Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto/tls: fails to parse certain PEM files with multiple blocks #3986

Closed
hoisie opened this issue Aug 21, 2012 · 4 comments
Closed

crypto/tls: fails to parse certain PEM files with multiple blocks #3986

hoisie opened this issue Aug 21, 2012 · 4 comments
Labels
FrozenDueToAge
Milestone
Go1.1

Comments

@hoisie
Copy link
Contributor

hoisie commented Aug 21, 2012 

What steps will reproduce the problem?
http://play.golang.org/p/_v-ah5iWAR

What is the expected output?
No error

What do you see instead?
crypto/tls: failed to parse key: ASN.1 structure error: tags don't match (2 vs {class:0
tag:16 length:725 isCompound:true}) {optional:false explicit:false application:false
defaultValue:<nil> tag:<nil> stringType:0 set:false omitEmpty:false} int @4

Which compiler are you using (5g, 6g, 8g, gccgo)?
6g

Which operating system are you using?
OSX 10.7.4

Which version are you using?  (run 'go version')
go version go1.0.2

Please provide any additional information below.

A pem file with the following order is successfully parse:

-----BEGIN RSA PRIVATE KEY----- 
... key ...
-----END RSA PRIVATE KEY----- 
-----BEGIN CERTIFICATE----- 
... cert ...
-----END CERTIFICATE----- 

But one with the order reversed does not:
-----BEGIN CERTIFICATE----- 
... cert ...
-----END CERTIFICATE----- 
-----BEGIN RSA PRIVATE KEY----- 
... key ...
-----END RSA PRIVATE KEY-----
@rsc
Copy link
Contributor

rsc commented Sep 12, 2012

Comment 1:

Labels changed: added priority-later, removed priority-triage.

Status changed to Accepted.

@rsc
Copy link
Contributor

rsc commented Sep 12, 2012

Comment 2:

Labels changed: added go1.1.

@agl
Copy link
Contributor

agl commented Sep 13, 2012

Comment 3:

This issue was closed by revision ecc04b8.

Status changed to Fixed.

@gopherbot
Copy link

Comment 4 by cristobal@monkimun.es:

This is still happening to me using go version go1.2.1 darwin/amd64

@rsc rsc added this to the Go1.1 milestone Apr 14, 2015
@rsc rsc removed the go1.1 label Apr 14, 2015
@golang golang locked and limited conversation to collaborators Jun 24, 2016
FiloSottile pushed a commit to FiloSottile/go that referenced this issue Oct 12, 2018
@agl
crypto/tls: allow certificates and key to be in either order.
d263b7d 
X509KeyPair wasn't really supposed to allow the certificate and
key to be in the same file, but it did work if you put the key
first. Since some HTTPS servers support loading keys and certs
like this, this change makes it work in either order.

Fixes golang#3986.

R=golang-dev, dave, rsc
CC=golang-dev
https://golang.org/cl/6499103
This issue was closed.
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Go1.1
Development

No branches or pull requests
4 participants
@agl @rsc @hoisie @gopherbot