> From: openssl-users On Behalf Of Jerry OELoo > Sent: Tuesday, January 20, 2015 00:34 > I am reading cer file into X509 object, > http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer > > cert = d2i_X509_fp(fp, NULL); > it will return fail, as below > > Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too > long Worked for me, although I observe the server is labelling content-type: text/plain when 2585 (confirmed by 5280) says application/pkix-cert . (I resolved 23.13.165.163 after CNAMEing through edgekey and akamaiedge, but another ISP I can look at got 23.61.69.163. YMMV.) I note this certificate contains a "control-Z" byte (hex 1A). Are you possibly running on Windows with the Microsoft C runtime and opening the file in text mode? Windows C treats 1A as terminating a text file, to be compatible with MS-DOS and before that CP/M. Windows C also tries to use MS-DOS line ending CRLF instead of LF in text files. To read and write the exact bytes of a file in Windows C, as is needed for DER objects, use binary mode.
