Actions
Bug #7885
closedCert. Manager should validate EKUs on importing a certificate authority
Start date:
09/21/2017
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All
Description
Currently, you can import any certificate as a CA, even ones that are actually unusable as a CA. Subsequently, you can select that in packages that require a usable CA to sign their own certificates, such as Squid.
(Found randomly when debugging a Squid issue with a user, see https://forum.pfsense.org/index.php?topic=136883.msg749056#msg749056)
Updated by Jim Pingle almost 7 years ago
- Target version changed from 2.4.1 to 2.4.2
Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated.
Updated by Jim Pingle almost 7 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 9e608d7a5215534d2519dc633a46884e2981619d.
Updated by Jim Pingle almost 7 years ago
- Status changed from Feedback to Resolved
Actions