Project

General

Profile

Actions
Copy link

Bug #4142

closed

certificate manager certificates that are in use by packages can be deleted

Added by Pi Ba almost 10 years ago. Updated almost 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Certificates
Target version:
2.3
Start date:
12/24/2014
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All

Description

certificatemanager, certificates that are in use can be deleted

When a certificate is in use by a OpenVPN server it cannot be deleted, however when a certificate is in use by HAProxy-devel, it can be deleted. There needs to be a way for pfSense to query what certificates are used by packages.

For example [https://github.com/pfsense/pfsense/pull/1081]

Actions
Copy link
 #1

Updated by Chris Buechler almost 10 years ago

  • Status changed from New to Confirmed
  • Target version changed from 2.2 to 2.2.1
  • Affected Version changed from 2.1.5 to All
Actions
Copy link
 #2

Updated by Jim Thompson almost 10 years ago

  • Assignee set to Renato Botelho
Actions
Copy link
 #3

Updated by Chris Buechler almost 10 years ago

  • Target version changed from 2.2.1 to 2.2.2
Actions
Copy link
 #4

Updated by Chris Buechler over 9 years ago

  • Target version changed from 2.2.2 to 2.2.3
Actions
Copy link
 #5

Updated by Chris Buechler over 9 years ago

  • Subject changed from certificatemanager, certificates that are in use can be deleted to certificate manager certificates that are in use by packages can be deleted
  • Target version changed from 2.2.3 to 2.3
Actions
Copy link
 #6

Updated by Renato Botelho almost 9 years ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #7

Updated by Pi Ba almost 9 years ago

Thanks, change works regarding hiding the delete button when a package uses the 'plugin_certificates' function to report used certificates.

With regard to 'speed' it might improve performance to 'cache' the $certificates_used_by_packages variable during building the certificate page if users have a lot of certificates there. Currently its calling every package again and again for every certificate, while the package returns all used certificates in a array every time. (I havent tested how many packages & certificates & package configuration are needed before having a noticeable effect.)

It would be nice to show which packages are using the certificate though. As currently the 'In Use' column can be empty while the delete button is hidden. Depending on the number of packages installed and if someone is taking over a preexisting configuration that would help them find the right location. Perhaps even use the 'usedby' attribute to show additional information provided by the package in a popup window?

Actions
Copy link
 #8

Updated by Renato Botelho almost 9 years ago

  • Status changed from Feedback to Assigned
  • Assignee changed from Renato Botelho to Anonymous

The part of https://github.com/pfsense/pfsense/pull/1081 that added the information about what packages are using that certificate was lost during bootstrap integration, moving to Steve to check best way to show this information

Actions
Copy link
 #9

Updated by Anonymous almost 9 years ago

  • Status changed from Assigned to Resolved
  • Assignee deleted (Anonymous)

Lost functionality has been restored and tested by Renato :)

Actions
Copy link

Also available in: Atom PDF