Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
asn1: syntax error: trailling data #40545
What version of Go are you using (
It worth mentioning the same certificate works using: https://github.com/eclipse/paho.mqtt.rust, I can connect to my broker and subscribe/publish without any problem, but doesn't work in golang
The original certificate is:
since golang tls doesn't like
This is not a bug. The DER structure of the certificate contains an X509v1 certificate and an additional sequence with usage information. You need to verify your certificate generation procedure and ensure that x509v3 certificates are produced that include the usage information or omit the usage information.
You can check that with
If those 14 bytes (hl+l=2+12=14) are removed, then the certificate can be parsed. Here is a test program:
I regard the Go behavior as correct even if openssl seems to support this structure. It should not be possible to add information to a certificate that the Certificate Authority has not signed.