Bug #6953: on mismatching private key for CA, "edit user" silently creates user cert using different CA - pfSense - pfSense bugtracker

Actions

Copy link

Bug #6953

closed

on mismatching private key for CA, "edit user" silently creates user cert using different CA

Added by Harald Linden about 8 years ago. Updated almost 8 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Harald Linden

Category:

Certificates

Target version:

2.4.0

Start date:

11/23/2016

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.3.2

Affected Architecture:

Description

Steps to reproduce:

have existing internal CA
import external CA (in my case, signed by the internal CA but generated externally)
enter wrong private key for CA and save (this should fail, btw.)
open dialogue "user manager" -> "edit user"
create user certificate

The resulting user cert will be signed by the existing internal CA instead of failing.

Starting this process from the cert manager works as expected and fails with "The following input errors were detected:
openssl library returns: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch".

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #6953

on mismatching private key for CA, "edit user" silently creates user cert using different CA

Updated by Jim Pingle about 8 years ago

Updated by Jim Pingle almost 8 years ago

Updated by Jim Pingle almost 8 years ago