-
-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Importing external certificates/certificates authorities in V2 #605
Comments
@jaredhendrickson13 hey, can you please give a short update on the subject? Thank you! |
Thanks for reporting these. Apologies for missing this issue earlier, I must have overlooked this one.
|
There were two issues. Firstly, v2 did not have the |
Thank you very much! |
Correct, the |
Describe the bug
In Certificate Authority creation #519 , you created an option to generate values for the 'crt' and 'key' fields in V2.
The functionality of importing external certificate authority without the 'prv' field is still missing in V2.
An interesting phenomenon is that when clicking 'edit' in the web configurator on the certificate object created with V2, making no changes, and clicking 'save', the pfSense suddenly recognizes the existing CA object as the issuer of this certificate.
Can it be related to the way the certificates are sent to the API? In V1 they were sent in base64 format, in V1 they were sent in plain text. Can you explain the difference?
I will stress that I'm sending the same request to /api/v1/system/certificate, with the 'crt' and 'prv' in base64, and with the 'import' method, and the certificate was created successfully and are shown as issued by the CA object.
To Reproduce
specify the 'crt' and 'prv' fields using plain text X509 certificate.
the certificate is being created, but not appears to be signed by the existing CA object.
The text was updated successfully, but these errors were encountered: