strict implementation will not accept it. |
Which device or manufacturer generated this certificate? /cc @agl |
I know it contains gbk characters, but the certificate is generated by another company... |
It was also generated 16 years ago, and expired 14 years ago. It's not valid even if it could be parsed. |
............ |
@tonyjt i'm just trying to help mate. Please be mindful that there is a live human on the other side of this discussion. I appreciate you are frustrated, but as a volunteer, it is not appropriate to direct that frustration at others. |
I ask them to regenerate the certificate, but they say no... |
looks like clone the asn1 and x509 packages is the only solution for me, appericate for you help |
Why won't they regenerate the certificate? It expired 14 years ago. |
I went to have a look at the RFC: https://www.ietf.org/rfc/rfc5280.txt At page 113, it seems to say that
|
Correct, but their certificate indicates that this is a PrintableString. They could choose to use another encoding, but they chose PrintableString. |
Why won't they regenerate the certificate? What use is a certificate that expired 14 years ago, even if you could decode it, you'd have to tell the TLS package to ignore the fact it is expired. At that point, why use a certificate at all? |
i don't know, maybe they think it works in java and php... |
I can't see a bug here. If you're asking that the parser be more lenient, other saner cases would break; programs relying on the parser erroring on invalid certificates of this kind, for example. Is there a good reason to consider this change, other than "it makes my program work with an old certificate whose issuer won't fix it"? |
Timed out in state WaitingForInfo. Closing. (I am just a bot, though. Please speak up if this is a mistake or you have the requested information.) |
Please answer these questions before submitting your issue. Thanks!
What version of Go are you using (
go version
)?1.8
What operating system and processor architecture are you using (
go env
)?mac
What did you do?
parse certificate
If possible, provide a recipe for reproducing the error.
A complete runnable program is good.
A link on play.golang.org is best.
https://play.golang.org/p/txkxbM56OI
What did you expect to see?
parse certificate success
What did you see instead?
asn1: syntax error: PrintableString contains invalid character
The text was updated successfully, but these errors were encountered: