在 Ruby 上获取 OpenSSL::X509::CertificateError 嵌套 asn1 错误 [英] Getting OpenSSL::X509::CertificateError nested asn1 error on Ruby
问题描述
我有来自 Apple 的 .p12 文件,并尝试使用以下命令将其转换为 .pem 文件:
I have .p12 file from Apple and tried to convert it to .pem file with following command:
openssl pkcs12 -in cert.p12 -out apple_push_notification_development.pem -nodes -clcerts
尝试使用
OpenSSL::X509::Certificate.new(File.read('apple_push_notification_development.pem'))
我收到以下错误:
OpenSSL::X509::CertificateError: nested asn1 error
from (irb):9:in `initialize'
from (irb):9:in `new'
...
我做错了吗?卡住了,求帮助.谢谢
Did I do something wrong ? Being stuck, please help. Thanks
推荐答案
感谢这与您的场景不完全相同,但我试图在我的实例中读取 PEM 文件 (PKCS7).OpenSSL CLI 可以很好地解码它,但是 ruby 一直抛出与我尝试将其加载到对象中时描述的相同的嵌套 asn1 错误.
Appreciate it's not your exact same scenario, but I was attempting to read in a PEM file (PKCS7) in my instance. OpenSSL CLI would decode it fine, but ruby kept throwing the same nested asn1 error that you describe when I tried to load it into an object.
就我而言,它需要一个新行,即 PEM 文件末尾的\n"才能接受它.
In my case it needed a new line i.e. '\n' at the end of the PEM file for it to accept it.
只有当我创建一个空对象并将生成的 PEM 输出与我尝试加载的文件进行比较时,我才解决了这个问题.
I worked it out only when I created an empty object and compared the generated PEM output to the file I was trying to load.
因此,可以尝试使用 X509 证书:
So with a X509 cert maybe try:
cert = OpenSSL::X509::Certificate.new
cert.to_pem
=> "-----BEGIN CERTIFICATE-----\nMCUwGwIAMAMGAQAwADAEHwAfADAAMAgwAwYBAAMBADADBgEAAwEA\n-----END CERTIFICATE-----\n"
并将其与您的 PEM 文件进行比较
And compare it to your PEM file
如您所见,它以新行结尾,而我尝试导入的文件中缺少该行.
As you can see it's terminated with a new line and that was missing in the file that I was trying to import.
这篇关于在 Ruby 上获取 OpenSSL::X509::CertificateError 嵌套 asn1 错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!