Description
A customer tried to use the --cacert option and got this error:
Error- Internal error: cadata should be an ASCII string or a bytes-like object
From slack discussion (https://rstudio.slack.com/archives/C9H3Y1KGE/p1618407352125500?thread_ts=1617900945.097000&cid=C9H3Y1KGE):
The python function we're using is https://docs.python.org/3/library/ssl.html#ssl.create_default_context. The data we provide needs to be "either an ASCII string of one or more PEM-encoded certificates or a bytes-like object of DER-encoded certificates".
pycurl/pycurl#490
It could be that we're loading the file as a string, it contains non-ascii comments, so we really need to make sure it's loaded as bytes
If it's a PEM file with non-ascii characters in the comments, we'll need to load it as binary, then decode to ascii with discard so it ends up as an ascii string (or ask the user to remove the comments). If it's a DER certificate, we need to load as bytes and not convert to text at all. To distinguish those cases, we'd need to inspect the file contents.
Our customer-facing documentation does not give any specifics about the expected format of the certificate file.
customer issue: https://rstudioide.zendesk.com/agent/tickets/59936