Certificate to Pem to Certificate Not Working: Nested Asn1 Error

  • Home
  • Languages
  • Ruby
  • Certificate to Pem to Certificate Not Working: Nested Asn1 Error

Certificate to pem to certificate not working: nested asn1 error

So I got the answer myself. The certificate needs at least these information:

cert = OpenSSL::X509::Certificate.new
cert.version = 2
cert.serial = 0
cert.not_before = Time.now
cert.not_after = Time.now + 3600
cert.public_key = key.public_key
cert.sign key, OpenSSL::Digest::SHA1.new

Then this is possible:

OpenSSL::X509::Certificate.new(cert.to_pem) => returns

Ruby OpenSSL nested asn1 error

So, once again, I answered my own question. I was trying to read a DER-form pkcs12. I had to convert it to PEM format.

Getting an error while converting .crt to .pem file

The ABC.crt content is invalid certificate file.

In fact, the file contains two certificates. I found a "," delimiter inside and file contains two certificates. The file is badly formed.

If you remove this delimiter (split) and put base64 strings before and after delimiter into separate files, you will get two normal X.509 certificates in base64 encoding.

If you wrap these Base64 strings, you get perfectly formatted PEM files, you even don't need to do with OpenSSL.

One:

-----BEGIN CERTIFICATE-----
MIIDYTCCAkmgAwIBAgIGAV0znSRkMA0GCSqGSIb3DQEBCwUAMFkxEzARBgoJkiaJ
k/IsZAEZFgNjb20xFjAUBgoJkiaJk/IsZAEZFgZvcmFjbGUxFTATBgoJkiaJk/Is
ZAEZFgVjbG91ZDETMBEGA1UEAxMKQ2xvdWQ5Q0EtMjAeFw0xNzA3MTEyMTQ1MjJa
Fw0yNzA3MTEyMTQ1MjJaMFYxEzARBgNVBAMTCnNzbERvbWFpbnMxDzANBgNVBAMT
BkNsb3VkOTEuMCwGA1UEAxMlaWRjcy05Y2I1NzYwM2QwYjc0Mjg0ODFiNDQ0NTgz
YWZlNzAxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANuTVdug3dS1
RjR5ydP90IAUWkGcx/iwQCsinGPA8k1dtHAs4coZpCM0z4XDEu/zbVPshVx7Og2e
uNdOFFelAPVMz/C4tm8LMk5ZROY4u8VUao7O4V2uMiJlROPEY9FbZpk5a7lh1Bsn
xPlH6qfm4LZtnsjmWo12OzQ72RQRElsxaqbyAGPX/A6IoFvNVhNvuReqHl7boksF
wXrdBzq9uJ9VF0YN+3JuMOgMersTcW0SLARepXXhaXe45MlhXYx1ZbPj/3sHb4mo
6iRDK9oTha2dInGQ+9fHKrQ/HgDFjRojqwYjHtBrKcHz2DCHdf9Em4oJEBI7lCQ4
gKHIp40RuW0CAwEAAaMyMDAwHQYDVR0OBBYEFFwscxks8Q/z+4FUAi2yryyXi6/v
MA8GA1UdDwEB/wQFAwMH2AAwDQYJKoZIhvcNAQELBQADggEBACOAvdb3CV9I1Q14
TnloVWFEZBgbeWy9DlvWQT148zuaXuZu9+zoxyR5+8AfjXSoXXqTeFWD98ZfB9sM
6HnKP2j/8Ja8E/rH0u4biB3pysnqbGQn7so+JA+sB7aujILa+SBXt84iKf252oSK
6cOHnhCNduKof4LFCcfLMxT5WwY5WJd0N+6J64yhEphsRhFZTdu6wHjOzLhncaN5
jEppCdC5+52qmKX65hCjXDu6rdrCtoHjpZVfB8KWtqdda8R9obhfvxTo2aho1ye4
HcPYOmZOMIuGAK3Wv7eupuhDOset4huJUAvCO99TSyQFZhW8XbwrKynPUxRD9GXh
b4QvzK0=
-----END CERTIFICATE-----

and two:

-----BEGIN CERTIFICATE-----
MIIDazCCAlOgAwIBAgIINViiv6s6qqgwDQYJKoZIhvcNAQELBQAwWTETMBEGCgmS
JomT8ixkARkWA2NvbTEWMBQGCgmSJomT8ixkARkWBm9yYWNsZTEVMBMGCgmSJomT
8ixkARkWBWNsb3VkMRMwEQYDVQQDEwpDbG91ZDlDQS0yMCAXDTE2MDUwMzA4MDIx
N1oYDzIxMTYwNDA5MDgwMjE3WjBZMRMwEQYKCZImiZPyLGQBGRYDY29tMRYwFAYK
CZImiZPyLGQBGRYGb3JhY2xlMRUwEwYKCZImiZPyLGQBGRYFY2xvdWQxEzARBgNV
BAMTCkNsb3VkOUNBLTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW
kN6qRNHvItlZ+yQ2RjJ8kGQGRHjP6F+BNYrsKM0okDmuNDZyGoNvbhJD0mEZUDiK
okaJJ0+pTSl6EHUzqYQPD8r0OcP+fk2TqR2v2PvPmt6KKXicFPUIoDUnznmdKdgC
P+TJE8QjKZgJenR1Y6Q6JW6I1G3bo+auSaL5sITLV8JnN/kd1XWejFEMpovMp8Wd
Bid2wi9abDoygndI9YPfM64/vG1qF1vb8TgyIRRqRRF6DvFa3O6TIjhp9UU8zVfa
uYmn9BkRt2pylJ2wntfg9FYsl6ZSydltMHQcuHETnxLoJbUwRYv4ah1ca2o0EYZW
lGy2EtyX7Qi/ECAKMWSlAgMBAAGjNTAzMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYD
VR0OBBYEFMsXQZBqmxc1LqYNCYwt9OCIMZGRMA0GCSqGSIb3DQEBCwUAA4IBAQC3
IFrmt4eQ2Ggx6cp4I9F57BuKBRjH4cbebFM+gL6mvaUsOhtzzZHuR05a5BQYW1CF
U7CG2cGEjeSeBqWLcKbq5iXC44gdMcFWH7R5GApNJO3CNI8QZJdbzLWDF0UzPKXx
cHwF8niduJuyFwfe/pcW4aWzFdOLKAlIv1iXeungmdhZLg37yh3Zt7WnTAtQFgM0
cvxkZlRcreQVisvLtZvTd+wVAUNo57ws/y1cPIBiWwxrvcFDv3+U0I+y2eVqbtmV
2nWKeQ1aisBLdQydsuatQM8+C4nFC+BJvfdkYY+6+JNeTc6GCnTpQo3/nkDHH08P
GR5Rs+NAdvlshL1GgHbU
-----END CERTIFICATE-----

Rails can't read certificate information from environment due to nested asn1 error

I finally found a way to do it... mixing it all up!

So the file, for example company.key looks like

-----BEGIN PRIVATE RSA KEY ----
Mumbojumbomummbojumbo
-----END RSA PRIVATE KEY----

So I switched it to a one liner, making explicit \n in the string (so its a real \n)

COMPANY_KEY=""-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEA+ztKEj\n-----END RSA PRIVATE KEY-----\n"

Don't forget the last \n in the file.

Now, the last part, in the place where I used to do

@private_key = OpenSSL::PKey::RSA.new(File.read(private_key_file))

Now I do

@private_key = OpenSSL::PKey::RSA.new(ENV['COMPANY_KEY'].gsub("\\n", "\n"))

And now works like a charm! No public certificates, every piece of info in environment variables.

OpenSSL encoding errors while converting cer to pem

I had this problem also. Just rename the CER to PEM was enough :)

Unable to create .pem file from .p12 (private key + public key)

Below command worked fine,

openssl pkcs12 -in Certificates.p12 -out Certificates.pem -nodes -clcerts

Related Topics

Implementing Dry-Run in Ruby Script

Rvm + Rails Install Error: While Executing Gem (Nomethoderror)Undefined Method 'Ord' for Nil:Nilclass

How to Render the Ajax Response in Rails

How to Convert a Large Gem to Standalone Rails App

How to Properly Create a Associated Record Just After the Associator Record Creation

Ruby Before_Validation Triggers Infinite Loop of Call Back

Ruby Fileutils Alias on MAC

Are Spies an Appropriate Approach to See If Resque Methods Are Being Fired

Practical Example of Architecture Using Ebc

Create a Ruby Method That Accepts a Hash of Parameters

How to Capture Terminal Arrow Keys in Ruby

No Such File to Load -- Soap4R -- Why

What Is the Ruby Regex for Including Apostrophes

Make a Ruby Script with Text Io Double Clickable Executable File

In Ruby What Does "$$" Mean

How to Specify Rvm Gemsets for Rails Gem Whenever

Method Gives Activerecord::Relation Error

Adding Commas to a Number


Leave a reply



Submit