Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

encode/pem: cannot load certificate from os.Getenv #40957

Closed
danielsussa opened this issue Aug 21, 2020 · 3 comments
Closed

encode/pem: cannot load certificate from os.Getenv #40957

danielsussa opened this issue Aug 21, 2020 · 3 comments
Labels
FrozenDueToAge

Comments

@danielsussa
Copy link

danielsussa commented Aug 21, 2020
edited

What version of Go are you using (go version)?

$ go version
go version go1.14.4 linux/amd64

Does this issue reproduce with the latest release?

Only the latest release.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/kanczuk/.cache/go-build"
GOENV="/home/kanczuk/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY="github.com/pismo/*"
GONOSUMDB="github.com/pismo/*"
GOOS="linux"
GOPATH="/home/kanczuk/go"
GOPRIVATE="github.com/pismo/*"
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go/bin"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/bin/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/kanczuk/go/src/github.com/pismo/api-cards-tokenization/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build053400513=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I've tried to load a PEM certificate using os.Getenv and parsing as a byte array to the AppendCertsFromPEM from x509 package. But when I load from env, it's aways load as a literal string and cannot be add to certificates pool. I can only load from a file, but never from a variable loaded from system.

There is a test for this case: https://play.golang.org/p/zTAPhyz7p5S (the literal on os.Setenv(``) is only for test proposal)

What did you expect to see?

func main() {
	caCertPool := x509.NewCertPool()
	ok := caCertPool.AppendCertsFromPEM([]byte(os.Getenv("CERTIFICATE")))
	fmt.Println(ok)
}
// output = true

What did you see instead?

func main() {
	caCertPool := x509.NewCertPool()
	ok := caCertPool.AppendCertsFromPEM([]byte(os.Getenv("CERTIFICATE")))
	fmt.Println(ok)
}
// output = false
@slrz
Copy link

slrz commented Aug 21, 2020
edited

The environment variable needs to include the actual newline characters, not some escape sequences.

See the modified example:
https://play.golang.org/p/raDX6FT4lzr

edit: replaced with better example.

@asad-urrahman
Copy link

OR use the double quotation marks for certificate contents.
see here (https://play.golang.org/p/40DI3hQ35Z4)

@davecheney
Copy link
Contributor

Thank you for your comments. This appears to be working as intended.

@golang golang locked and limited conversation to collaborators Aug 24, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@davecheney @slrz @gopherbot @danielsussa @asad-urrahman