You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jun 19, 2020. It is now read-only.
(I realize that if a certificate didn't have any extensions, it wouldn't be valid by the BRs already, but it would be nice if certlint would emit this error since it's more of an encoding issue that isn't immediately obvious when looking at a certificate.)
See https://tools.ietf.org/html/rfc5280#section-4.1.2.9:
If present, this field is a SEQUENCE of one or more certificate extensions.
(I realize that if a certificate didn't have any extensions, it wouldn't be valid by the BRs already, but it would be nice if certlint would emit this error since it's more of an encoding issue that isn't immediately obvious when looking at a certificate.)
Here's an example certificate with this issue:
-----BEGIN CERTIFICATE-----
MIICsDCCAZigAwIBAgIBBDANBgkqhkiG9w0BAQsFADAfMR0wGwYDVQQDExRIYXBw
eSBIYWNrZXIgRmFrZSBDQTAeFw0xNTAxMDEwMDAwMDBaFw0xNjAxMDEwMDAwMDBa
MBQxEjAQBgNVBAMTCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBAOEfchL2x3NcfFhU0dvO9bnoQdQjx2Owfl6qj9h0JBKC+uuofkVCiXTQ
OPKfGdDYwykRp0mErSHL6RDJe8JgcA9XW4TwNmfclfCJi+yNy5rkyoIR0E21en0n
o0DaXWamNc+WrTwu4kCVuSN2UBurYN/hTL8b3ksHJir7tVvUt7x/7GQwksO6yo/Z
bi1ZHS/I6Y2EytAkdr8miQBHctdhSCAvbMrslK1SJMtEICFU7TXvmhFtrzlb1ZfW
bdKaDcHqy28sO+9KhN5ylxPHcfVSE0SZU8YG4THCQZtSKyejCn4Vy1erceB/axH9
HlCSntIhfiutxT/hUuTOdeCs23Lq8w8CAwEAAaMCMAAwDQYJKoZIhvcNAQELBQAD
ggEBALxKuZh0U+JshVi6mPFJ7fqcay2d8zxIiF2aE+Xp2bLhB29NFLm0sIdXidjc
LRWSIxnBiLMGvbDvxspiwl67wNTCV9v2DJ9UZTcVzLMzZMOTgKk24bxlN3zcQFAb
AlkGnWKPCH9YWpcGx6oOiOVip9IwI/IDJV/QxQhI9lLOAMcmwyiq9MqClvyxTTmz
9gAfZGXCZepUcmo/1mZm3a1IC2UIv/Wz1n+dTo44hV2EZFa12mFuWfBAv2SRCt9Z
ieqcR/WSRsLBRMtnXtHEfa/JgylkPkIOJJ3PdCJm1YV2EVdCU16jgNyJt0ZZ9kOp
brKCQJfF2M+1xA4+97LxZUPCTNg=
-----END CERTIFICATE-----