在Ruby上获取OpenSSL :: X509 :: CertificateError嵌套的asn1错误 [英] Getting OpenSSL::X509::CertificateError nested asn1 error on Ruby

问题描述

我有Apple的.p12文件，并尝试使用以下命令将其转换为.pem文件:

I have .p12 file from Apple and tried to convert it to .pem file with following command:

openssl pkcs12 -in cert.p12 -out apple_push_notification_development.pem -nodes -clcerts

尝试创建新的OpenSSL :: X509 :: Certificate对象时

When trying the create new OpenSSL::X509::Certificate object with

OpenSSL::X509::Certificate.new(File.read('apple_push_notification_development.pem'))

我收到以下错误:

OpenSSL::X509::CertificateError: nested asn1 error
    from (irb):9:in `initialize'
    from (irb):9:in `new'
    ...

我做错什么了吗?被卡住，请帮忙. 谢谢

Did I do something wrong ? Being stuck, please help. Thanks

推荐答案

请注意，这与您的情况不完全相同，但是我试图读取实例中的PEM文件(PKCS7). OpenSSL CLI可以很好地对其进行解码，但是ruby不断抛出与您尝试将其加载到对象中时描述的嵌套asn1错误相同的错误.

Appreciate it's not your exact same scenario, but I was attempting to read in a PEM file (PKCS7) in my instance. OpenSSL CLI would decode it fine, but ruby kept throwing the same nested asn1 error that you describe when I tried to load it into an object.

在我的情况下，它需要在PEM文件的末尾添加新行，即'\ n'才能接受它.

In my case it needed a new line i.e. '\n' at the end of the PEM file for it to accept it.

仅当我创建一个空对象并将生成的PEM输出与我要加载的文件进行比较时，我才进行计算.

I worked it out only when I created an empty object and compared the generated PEM output to the file I was trying to load.

因此，使用X509证书可以尝试:

So with a X509 cert maybe try:

cert = OpenSSL::X509::Certificate.new
cert.to_pem
=> "-----BEGIN CERTIFICATE-----\nMCUwGwIAMAMGAQAwADAEHwAfADAAMAgwAwYBAAMBADADBgEAAwEA\n-----END CERTIFICATE-----\n"

并将其与您的PEM文件进行比较

And compare it to your PEM file

如您所见，它以新行终止，而我尝试导入的文件中缺少该行.

As you can see it's terminated with a new line and that was missing in the file that I was trying to import.

这篇关于在Ruby上获取OpenSSL :: X509 :: CertificateError嵌套的asn1错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！