This is a set of files that can be used to reproduce an issue I'm facing with rustls.
This is the current setup:
- A self signed root CA
- A wildcard certificate issued by this CA. One of the SAN is
*.suse
(yeah this is bad from a security POV)
I've a simple program that uses reqwest to perform a GET request against a HTTPS server that uses this certificate.
The server FQDN is registry01.suse
.
When reqwest uses openssl it works, but when rustls is being used I get the InvalidCertificateEncoding
error.
Creating rustls::Certificate
objects from both the certificates works fine. Using rustls::client::WebPkiVerifier
to verify the certificate works too.
I really don't know how to figure out where the error is originating.
The certificates are created using these scripts: https://github.com/Martin-Weiss/registry/tree/main/registry