Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

encode/pem: cannot load certificate from os.Getenv #40957

Closed
danielsussa opened this issue Aug 21, 2020 · 3 comments
Closed

encode/pem: cannot load certificate from os.Getenv #40957

danielsussa opened this issue Aug 21, 2020 · 3 comments

Comments

@danielsussa
Copy link

@danielsussa danielsussa commented Aug 21, 2020

What version of Go are you using (go version)?

$ go version
go version go1.14.4 linux/amd64

Does this issue reproduce with the latest release?

Only the latest release.

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/kanczuk/.cache/go-build"
GOENV="/home/kanczuk/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOINSECURE=""
GONOPROXY="github.com/pismo/*"
GONOSUMDB="github.com/pismo/*"
GOOS="linux"
GOPATH="/home/kanczuk/go"
GOPRIVATE="github.com/pismo/*"
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/local/go/bin"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/local/go/bin/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD="/home/kanczuk/go/src/github.com/pismo/api-cards-tokenization/go.mod"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build053400513=/tmp/go-build -gno-record-gcc-switches"

What did you do?

I've tried to load a PEM certificate using os.Getenv and parsing as a byte array to the AppendCertsFromPEM from x509 package. But when I load from env, it's aways load as a literal string and cannot be add to certificates pool. I can only load from a file, but never from a variable loaded from system.

There is a test for this case: https://play.golang.org/p/zTAPhyz7p5S (the literal on os.Setenv(``) is only for test proposal)

What did you expect to see?

func main() {
	caCertPool := x509.NewCertPool()
	ok := caCertPool.AppendCertsFromPEM([]byte(os.Getenv("CERTIFICATE")))
	fmt.Println(ok)
}
// output = true

What did you see instead?

func main() {
	caCertPool := x509.NewCertPool()
	ok := caCertPool.AppendCertsFromPEM([]byte(os.Getenv("CERTIFICATE")))
	fmt.Println(ok)
}
// output = false
@slrz
Copy link

@slrz slrz commented Aug 21, 2020

The environment variable needs to include the actual newline characters, not some escape sequences.

See the modified example:
https://play.golang.org/p/raDX6FT4lzr

edit: replaced with better example.

@asad-urrahman
Copy link

@asad-urrahman asad-urrahman commented Aug 24, 2020

OR use the double quotation marks for certificate contents.
see here (https://play.golang.org/p/40DI3hQ35Z4)

@davecheney
Copy link
Contributor

@davecheney davecheney commented Aug 24, 2020

Thank you for your comments. This appears to be working as intended.

@davecheney davecheney closed this Aug 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.