Hi,
i'm fairly new to truenas and trying to import a CA on truenas12-release without success. I'm always getting some python decoding errors.
The Organization name of the cert contains the Umlauts 'ü', which i suspect is the problem here.
Is this a bug in Truenas ? Does anybody know, if it's possible to import certificates with Umlauts and if so, how to do it?
TIA
Tom
Here is the Public Key of the CA i'm trying to import:
-----BEGIN CERTIFICATE-----
MIIEdzCCA1+gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBhDEVMBMGA1UEAxMMY2Fu
ZXUtaHVlcGVyMQswCQYDVQQGEwJERTEaMBgGA1UECBQRQmFkZW4gV/xydHRlbWJl
cmcxEzARBgNVBAcTCkhlaWRlbmhlaW0xIDAeBgNVBAoUF1dlcmJlYWdlbnR1ciBI
/HBlciBHbWJIMQswCQYDVQQLEwJJVDAeFw0xOTEyMDQxNDE5MDdaFw0zMjA4Mjcx
NDE5MDdaMIGEMRUwEwYDVQQDEwxjYW5ldS1odWVwZXIxCzAJBgNVBAYTAkRFMRow
GAYDVQQIFBFCYWRlbiBX/HJ0dGVtYmVyZzETMBEGA1UEBxMKSGVpZGVuaGVpbTEg
MB4GA1UEChQXV2VyYmVhZ2VudHVyIEj8cGVyIEdtYkgxCzAJBgNVBAsTAklUMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrooq5UIecG15nwJIuvMJuyr
ylgntPGg+TKo5XS20cfZ0MqkV8al9oheh2VPuEXBVv3mY5J9CxGvHm13JkRbBHCN
5YdlKSutgfgKsICMyiDtKcB/bNRosu1oatU7AcBoF4CHDH6x+YHxMx9ef+PDBaAY
YgKfZMrhmQfkNbL4Ch14pr2CogRhKyLUQjwgsd3XLYPaxfP+qR9NaiuNGF+OOkkM
oN1LrXECBDmDwC8+UDxWNM5u9sNN+uUmOVcIMtyppHQJqHUYXy53rfEoW8LOSfFs
VdhLsqCg+PB86LGvdbiqmf10PXwr14GExuZEvqWrYjkfF3PNPVuH0AqFJH2BiQID
AQABo4HxMIHuMB0GA1UdDgQWBBTsv+d+69okmmo8xaG+XmW6OUZ0qDCBsQYDVR0j
BIGpMIGmgBTsv+d+69okmmo8xaG+XmW6OUZ0qKGBiqSBhzCBhDEVMBMGA1UEAxMM
Y2FuZXUtaHVlcGVyMQswCQYDVQQGEwJERTEaMBgGA1UECBQRQmFkZW4gV/xydHRl
bWJlcmcxEzARBgNVBAcTCkhlaWRlbmhlaW0xIDAeBgNVBAoUF1dlcmJlYWdlbnR1
ciBI/HBlciBHbWJIMQswCQYDVQQLEwJJVIIBADAMBgNVHRMEBTADAQH/MAsGA1Ud
DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABVNM2D8yfWOOKV4FER6md1g7m6Ea
TseAe1lxQZaf+DUyG/rgPRsLfnjHXnGzx5+v0QUgiYHexoYzeds0MRGCvmUePrlQ
vMc8lqvqFsea1hxdan8MWGiF6x/RqGXZmJsykU355KWTkoiawuWe7iiwH3rnCCz+
FyNhNa+TzYTNpb6Iz8AB4xOoMgFZwG1Dtc07qv621qXiE7ZMeBC1zVE/xMMx+5ox
ue0AyU9Rsf4PCPnbrclv7PT3/NNY2rzd/x6GeK06yc6kxlQi29dG2yaHXxdKprlc
yKYw0Ba0QApYkdZ1t4vW0nAokAIGBYYZduKEI1srsGFBb+SOy2EsjndfqA==
-----END CERTIFICATE-----
And here the errormessage:
Error: Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/service.py", line 455, in create
rv = await self.middleware._call(
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 973, in nf
return await f(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2419, in do_create
verrors = await self.validate_common_attributes(data, 'certificate_authority_create')
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2234, in validate_common_attributes
await _validate_common_attributes(self.middleware, data, verrors, schema_name)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 97, in _validate_common_attributes
if not matches or not await middleware.call('cryptokey.load_certificate', certificate):
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1233, in call
return await self._call(
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1202, in _call
return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1106, in run_in_executor
return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
File "/usr/local/lib/python3.8/site-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 977, in nf
return f(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 379, in load_certificate
cert_info = self.get_x509_subject(cert)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 452, in get_x509_subject
dn.append(f'{k.decode()}={v.decode()}')
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfc in position 7: invalid start byte
i'm fairly new to truenas and trying to import a CA on truenas12-release without success. I'm always getting some python decoding errors.
The Organization name of the cert contains the Umlauts 'ü', which i suspect is the problem here.
Is this a bug in Truenas ? Does anybody know, if it's possible to import certificates with Umlauts and if so, how to do it?
TIA
Tom
Here is the Public Key of the CA i'm trying to import:
-----BEGIN CERTIFICATE-----
MIIEdzCCA1+gAwIBAgIBADANBgkqhkiG9w0BAQsFADCBhDEVMBMGA1UEAxMMY2Fu
ZXUtaHVlcGVyMQswCQYDVQQGEwJERTEaMBgGA1UECBQRQmFkZW4gV/xydHRlbWJl
cmcxEzARBgNVBAcTCkhlaWRlbmhlaW0xIDAeBgNVBAoUF1dlcmJlYWdlbnR1ciBI
/HBlciBHbWJIMQswCQYDVQQLEwJJVDAeFw0xOTEyMDQxNDE5MDdaFw0zMjA4Mjcx
NDE5MDdaMIGEMRUwEwYDVQQDEwxjYW5ldS1odWVwZXIxCzAJBgNVBAYTAkRFMRow
GAYDVQQIFBFCYWRlbiBX/HJ0dGVtYmVyZzETMBEGA1UEBxMKSGVpZGVuaGVpbTEg
MB4GA1UEChQXV2VyYmVhZ2VudHVyIEj8cGVyIEdtYkgxCzAJBgNVBAsTAklUMIIB
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrooq5UIecG15nwJIuvMJuyr
ylgntPGg+TKo5XS20cfZ0MqkV8al9oheh2VPuEXBVv3mY5J9CxGvHm13JkRbBHCN
5YdlKSutgfgKsICMyiDtKcB/bNRosu1oatU7AcBoF4CHDH6x+YHxMx9ef+PDBaAY
YgKfZMrhmQfkNbL4Ch14pr2CogRhKyLUQjwgsd3XLYPaxfP+qR9NaiuNGF+OOkkM
oN1LrXECBDmDwC8+UDxWNM5u9sNN+uUmOVcIMtyppHQJqHUYXy53rfEoW8LOSfFs
VdhLsqCg+PB86LGvdbiqmf10PXwr14GExuZEvqWrYjkfF3PNPVuH0AqFJH2BiQID
AQABo4HxMIHuMB0GA1UdDgQWBBTsv+d+69okmmo8xaG+XmW6OUZ0qDCBsQYDVR0j
BIGpMIGmgBTsv+d+69okmmo8xaG+XmW6OUZ0qKGBiqSBhzCBhDEVMBMGA1UEAxMM
Y2FuZXUtaHVlcGVyMQswCQYDVQQGEwJERTEaMBgGA1UECBQRQmFkZW4gV/xydHRl
bWJlcmcxEzARBgNVBAcTCkhlaWRlbmhlaW0xIDAeBgNVBAoUF1dlcmJlYWdlbnR1
ciBI/HBlciBHbWJIMQswCQYDVQQLEwJJVIIBADAMBgNVHRMEBTADAQH/MAsGA1Ud
DwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEABVNM2D8yfWOOKV4FER6md1g7m6Ea
TseAe1lxQZaf+DUyG/rgPRsLfnjHXnGzx5+v0QUgiYHexoYzeds0MRGCvmUePrlQ
vMc8lqvqFsea1hxdan8MWGiF6x/RqGXZmJsykU355KWTkoiawuWe7iiwH3rnCCz+
FyNhNa+TzYTNpb6Iz8AB4xOoMgFZwG1Dtc07qv621qXiE7ZMeBC1zVE/xMMx+5ox
ue0AyU9Rsf4PCPnbrclv7PT3/NNY2rzd/x6GeK06yc6kxlQi29dG2yaHXxdKprlc
yKYw0Ba0QApYkdZ1t4vW0nAokAIGBYYZduKEI1srsGFBb+SOy2EsjndfqA==
-----END CERTIFICATE-----
And here the errormessage:
Error: Traceback (most recent call last):
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 137, in call_method
result = await self.middleware._call(message['method'], serviceobj, methodobj, params, app=self,
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/service.py", line 455, in create
rv = await self.middleware._call(
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1191, in _call
return await methodobj(*prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 973, in nf
return await f(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2419, in do_create
verrors = await self.validate_common_attributes(data, 'certificate_authority_create')
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 2234, in validate_common_attributes
await _validate_common_attributes(self.middleware, data, verrors, schema_name)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 97, in _validate_common_attributes
if not matches or not await middleware.call('cryptokey.load_certificate', certificate):
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1233, in call
return await self._call(
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1202, in _call
return await self.run_in_executor(prepared_call.executor, methodobj, *prepared_call.args)
File "/usr/local/lib/python3.8/site-packages/middlewared/main.py", line 1106, in run_in_executor
return await loop.run_in_executor(pool, functools.partial(method, *args, **kwargs))
File "/usr/local/lib/python3.8/site-packages/middlewared/utils/io_thread_pool_executor.py", line 25, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/schema.py", line 977, in nf
return f(*args, **kwargs)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 379, in load_certificate
cert_info = self.get_x509_subject(cert)
File "/usr/local/lib/python3.8/site-packages/middlewared/plugins/crypto.py", line 452, in get_x509_subject
dn.append(f'{k.decode()}={v.decode()}')
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xfc in position 7: invalid start byte