Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
crypto/x509: more descriptive error message for unsupported algorithms such as MD5 with RSA #10431
In http://golang.org/src/crypto/x509/x509.go?s=21072:21171#L611 that algorithm is not listed.
Should it be listed? Is it because it is considered insecure?
I've found a certificate issued with the MD5withRSA signature algorithm (used only for testing) but finding the error was really hard. It would be nice to have a better error description for this kind of failures.
In that case, it would be better to have a more descriptive error than..
failed to verify certificate: x509: certificate signed by unknown authority (possibly because of "x509: cannot verify signature: algorithm unimplemented" while trying to verify candidate authority certificate "testCA")
"algorithm unimplemented".. The algorithm is implemented, it is not supported because it is considered insecure. Which algorithm? In which part of the chain? Which function failed?
Tracking the error took me a while..