Project

General

Profile

Actions
Copy link

Bug #7885

closed

Cert. Manager should validate EKUs on importing a certificate authority

Added by Kill Bill about 7 years ago. Updated about 7 years ago.

Status:
Resolved
Priority:
Low
Assignee:
Jim Pingle
Category:
Certificates
Target version:
2.4.2
Start date:
09/21/2017
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
All
Affected Architecture:
All

Description

Currently, you can import any certificate as a CA, even ones that are actually unusable as a CA. Subsequently, you can select that in packages that require a usable CA to sign their own certificates, such as Squid.

(Found randomly when debugging a Squid issue with a user, see https://forum.pfsense.org/index.php?topic=136883.msg749056#msg749056)

Actions
Copy link
 #1

Updated by Jim Pingle about 7 years ago

  • Target version changed from 2.4.1 to 2.4.2

Moving target to 2.4.2 as we need 2.4.1 sooner than anticipated.

Actions
Copy link
 #2

Updated by Jim Thompson about 7 years ago

  • Assignee set to Jim Pingle
Actions
Copy link
 #3

Updated by Jim Pingle about 7 years ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #4

Updated by Jim Pingle about 7 years ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF