tls: move tls.parseCertString to end-of-life
The internal use of tls.parseCertString
was removed in a336444c. The function does not handle multi-value RDNs correctly, leading to incorrect representations and security concerns.
This change is breaking in two ways: tls.parseCertString
is removed (but has been runtime-deprecated since Node.js 9) and _tls_common.translatePeerCertificate
does not translate the subject
and issuer
properties anymore.
The only alternative I can think of is implementing proper RFC2253 parsing in parseCertString
. However, the returned data structure is insufficient for representing the complexity of RDNSequence
(see RFC5280) anyway.
This change also removes the recommendation to use querystring.parse
instead, which is similarly dangerous.