[openssl-users] Certificate format question?

Dr. Matthias St. Pierre Matthias.St.Pierre at ncp-e.com
Wed Sep 26 07:55:43 UTC 2018

> -----Ursprüngliche Nachricht-----
> In the meantime:
>    $ perl -ne 'print if (/^-----BEGIN/../^-----END/);' foo.pem |
>        openssl asn1parse
> > On Sep 25, 2018, at 1:15 PM, Hubert Kario <hkario at redhat.com> wrote:
> >
> > then it looks like the parser used in asn1parse -inform pem is non-
> > compliant...
> >
> > https://github.com/openssl/openssl/issues/7317

Starting with version 1.1.0, the asn1parse has the -strictpem option to deal
with exactly this case.

I just submitted a pull request on GitHub which attempts to make RFC compliance
the default behavior and introduces a new '-inform b64' option for raw base64


I would be interested in your (the users) opinion about whether this should
become the new default in the future, or whether raw base64 parsing should
remain the default.


More information about the openssl-users mailing list