Feature #8645

Upload certificate file instead of pasting

Added by Adam Thompson almost 3 years ago. Updated 9 months ago.

Very Low
Target version:
Start date:
Due date:
% Done:


Estimated time:
Plus Target Version:
Release Notes:


When importing a new certificate, currently we have to paste in the ASCII Base64 (PEM) representation of the cert & key.
In many scenarios this data is trivial to obtain, but in others quite difficult. (e.g. all I have is a .p12 file, on Windows - now what?)
It is possible to auto-detect file type and extract the components deterministically on the back end using e.g. openssl, for around 4 or 5 common formats IIRC.

This would be a nice-to-have convenience feature, but obviously not critical since I can do the same steps myself with openssl.

(I learned at BSDCan 2018 that certificates can contain arbitrary data, and thus can be code injection vectors themselves, so I'm no longer prepared to even guess how long this feature would take to implement safely. Which, yes, I get means this won't happen... but if I don't ask, I'll never get.)

Associated revisions

Revision 96d78012 (diff)
Added by Viktor Gurov over 1 year ago

Allow import of PKCS12 (pfx) certificates. Issue #8645


#2 Updated by Jim Pingle almost 2 years ago

  • Target version set to 2.5.0

#3 Updated by Jim Pingle almost 2 years ago

  • Status changed from New to Pull Request Review

#5 Updated by Renato Botelho 12 months ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

#6 Updated by Steve Beaver 9 months ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF