Certificate that can not be parsed

Question

Certificate that can not be parsed

aetos382 opened this issue 6 years ago · comments

I am using Microsoft Skype for Business.
This software automatically generates a certificate when I sign in.
smimesign can't parse it.

smimesign --list-keys
WARNING: failed to get identity certificate: certificate parsing failed: asn1: syntax error: PrintableString contains invalid character

The content of the certificate is as follows.
I can not export the private key of this certificate, but I hope that it will give you some clues.

smimesign --version
0.0.6

Ben Toews · Answer 1 · Fri Nov 09 2018 00:25:43 GMT+0800 (China Standard Time)

The subject common name in that certificate is an ASN.1 PrintableString type containing an email address. This string type does now allow for the @ character contained in the email address, which explains the error from Go's crypto library.

aetos · Answer 2 · Fri Nov 09 2018 11:28:07 GMT+0800 (China Standard Time)

@mastahyeti

If this certificate is in my certificate store, the "git commit -S" command will fail with an error, even if this certificate is not used for signing (the error message is same as the smimesign --list-keys).

Ben Toews · Answer 3 · Fri Nov 09 2018 11:56:33 GMT+0800 (China Standard Time)

Thanks for clarifying. This being in your keychain shouldn’t prevent you from signing with a different identity.

Ben Toews · Answer 4 · Thu Nov 29 2018 06:39:04 GMT+0800 (China Standard Time)

This should be fixed by #38. Sorry to take so long with that. This change is included in v0.0.8.