Why is Rust OpenSSL suddenly making invalid SANs?

If you have a Rust app that uses the openssl crate to generate certificates (or certificate signing requests), and one day out of the blue those certs. or CSRs are being rejected for malformed subject alternative names (SANs) with confusing errors like:

Then the root cause is almost certainly that your app was relying on an API quirk in the openssl crate that went away with a bugfix that landed in 2023.

If you haven’t updated openssl past that point then I’m afraid this story won’t help you fix your bug (and you are missing security fixes for vulnerabilities!).

I first bumped into this situation after rustls#1292 was created by a user confused by an error emitted by Rustls when talking to a server using a certificate generated with the Rust openssl crate. I bumped into it again this week after helping a friend debug a problem with a Rust ACME client, prompting the idea to write this stuff down :)

Often the first thing folks reach for in these cases is the openssl command line tool to dump a textual representation of a problematic PEM encoded X.509 certificate to check its subject alternative names:

Leave a Comment