https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162014-04-09T07:48:17ZpfSense bugtrackerpfSense - Bug #3591: Impossible to edit CRLs in 2.1.1https://redmine.pfsense.org/issues/3591?journal_id=137122014-04-09T07:48:17ZJim Pingle
<ul></ul><p>A fix is coming but ideally you'd create a whole new CA and Cert structure if you believe yours has been compromised. Re-using the CA + Revoking certs should only be done if the CA's key had no chance of being compromised.</p>
<p>New CA + New certs is also faster than Revoking eleventy hundred certs plus regenerating them all. If you have to reissue all new clients anyway, there's little benefit to taking the revocation path.</p> pfSense - Bug #3591: Impossible to edit CRLs in 2.1.1https://redmine.pfsense.org/issues/3591?journal_id=137132014-04-09T08:00:14ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Use an alphanumeric test rather than purely is_numericint because the ID is generated by uniqid a..." href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/d22169cfd68a26c04ca6d1aa997575f1b3e4cc80">d22169cfd68a26c04ca6d1aa997575f1b3e4cc80</a>.</p> pfSense - Bug #3591: Impossible to edit CRLs in 2.1.1https://redmine.pfsense.org/issues/3591?journal_id=137142014-04-09T08:00:15ZJim Pingle
<ul></ul><p>Applied in changeset <a class="changeset" title="Use an alphanumeric test rather than purely is_numericint because the ID is generated by uniqid a..." href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/80f48850307dea4ceb08dc1a785dd24322b5283d">80f48850307dea4ceb08dc1a785dd24322b5283d</a>.</p> pfSense - Bug #3591: Impossible to edit CRLs in 2.1.1https://redmine.pfsense.org/issues/3591?journal_id=137152014-04-09T08:32:18ZDoktor Notor
<ul></ul><p>OK, fix works, thanks. It is indeed correct that starting with a completely new CA is best solution in this case, but I'd still like to keep track of the revoked certificates.</p> pfSense - Bug #3591: Impossible to edit CRLs in 2.1.1https://redmine.pfsense.org/issues/3591?journal_id=137572014-04-10T14:40:38ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li><li><strong>Target version</strong> set to <i>2.1.2</i></li></ul>