Added by Dmitriy K over 10 years ago. Updated over 7 years ago.
0%
Description
It would be nice if we could backup / restore all certificates only.
Updated by Jim Pingle over 10 years ago
Updated by Chris Buechler almost 9 years ago
Updated by Kill Bill over 7 years ago
Dmitriy K wrote:
It would be nice if we could backup / restore all certificates only.
I don't think so. Imagine you have a bunch of certificates used for:
- webGUI
- OpenVPN
- IPsec
- bunch of different packages (Squid, haproxy, FreeRADIUS ...)
- local users
- ...
Now, you import some certificates backup not matching your current configuration (why'd you be importing it otherwise), and all of the above breaks.
Coding something like this frankly sounds like a nightmare.
Updated by Dmitriy K over 7 years ago
OPNsense implemented it and it works like a charm. Few days ago I was prepping a replacement box and I though I would die copy-pasting never ending certificates.
Honestly, I don't understand you. There are CAs and Certs ... it very easy to read them from xml. Who cares about previous cert assignation? Just import "as is". I will assign them as I want. That's all.
Updated by Kill Bill over 7 years ago
Ah yeah, blindly replacing a config section is indeed absolutely no problem... Who cares that the GUI, VPNs and other services will crash. Afraid this is not the way coding is done in pfSense. If causing tons of collateral damage is OK with some random fork, you are free to use it.