Help with loading self-signed CA root certificate

[lazytiger]

I have a self-signed root CA using openssl as the following

openssl genrsa -out ca.key 2048
openssl req -new -x509 -days 3650 -key ca.key -out ca.crt

I am trying to load the certificate using rust as the following

 ///self.ca_key and self.ca_crt are the content of the pem file
 let key = KeyPair::from_pem(self.ca_key.as_str())?;
 let mut params = CertificateParams::from_ca_cert_pem(self.ca_crt.as_str(), key)?;

When this code was executed, CouldNotParseKeyPair error was thrown. How can I fix this?

[est31]

I think the problem is that we expect keys to be in pkcs#8 format, cc #123. See also the ring docs on how to generate pkcs#8 keys.

[lazytiger]

Thanks, I solved the pkcs#8 format problem and found that if the certificate is supplied with full information, especially email, parse will fail. I have to leave that information empty to pass the parse.