Fooling Go's X.509 Certificate Verification
11 hours ago
- #X.509
- #Certificate Verification
- #Go
- Two X.509 certificates are provided: a CA root certificate (ca.crt.pem) and a leaf certificate (leaf.crt.pem) signed by the CA's private key.
- A Go program that verifies the leaf certificate using the CA certificate fails with an 'unknown authority' error, even though openssl verify succeeds.
- A second CA certificate (ca.verifies.crt.pem) is provided that works with the Go program, despite appearing identical to the first CA certificate.
- Byte-level comparison reveals a two-byte difference between the CA certificates: the failing certificate uses PrintableString (tag 0x13) for the Subject and Issuer fields, while the working certificate uses UTF8String (tag 0x0c).
- The leaf certificate's Issuer field uses UTF8String, matching the working CA certificate's Subject encoding.
- Go's x509 package compares raw bytes of the Subject and Issuer fields, causing the mismatch because the encodings differ.
- This behavior has been debated in the Go community, as other tools like openssl treat different string types as equivalent.
- Developers should be aware of encoding consistency when generating certificates, as mismatches can cause verification failures and outages.