Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
727 views
in Technique[技术] by (71.8m points)

apple push notifications - Getting OpenSSL::X509::CertificateError nested asn1 error on Ruby

I have .p12 file from Apple and tried to convert it to .pem file with following command:

openssl pkcs12 -in cert.p12 -out apple_push_notification_development.pem -nodes -clcerts

When trying the create new OpenSSL::X509::Certificate object with

OpenSSL::X509::Certificate.new(File.read('apple_push_notification_development.pem'))

I get the following error:

OpenSSL::X509::CertificateError: nested asn1 error
    from (irb):9:in `initialize'
    from (irb):9:in `new'
    ...

Did I do something wrong ? Being stuck, please help. Thanks

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Appreciate it's not your exact same scenario, but I was attempting to read in a PEM file (PKCS7) in my instance. OpenSSL CLI would decode it fine, but ruby kept throwing the same nested asn1 error that you describe when I tried to load it into an object.

In my case it needed a new line i.e. ' ' at the end of the PEM file for it to accept it.

I worked it out only when I created an empty object and compared the generated PEM output to the file I was trying to load.

So with a X509 cert maybe try:

cert = OpenSSL::X509::Certificate.new
cert.to_pem
=> "-----BEGIN CERTIFICATE-----
MCUwGwIAMAMGAQAwADAEHwAfADAAMAgwAwYBAAMBADADBgEAAwEA
-----END CERTIFICATE-----
"

And compare it to your PEM file

As you can see it's terminated with a new line and that was missing in the file that I was trying to import.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...