Uploaded image for project: 'TrueNAS'
  1. TrueNAS
  2. NAS-109033

Error while importing certificates

    XMLWordPrintable

    Details

    • Impact:
      Medium

      Description

      I'm always getting python decoding errors when trying to import the public key of a CA.
      The Organization name of the cert contains the Umlauts 'ü', which i suspect is the problem.

      I don't know of it helps, but i can successfully import the same cert in pfsense which is based on (FreeBSD 11.3-STABLE)

      The problematic public key in pem format is attached
       

      The error message looks like this:

      Error: Traceback (most recent call last):
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
      result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
      return await methodobj(*prepared_call.args)
      File "/usr/local/lib/python3.8/site-packages/middlewared/service.py", line 455, in create
      rv = await self.middleware._call(
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
      return await methodobj(*prepared_call.args)
      File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 973, in nf
      return await f(*args, **kwargs)
      File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2419, in do_create
      verrors = await self.validate_common_attributes(data, 'certificate_authority_create')
      File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2234, in validate_common_attributes
      await _validate_common_attributes(self.middleware, data, verrors, schema_name)
      File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 97, in _validate_common_attributes
      if not matches or not await middleware.call('cryptokey.load_certificate', certificate):
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1233, in call
      return await self._call(
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1202, in _call
      return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args)
      File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1106, in run_in_executor
      return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
      File "/usr/local/lib/python3.8/site-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run
      result = self.fn(*self.args, **self.kwargs)
      File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 977, in nf
      return f(*args, **kwargs)
      File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 379, in load_certificate
      cert_info = self.get_x509_subject(cert)
      File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 452, in get_x509_subject
      dn.append(f'{k.decode()}={v.decode()}')
      UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfc in position 7: invalid start byte

        Attachments

          Attachments

            JEditor

              Activity

                People

                Assignee:
                waqar Waqar Ahmed
                Reporter:
                tkempf Thomas Kempf
                Watchers:
                Bonnie Follweiler, Bug Clerk, Thomas Kempf, William Grzybowski
                Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: