'Can't create google CA certificate via google client library
Getting an error error parsing CSR: ToCertificateRequest: nil DER when decoding PEM
The same CSR works when using the gcp console
3 INVALID_ARGUMENT: error parsing CSR: generic:
:invalid_argument: error parsing CSR: ToCertificateRequest: nil DER when decoding PEM:
-----BEGIN CERTIFICATE REQUEST-----\n
MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\n
ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN\n
AQEBBQADggEPADCCAQoCggEBALkC6uLhfZbLJRWByF4McIxcrCVV+AaCjLhj9qjk\n
OdmW4zYcIaRgjSnz6tqEd7IF7ne6VS/Q6gzYp9MDjIiX8aauteOBD55YprE9tnI9\n
6K6TQv4qwyP+t8ktN34qmrLhxXSdH5zPaUGRR6wPvMkttgF5yxgLnUshyQuMbleK\n
P7ycwiJ/z9gvyPbqvThPo0dbt8fVcpzzR6ChfPKYoiRsdTqCHVfN3B8ZG3vh99rl\n
Q5fTBbLEXD/OKoMjvXw/ZLC3FpwmLMdkFj5LbVEsQHuc8/YNH4wm/VsTNQ7ytQMo\n
lc2rskmS941Tc8f5eaYA1IF3cmukQyUm5+eI7ziucb2UDPcCAwEAAaAAMA0GCSqG\n
SIb3DQEBCwUAA4IBAQBpkSmxo8dCEuBbYIuzpV7aAHyF+xX9pxPNrzLBvK5fgUpy\n
tu2ym8iSiIcxAqfrCJ9AETtZ+GkYEfxH+zngCDXKkPpi8ggDOllYO7pSKQTJJQXz\n
s/lueYGNFe5UCJdUCv9OBei+pH64ypp2f64ldRdZzJcmZuH0Fuc1MxCGvhOSIlKG\n
PDaMKOwL4VVvbBeRyoaag8MgZZgBaVKIQsN6vNVmluKUoFkf0L5vtuaICpxU3tPK\n
v4kJaOQR3eGWiNmn7X+jaDptlEaER9WDxDscjEabqKJdqZtKWkXo7FASWoLTOmun\n
KsSyBpVO3AAmurlrzZA/lFb229dkV59zeLmruz4g\n
-----END CERTIFICATE REQUEST-----
Environment details
- OS:
- Node.js version: 14.19.0
@google-cloud/security-private-ca
version: 3.1.0
Steps to reproduce
- Generate a csr using openssl
openssl req -newkey rsa:2048 -keyout PRIVATEKEY.key -out MYCSR.csr
cat MYCSR.csr
- Send that csr in a createCertificate request:
return await client.createCertificate({
parent: '/path/to/pool',
certificate: {
name: 'my cert',
lifetime: {
seconds: 31536000, // 1 year
},
pemCsr: `-----BEGIN CERTIFICATE REQUEST-----
MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx
ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALkC6uLhfZbLJRWByF4McIxcrCVV+AaCjLhj9qjk
OdmW4zYcIaRgjSnz6tqEd7IF7ne6VS/Q6gzYp9MDjIiX8aauteOBD55YprE9tnI9
6K6TQv4qwyP+t8ktN34qmrLhxXSdH5zPaUGRR6wPvMkttgF5yxgLnUshyQuMbleK
P7ycwiJ/z9gvyPbqvThPo0dbt8fVcpzzR6ChfPKYoiRsdTqCHVfN3B8ZG3vh99rl
Q5fTBbLEXD/OKoMjvXw/ZLC3FpwmLMdkFj5LbVEsQHuc8/YNH4wm/VsTNQ7ytQMo
lc2rskmS941Tc8f5eaYA1IF3cmukQyUm5+eI7ziucb2UDPcCAwEAAaAAMA0GCSqG
SIb3DQEBCwUAA4IBAQBpkSmxo8dCEuBbYIuzpV7aAHyF+xX9pxPNrzLBvK5fgUpy
tu2ym8iSiIcxAqfrCJ9AETtZ+GkYEfxH+zngCDXKkPpi8ggDOllYO7pSKQTJJQXz
s/lueYGNFe5UCJdUCv9OBei+pH64ypp2f64ldRdZzJcmZuH0Fuc1MxCGvhOSIlKG
PDaMKOwL4VVvbBeRyoaag8MgZZgBaVKIQsN6vNVmluKUoFkf0L5vtuaICpxU3tPK
v4kJaOQR3eGWiNmn7X+jaDptlEaER9WDxDscjEabqKJdqZtKWkXo7FASWoLTOmun
KsSyBpVO3AAmurlrzZA/lFb229dkV59zeLmruz4g
-----END CERTIFICATE REQUEST-----`,
},
});
Solution 1:[1]
Was a formatting issue, fixed by concatenating lines
'-----BEGIN CERTIFICATE REQUEST-----\n' +
'MIICijCCAXICAQAwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgMClNvbWUtU3RhdGUx\n' +
'ITAfBgNVBAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDCCASIwDQYJKoZIhvcN\n' +
'AQEBBQADggEPADCCAQoCggEBALkC6uLhfZbLJRWByF4McIxcrCVV+AaCjLhj9qjk\n' +
'OdmW4zYcIaRgjSnz6tqEd7IF7ne6VS/Q6gzYp9MDjIiX8aauteOBD55YprE9tnI9\n' +
'6K6TQv4qwyP+t8ktN34qmrLhxXSdH5zPaUGRR6wPvMkttgF5yxgLnUshyQuMbleK\n' +
'P7ycwiJ/z9gvyPbqvThPo0dbt8fVcpzzR6ChfPKYoiRsdTqCHVfN3B8ZG3vh99rl\n' +
'Q5fTBbLEXD/OKoMjvXw/ZLC3FpwmLMdkFj5LbVEsQHuc8/YNH4wm/VsTNQ7ytQMo\n' +
'lc2rskmS941Tc8f5eaYA1IF3cmukQyUm5+eI7ziucb2UDPcCAwEAAaAAMA0GCSqG\n' +
'SIb3DQEBCwUAA4IBAQBpkSmxo8dCEuBbYIuzpV7aAHyF+xX9pxPNrzLBvK5fgUpy\n' +
'tu2ym8iSiIcxAqfrCJ9AETtZ+GkYEfxH+zngCDXKkPpi8ggDOllYO7pSKQTJJQXz\n' +
's/lueYGNFe5UCJdUCv9OBei+pH64ypp2f64ldRdZzJcmZuH0Fuc1MxCGvhOSIlKG\n' +
'PDaMKOwL4VVvbBeRyoaag8MgZZgBaVKIQsN6vNVmluKUoFkf0L5vtuaICpxU3tPK\n' +
'v4kJaOQR3eGWiNmn7X+jaDptlEaER9WDxDscjEabqKJdqZtKWkXo7FASWoLTOmun\n' +
'KsSyBpVO3AAmurlrzZA/lFb229dkV59zeLmruz4g\n' +
'-----END CERTIFICATE REQUEST-----',
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | millarnui |