https://bugs.winehq.org/show_bug.cgi?id=47234
--- Comment #6 from Dmitry Timoshkov dmitry@baikal.ru --- Thanks for the samples. I've added support for ASCII certificates to my test app and here are some results of my testing:
thawte Primary Root CA - G2: This one uses non-standard header/trailer with 3 instead of 5 dashes, and CryptStringToBinary() fails to decode it even under Windows. Once I add 2 more dashes CryptStringToBinary() succeeds, but then CertCreateCertificateContext() fails with error CRYPT_E_ASN1_BADTAG under both wine-4.8 and Windows 7. I haven't tested this certificate with Linux tools though.
VeriSign Class 3 Public Primary Certification Authority - G4: USERTrust ECC Certification Authorit: These two get successfully decoded by CryptStringToBinary() and then CertCreateCertificateContext() successfully decodes it as well and I see reasonable certificate info. That's both under wine-4.8 and Windows 7.
So, the problem is not with certificate decoding and must be somewhere else. I'd guess the failure happens once someone tries to verify the certificate signature, and that hits a not supported algorithm under Wine.