[openssl-users] Read cer file failed
Dave Thompson
dthompson at prinpay.com
Tue Jan 20 21:43:47 UTC 2015
> From: openssl-users On Behalf Of Jerry OELoo
> Sent: Tuesday, January 20, 2015 00:34
> I am reading cer file into X509 object,
> http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer
>
> cert = d2i_X509_fp(fp, NULL);
> it will return fail, as below
>
> Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
> long
Worked for me, although I observe the server is labelling
content-type: text/plain when 2585 (confirmed by 5280)
says application/pkix-cert . (I resolved 23.13.165.163
after CNAMEing through edgekey and akamaiedge, but
another ISP I can look at got 23.61.69.163. YMMV.)
I note this certificate contains a "control-Z" byte (hex 1A).
Are you possibly running on Windows with the Microsoft
C runtime and opening the file in text mode? Windows C
treats 1A as terminating a text file, to be compatible with
MS-DOS and before that CP/M. Windows C also tries to
use MS-DOS line ending CRLF instead of LF in text files.
To read and write the exact bytes of a file in Windows C,
as is needed for DER objects, use binary mode.
More information about the openssl-users
mailing list