crypto/x509: code signing certificates fail to verify in macOS Ventura and later #63995
Labels
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
OS-Darwin
WaitingForInfo
Issue is not actionable because of missing required information, which needs to be provided.
Milestone
What version of Go are you using (
go version
)?Does this issue reproduce with the latest release?
Yes
What operating system and processor architecture are you using (
go env
)?go env
OutputWhat did you do?
When trying to validate a code signing certificate chain with a public certificate authority. The OS responds with "certificate is not standards compliant" on Ventura or later. Earlier versions of mac OS do not fail.
This is due to go assuming all certificates are SSL certificate, and use a SSL policy when validating the chain
What did you expect to see?
I expected the chain to validate with signature is valid, signing date: ..etc
What did you see instead?
"certificate is not standards compliant"
The text was updated successfully, but these errors were encountered: