crypto/x509
certificate validation issuesWaitingForInfo
#67024 opened 1 day ago by joyantaDebnath
ParseCertificate duplicate extensions errors should include OID of the affected extensionNeedsInvestigation
#66880 opened 1 week ago by Techassi
#66249 opened 1 month ago by rsc
#66167 opened 1 month ago by rolandshoemaker
check Certificate.isValid on CertPool.AddNeedsInvestigation
#66166 opened 1 month ago by rolandshoemaker
#65626 opened 2 months ago by gopherbot
#65085 opened 3 months ago by woodruffw
wrong crypto.SignerOpts provided to Sign() in case of PSS signatureNeedsInvestigation
#65074 opened 3 months ago by phlipse
relax boringcrypto certificate key size restrictions given the ongoing FIPS 140-3 validationNeedsInvestigation
#65042 opened 3 months ago by HakanSunay
Allow to pass flags to syscall.CertGetCertificateChain, when using TLS Transport under WindowsNeedsInvestigationOS-WindowsProposalProposal-Crypto
#63238 opened 7 months ago by jkroepke
TestPlatformVerifierLegacy failuresNeedsInvestigation
#62912 opened 7 months ago by gopherbot
AKI (Authority Key Id) exclusion logic is brokenNeedsInvestigation
#62060 opened 8 months ago by furkanmustafa
#62048 opened 8 months ago by rsc
#61576 opened 9 months ago by rolandshoemaker
RevocationList.CheckSignatureFrom doesn't check SubjectNeedsInvestigation
#60728 opened 10 months ago by thierry-f-78
#60718 opened 10 months ago by dachaac
go mod tidy reports certificate expired on a non-expired certificateNeedsInvestigation
#60653 opened 10 months ago by ysmilda
CreateRevocationList over-enforces KeyUsage checkNeedsInvestigation
#59669 opened 1 year ago by cipherboy
ParseCertificate should mention the ownership of the slice passed to it.DocumentationNeedsInvestigation
#59548 opened 1 year ago by mateusz834
Certificate.Verify rejects self-signed leafNeedsInvestigation
#58792 opened 1 year ago by rittneje
Certificate.Verify does not consistently return UnknownAuthorityErrorNeedsInvestigation
#58777 opened 1 year ago by rittneje
#58635 opened 1 year ago by FiloSottile
#58251 opened 1 year ago by rolandshoemaker
#57461 opened 1 year ago by hujun-open
#57428 opened 1 year ago by dmitshur
#56866 opened 1 year ago by izolight
HTTP POST to Italian government web service fails with "x509: unhandled critical extension" error on Linux hostNeedsInvestigation
#55872 opened 2 years ago by genesio-systemlogic
Verification of ECDSA signed x509 cert, sanitized to LowS certs fails verification with go 1.19NeedsInvestigation
#54549 opened 2 years ago by C0rWin
#53841 opened 2 years ago by hherman1
pkix.Name.String() does not preserve correct order NeedsInvestigation
#52462 opened 2 years ago by bjanders
#52444 opened 2 years ago by rolandshoemaker
#52108 opened 2 years ago by rolandshoemaker
#51991 opened 2 years ago by dims
#51953 opened 2 years ago by haydentherapper
malformed x509 certificate is accepted since 1.17NeedsDecision
#51369 opened 2 years ago by bitmingw
#49519 opened 2 years ago by defacto64
unable to parse Attribute CertificateNeedsInvestigation
#49270 opened 2 years ago by salrashid123
invalid RDNSequence: invalid attribute value: unsupported string type: 4NeedsInvestigation
#48371 opened 2 years ago by c00w
unable to parse certificate with rsassa-pss algorithmNeedsInvestigation
#48314 opened 2 years ago by jpduckwo
inner and outer signature algorithm identifiers don't matchNeedsInvestigation
#47689 opened 2 years ago by groob
support OIDs for tcg-kp (2.23.133.8)NeedsInvestigation
#47620 opened 2 years ago by tracefinder
can't verify signature on RSA-PSS certificate requests it createdNeedsInvestigation
#45990 opened 3 years ago by ycongal-smile
#45857 opened 3 years ago by FiloSottile
store stripped down trust anchorsNeedsInvestigation
#44298 opened 3 years ago by rolandshoemaker
#43780 opened 3 years ago by joeshaw
ParseCertificate and ParseCertificates return different errors with a single bad certificate suppliedNeedsInvestigation
#43113 opened 3 years ago by LujunWeng
#41888 opened 3 years ago by dtoubelis
#41682 opened 3 years ago by FiloSottile
check the Key Usage extensionNeedsFix
#40100 opened 3 years ago by FiloSottile
#40017 opened 3 years ago by FiloSottile
#39540 opened 3 years ago by stephen-fox
Can 'CertPool.contains()' be made public?NeedsInvestigation
#39179 opened 3 years ago by stephen-fox
stop looking at first root storeNeedsFix
#38869 opened 4 years ago by FiloSottile
failed to parse Intermediate CA certificateNeedsInvestigation
#38737 opened 4 years ago by sebastien-rosset
support policyQualifiers in certificatePolicies extensionNeedsInvestigation
#38116 opened 4 years ago by rolandshoemaker
#37176 opened 4 years ago by ihgann
#35887 opened 4 years ago by wking
#34977 opened 4 years ago by SeanBurford
unable to parse certificate parsable by JavaNeedsDecision
#33259 opened 4 years ago by tomjamescn
#32874 opened 4 years ago by trung
#31440 opened 5 years ago by sneis
ObjectIdentifier and ParseCertificate do not support int > 31 bits, preventing support of OID 2.25 (/UUID) (follow-up on #19933)NeedsInvestigation
#30757 opened 5 years ago by vpelletier
#30416 opened 5 years ago by DenisKarch
DN OU orderingNeedsInvestigation
#29040 opened 5 years ago by rikkuness
verify checks root certificateNeedsInvestigation
#28971 opened 5 years ago by vit3k
#26731 opened 5 years ago by bradfitz
#24156 opened 6 years ago by FiloSottile
#21789 opened 6 years ago by SamWhited
AKI is left blank even for non-self-signed cert when subject matches CA's subject fieldNeedsInvestigation
#20002 opened 7 years ago by mikesmitty
#15995 opened 7 years ago by groob
#15196 opened 8 years ago by vanbroup
no support for parsing encrypted PKCS8 private keysFeatureRequest
#8860 opened 9 years ago by gopherbot
#7735 opened 10 years ago by agl