On 10/13/2012 10:10 PM, James Cloos wrote: > Using base64 encoded cert and key files I get ASN1 parser: Error in TAG > errors when I try to use danetool to generate TLSA RRs. > > I've tried a number of invocations (host names changed): > > :; danetool --tlsa-rr --host foo.example.net > --load-certificate=foo_example_net_cert.pem > danetool: crt_import: ASN1 parser: Error in TAG. > > :; danetool --tlsa-rr --host foo.example.net > --load-pubkey=foo_example_net_key.pem > danetool: importing --load-pubkey: foo_example_net_key.pem: ASN1 parser: > Error in TAG. > > What kind of file does danetool expect? I have RSA PRIVATE KEY, > CERTIFICATE REQUEST and CERTIFICATE files in pem format.
Hello, Thanks for the report. It seems that I introduced a last minute bug and the accepted format is DER only. You may use the tool with DER encoded certificates (convert yours using certtool -i --infile xxx.pem --outder --outfile xxx.der) or apply the following patch. http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=21dce46c4c33fb29dd5784044187d180e448151d regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
