Sometimes when users cut and past their x509 certificates into our system from the web, spaces get mixed up in in there.
Is it safe to assume that spaces are not valid characters in x509 certificates and strip them out?
I assume who are talking about PEM encoded certificate, i.e. a certificate with a -----BEGIN CERTIFICATE----- header and a -----END CERTIFICATE----- footer and which looks like that:
-----BEGIN CERTIFICATE-----
MIICwzCCAaugAwIBAgIKUXEyN2GLpe8......
-----END CERTIFICATE-----
In that case the certificate content is encoded with base64. Since a certificate is a digitally signed object you cannot change a single bit, otherwise the signature validation fails. But the space characters (including tabulations or line feed) are not valid base64 characters. If some space characters has been added to certificate string you could probably safely remove them since they are not valid characters. A robust certificate parser will probably just ignore them. Note that it is a common practice to split the PEM encoded certificate into lines of 64 columns; the certificate reader will ignore the added new-line characters.
The good news: after removing these additional characters, thanks to the digital signature, if the certificate is successfully parsed, it means that its integrity is ok.