使用OpenSSL在证书文件中读取Ruby错误
[英]Ruby Error reading in Certificate File with OpenSSL
问题描述
I am trying to do a simple OpenSSL::X509::Certificate.new(File.read("testuser.p12")) from irb with ruby 1.8.7 (or 1.9.2) , same result for both. 
我试图从irb与ruby 1.8.7(或1.9.2)做一个简单的OpenSSL::X509::Certificate.new(File.read("testuser.p12")) ,两者的结果相同。 The error I get back is OpenSSL::X509::CertificateError: nested asn1 error 我得到的错误是OpenSSL::X509::CertificateError: nested asn1 error
Is this a ruby issue, or does this suggest the cert itself is malformed? 这是一个红宝石问题,还是这表明证书本身是错误的? I've found some similar reports revolving around an amazon cert demonstrating such errors, which turned out to be the cert itself. 我发现一些类似的报告围绕亚马逊证书展示了这些错误,结果证明是证书本身。 It works in the browser though. 它虽然在浏览器中工作。 Suggestions on how to resolve this? 关于如何解决这个问题的建议?
1 个解决方案
解决方案1
10 已采纳 2012-01-04 03:59:30
"testuser.p12" seems to be a PKCS#12 file according to the postfix. 根据后缀,“testuser.p12”似乎是PKCS#12文件。 Reading PKCS#12 format as X.509 certificate format causes ASN.1 decoding error. 将PKCS#12格式读取为X.509证书格式会导致ASN.1解码错误。
You should do OpenSSL::PKCS12.new(File.read("testuser.p12")) instead. 你应该OpenSSL::PKCS12.new(File.read("testuser.p12")) 。 If the file is protected with passphrase (it's normal), give the passphrase as the second parameter for PKCS12.new like OpenSSL::PKCS12.new(File.read("testuser.p12"), "pass") 如果文件受密码保护(这是正常的),请将密码作为PKCS12.new的第二个参数,如OpenSSL::PKCS12.new(File.read("testuser.p12"), "pass")
You can extract certificate and CA certificates by PKCS12#certificate and PKCS12#ca_certs methods. 您可以通过PKCS12#certificate和PKCS12#ca_certs方法提取证书和CA证书。
p12 = OpenSSL::PKCS12.new(File.read("testuser.p12"), "pass")
p p12.certificate
p p12.ca_certs
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.