Bug #10284
closedExporting p12 for CSR causes a crash report
100%
Description
what i have done:
System / Certificate Manager / Certificates
select "Sign a certificate Signing request"
leave key data empty
save and try to export P12
result in an empty P12 file and a crash report
PHP Errors:
PHP Warning: openssl_pkcs12_export(): cannot get private key from parameter 3 in /usr/local/www/system_certmanager.php on line 209
https://forum.netgate.com/topic/150765/export-p12-pfsense-crash-report
Updated by Jim Pingle almost 5 years ago
- Project changed from pfSense Packages to pfSense
- Subject changed from exporting p12 causes a crash report to Exporting p12 for CSR causes a crash report
- Category set to Certificates
- Target version set to 2.5.0
Looks like P12 export should be disabled either just for CSRs or perhaps for any entry which lacks a key (Which we allow now in certain cases like for PKCS#11). I can't remember if it's valid to reference a PKCS#11 style entry in PKCS#12 archives. Need to look that up.
Updated by Viktor Gurov almost 5 years ago
Unfortunately openssl_pkcs12_export() do not allow to create PKCS#12 without private key,
Therefore, we need to hide PKCS#12 export buttons if private key is empty:
https://github.com/pfsense/pfsense/pull/4204
Updated by Jim Pingle almost 5 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho almost 5 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Viktor Gurov almost 5 years ago
- Status changed from Feedback to Resolved
tested on 2.5.0.a.20200227.1722
works as expected - hides PKCS#12 export icons/buttons if private key does not exist