Bug #1190
closed
Incorrectly pasted SSL Cert breaks the webconfigurator
100%
Description
I just pasted an SSL cert into the cert manager to use as the cert for the web interface. I managed to paste the cert missing the last line: -----END CERTIFICATE-----
Presumably no validation takes place because /var/etc/cert.pem was still created as a concatenation of the pasted cert and key, but obviously the last line of my cert mentioned above was missing. The webconfigurator restarted and then I was unable to access it anymore. I fixed it by tracking down the above file and restarting the webconfigurator from the console.
Is it possible to do validation on the pasted certs? Just a check that the first and last lines are sane would be a start?
Updated by Gary Richards over 13 years ago
Actually, I lie. That hasn't fixed it. /var/etc/cert.pem is being replaced when the webConfigurator restarts?!
Help!
Updated by Jim Pingle over 13 years ago
We already validate the first line, but not the last. Extra safety belts may not hurt though.
The cert on the filesystem will be replaced with what is stored in the config.xml file. You can't fix it by editing the file on the box, you'll have to fix the certificate in the config.
From the console you can either choose the menu option to set the LAN IP and then re-enter the current LAN IP, and it will offer to reset the GUI to HTTP and let you in, or you can hand edit config.xml and change it to HTTP. Once you're back in, fix the cert in the GUI and then it should be OK.
Updated by Jim Pingle over 13 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 396cfe2ee573696436e2c310f4d2610c1610965a.
Updated by Jim Pingle almost 12 years ago
- Status changed from Feedback to Resolved