-
Notifications
You must be signed in to change notification settings - Fork 129
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x509-cert: parse failure on publicly known certificate #821
Comments
Here's how OpenSSL parses it:
Edit: Educated guess is that it's the negative serial number, which is technically an RFC violation (but one that the RFC recognizes and says consumers |
Yeah, I agree it's the negative serial number. The current "Fixing" this would require adding a signed We don't currently have a signed |
Makes sense. I can work on a proper |
The good news is that it "works," at least until it hits a cert that x509-cert can't parse yet. See: RustCrypto/formats#821 Signed-off-by: William Woodruff <william@yossarian.net>
Ran into this in my continued adventures with Windows cert store parsing: the cert identified as
28903a635b5280fae6774c0b6da7d6baa64af2e8
fails with:Here's the cert, in PEM form:
I can debug this on my own; just filing for visibility.
The text was updated successfully, but these errors were encountered: