Project

General

Profile

Actions

Bug #8492

closed

Enable setting PKCS#12 export password in Certificate Manager

Added by Darren Spruell over 6 years ago. Updated over 5 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
-
Category:
Certificates
Target version:
-
Start date:
05/01/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

Several use cases exist for using an exported keypair as a .p12 archive, but are complicated by pfSense not setting an explicit export passphrase on the archive. Some advice exists to input a single space or arbitrary characters for the export passphrase when prompted at import on clients but this does not work in many cases (it may work in only limited cases for specific import utilities). A workaround exists that requires exporting the key and certificate separately and applying an export passphrase using the openssl command line. This is tedious and runs risk of users leaving unprotected private keys on disk. Devices that appear to require an export passphrase on P12 files are increasingly ubiquitous and it is a reasonable security control. Is it possible to add an export dialog for PKCS#12 that enables a passphase to be added?

Actions

Also available in: Atom PDF