Skip to content

crypto/x509: SystemCertPool() can return nil,nil #21405

New issue
New issue
Closed
Closed
crypto/x509: SystemCertPool() can return nil,nil#21405
Labels
FrozenDueToAgeNeedsFixThe path to resolution is known, but the work has not been done.
Milestone
 
Unplanned
@champtar

Description

@champtar
champtar
opened on Aug 11, 2017

What version of Go are you using (go version)?

1.8

What operating system and processor architecture are you using (go env)?

debian9 lxc (no certificates on the system) / amd64

What did you do?

https://play.golang.org/p/9uFYp2M6PT

What did you expect to see?

I expected to have either an error or an empty certPool

What did you see instead?

both CertPool and error are nil when there is no certificates found on the system
If you think this is the correct behavior maybe add a small warning in the documentation

Regards
Etienne

Activity

nussjustin

nussjustin commented on Aug 11, 2017

@nussjustin
nussjustin
on Aug 11, 2017
Contributor

This only affects Unix and Plan9, all other operating systems will return an empty pool when no certificates are found from what I see.

shreyas1996

shreyas1996 commented on Aug 13, 2017

@shreyas1996
shreyas1996
on Aug 13, 2017 · edited by shreyas1996

certpool
As you can see,this is the output we get when we run it on a windows based system..
Here is the source code for the function you used..
https://golang.org/src/crypto/x509/cert_pool.go?s=730:770#L22
there it is..
this might be the expected output.
i hope u got the doubt.. if not please help me understand it using a suitable use case
Regards
Shreyas

nussjustin

nussjustin commented on Aug 13, 2017

@nussjustin
nussjustin
on Aug 13, 2017
Contributor

@shreyas1996 Using SystemCertPool under Windows is issue #16736, see the issue description in #18609 for the basic problem with it unter windows. This issue is about a (nil, nil) return value under Unix (and Plan 9)

shreyas1996

shreyas1996 commented on Aug 13, 2017

@shreyas1996
shreyas1996
on Aug 13, 2017

oh okay.. i will check that too
But as stated above by @champtar used that function.. i thought maybe he/she was concerned as to why such an output was displayed when the expected one is different.
anyways,thanks for pointing it out @nussjustin

ianlancetaylor
changed the title [-]x509.SystemCertPool() can return nil,nil[/-] [+]crypto/x509: SystemCertPool() can return nil,nil[/+] on Mar 30, 2018
ianlancetaylor
added
NeedsFixThe path to resolution is known, but the work has not been done.
on Mar 30, 2018
gopherbot

gopherbot commented on Mar 30, 2018

@gopherbot
gopherbot
on Mar 30, 2018
Contributor

Change https://golang.org/cl/103596 mentions this issue: crypto/x509: don't return nil, nil from SystemCertPool

ianlancetaylor
added this to the Unplanned milestone on Mar 30, 2018
FiloSottile
mentioned this on Mar 30, 2018
gopherbot
closed this as completedin 2d4ccbfon Apr 13, 2018
golang
locked and limited conversation to collaborators on Apr 13, 2019
gopherbot
added
FrozenDueToAge
on Apr 13, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAgeNeedsFixThe path to resolution is known, but the work has not been done.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

      Development

      No branches or pull requests

        Participants

        @ianlancetaylor@champtar@nussjustin@gopherbot@shreyas1996

        Issue actions
          crypto/x509: SystemCertPool() can return nil,nil · Issue #21405 · golang/go