crypto/tls cannot parse intune certificates
55 views
Skip to first unread message
Gopal Raman
Jan 11, 2025, 6:52:21 PM1/11/25
to golang-nuts
It seems it's quite common to create a certificate in MSFT Intune with an illegal URI format. in the SAN. My golang TLS server based on crypto/tls fails to complete handshake with a
Windows client that presents this broken certificate. However since only the SAN is impacted, it would be good if the handshake is allowed to complete and not fail it altogether.
tls: failed to parse client certificate: x509: cannot parse URI \"AAD_Device_ID:97c4aaba-224d-4fe7-98ba-a996c016ba49\"
The specific error returned by Conn.Read() is below. It's in the x509.go code that parses the certificate and runs into the misformatted URI
tls: failed to parse client certificate: x509: cannot parse URI \"AAD_Device_ID:97c4aaba-224d-4fe7-98ba-a996c016ba49\"
Any ideas on how I can work around this ?
Thanks
Thanks
-gopal raman
Reply all
Reply to author
Forward
0 new messages