Parsing X509 certificate in Go

Question

I am having the following function, which reads an X509 certificate.

certCerFile,err := os.Open("certificate.pem")
if err != nil {
    log.Fatal(err)
}

derBytes := make([]byte,1000)

count,err:=certCerFile.Read(derBytes)
if err != nil {
    log.Fatal(err)
}

certCerFile.Close()

// trim the bytes to actual length in call
cert,err := x509.ParseCertificate(derBytes[0:count])
if err != nil {
    log.Fatal(err)
}

fmt.Printf("Name %s\n", cert.Subject.CommonName)
fmt.Printf("Not before %s\n", cert.NotBefore.String())
fmt.Printf("Not after %s\n", cert.NotAfter.String())

I face the following error:

asn1: structure error: tags don't match (16 vs {class:0 tag:13 length:45 isCompound:true}) {optional:false explicit:false application:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} certificate @2

That's how I generate X509:

random := rand.Reader

var key rsa.PrivateKey
loadKey("private.key",&key)

now:= time.Now()
then := now.Add(60 * 60 * 24 * 365 * 1000 * 1000 * 1000)

template:= x509.Certificate{
    SerialNumber: big.NewInt(1),
    Subject: pkix.Name{
        CommonName: "borscht.com",
        Organization: []string{"Borscht Systems AG"},
    },
    NotBefore:now,
    NotAfter:then,
    SubjectKeyId: []byte{1,2,3,4},
    KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature,
    BasicConstraintsValid:true,
    IsCA:true,
    DNSNames:[]string{"borscht.com","localhost"},
}

derBytes,err:=x509.CreateCertificate(random, &template, &template,&key.PublicKey,&key)
if err != nil {
    log.Fatal(err)
}

certCerFile,err :=os.Create("certificate.cer")
if err != nil {
    log.Fatal(err)
}

certCerFile.Write(derBytes)
certCerFile.Close()

certPemFile, err := os.Create("certificate.pem")
if err != nil {
    log.Fatal(err)
}

I just don't understand what might be wrong.

Answer 1

I made a mistake myself. Parse pem instead of cer file. Replaced and everything is fine