You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've a HTTP server with a bad PEM certificate.
If i do an HTTP request on this host, even if i set InsecureSkipVerify: true it will fail due to this certificate decoding error.
i will get the error: Error: "failed to parse certificate: x509: cannot parse IP address of length 9"
What did you expect to see?
If I use InsecureSkipVerify i expect http library to skip the verification of the server's SSL certificate.
But it check the SSL certificate by parsing the PEM certificate, so it's failing.
I'm not expecting GOLANG to parse the PEM certificate with the InsecureSkipVerify option.
Note about PEM validity
If i open my certificate with gnome "gcr-viewer" the IP read works:
$ gcr-viewer cert.pem
but not with openSSL, it say IP address is invalid:
$ openssl x509 -text -noout -in cert.pem
X509v3 extensions:
X509v3 Subject Alternative Name:
DNS:localhost, DNS:Ludovic, DNS:ludovic, DNS:Ludovic, DNS:ludovic, IP Address:<invalid length=9>, IP Address:<invalid length=39>
The text was updated successfully, but these errors were encountered:
staverne
changed the title
crypto/x509: cannot parse certificate with ipv6 IP 0000:0000:0000:0000:0000:0000:0000:0001
crypto/x509: cannot parse certificate IP & net/http cannot ignore this certificate error
Feb 20, 2024
Go version
go version go1.22.0 linux/amd64
Output of
go env
in your module/workspace:What did you do?
https://go.dev/play/
What did you see happen ?
I've a HTTP server with a bad PEM certificate.
If i do an HTTP request on this host, even if i set
InsecureSkipVerify: true
it will fail due to this certificate decoding error.i will get the error:
Error: "failed to parse certificate: x509: cannot parse IP address of length 9"
What did you expect to see?
If I use InsecureSkipVerify i expect http library to skip the verification of the server's SSL certificate.
But it check the SSL certificate by parsing the PEM certificate, so it's failing.
I'm not expecting GOLANG to parse the PEM certificate with the InsecureSkipVerify option.
Note about PEM validity
If i open my certificate with gnome "gcr-viewer" the IP read works:
$ gcr-viewer cert.pem
but not with openSSL, it say IP address is invalid:
$ openssl x509 -text -noout -in cert.pem
The text was updated successfully, but these errors were encountered: