[Bug]: step cli has problems parsing certificate if there is any extra data appended to the file

[sshipway]

Steps to Reproduce

• Issue a valid certificate using smallstep the usual way
• Use step certificate needs-renewal to verify cert file is OK
• Append a new text line to the end of the file (e.g. "\n foo \n").
• Use step certificate needs-renewal on the file again, which should return the same but instead throws an error.

Your Environment

• OS - linux centos 7
• step CLI Version - Smallstep CLI/0.26.0 (linux/amd64) Release Date: 2024-03-29T02:25:03Z

Expected Behavior

The certificate should parse the same regardless of any additional data on the end of the file, and should correctly respond the same in both cases

Actual Behavior

When there is extra data after the certificate, there is an error:

error decoding PEM: file 'filename.crt' contains unexpected data

Note that openssl x509 has no problem parsing the file and resturning the correct response, even with the extra data

Additional Context

We are using an application that requires a DHPARAMS section to be appended to the certificate in the file. After adding this, step cli is no longer able to properly read the file for testing expiry, renewing, etc.

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

[dopey]

This should be resolved in our latest release, v0.26.1. Please let us know if you see any issues.

Cheers 🍻