Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto/x509: SystemCertPool() can return nil,nil #21405

Closed
champtar opened this issue Aug 11, 2017 · 5 comments
Closed

crypto/x509: SystemCertPool() can return nil,nil #21405

champtar opened this issue Aug 11, 2017 · 5 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone

Comments

@champtar
Copy link

What version of Go are you using (go version)?

1.8

What operating system and processor architecture are you using (go env)?

debian9 lxc (no certificates on the system) / amd64

What did you do?

https://play.golang.org/p/9uFYp2M6PT

What did you expect to see?

I expected to have either an error or an empty certPool

What did you see instead?

both CertPool and error are nil when there is no certificates found on the system
If you think this is the correct behavior maybe add a small warning in the documentation

Regards
Etienne

@nussjustin
Copy link
Contributor

This only affects Unix and Plan9, all other operating systems will return an empty pool when no certificates are found from what I see.

@shreyas1996
Copy link

shreyas1996 commented Aug 13, 2017

certpool
As you can see,this is the output we get when we run it on a windows based system..
Here is the source code for the function you used..
https://golang.org/src/crypto/x509/cert_pool.go?s=730:770#L22
there it is..
this might be the expected output.
i hope u got the doubt.. if not please help me understand it using a suitable use case
Regards
Shreyas

@nussjustin
Copy link
Contributor

@shreyas1996 Using SystemCertPool under Windows is issue #16736, see the issue description in #18609 for the basic problem with it unter windows. This issue is about a (nil, nil) return value under Unix (and Plan 9)

@shreyas1996
Copy link

oh okay.. i will check that too
But as stated above by @champtar used that function.. i thought maybe he/she was concerned as to why such an output was displayed when the expected one is different.
anyways,thanks for pointing it out @nussjustin

@ianlancetaylor ianlancetaylor changed the title x509.SystemCertPool() can return nil,nil crypto/x509: SystemCertPool() can return nil,nil Mar 30, 2018
@ianlancetaylor ianlancetaylor added the NeedsFix The path to resolution is known, but the work has not been done. label Mar 30, 2018
@gopherbot
Copy link

Change https://golang.org/cl/103596 mentions this issue: crypto/x509: don't return nil, nil from SystemCertPool

@ianlancetaylor ianlancetaylor added this to the Unplanned milestone Mar 30, 2018
@golang golang locked and limited conversation to collaborators Apr 13, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
Development

No branches or pull requests

5 participants