Feature #8645
closed
Upload certificate file instead of pasting
100%
Description
When importing a new certificate, currently we have to paste in the ASCII Base64 (PEM) representation of the cert & key.
In many scenarios this data is trivial to obtain, but in others quite difficult. (e.g. all I have is a .p12 file, on Windows - now what?)
It is possible to auto-detect file type and extract the components deterministically on the back end using e.g. openssl, for around 4 or 5 common formats IIRC.
This would be a nice-to-have convenience feature, but obviously not critical since I can do the same steps myself with openssl.
(I learned at BSDCan 2018 that certificates can contain arbitrary data, and thus can be code injection vectors themselves, so I'm no longer prepared to even guess how long this feature would take to implement safely. Which, yes, I get means this won't happen... but if I don't ask, I'll never get.)
Updated by Michael Newton over 5 years ago
Just submitted: https://github.com/pfsense/pfsense/pull/4063
Updated by Jim Pingle over 5 years ago
- Status changed from New to Pull Request Review
Updated by Viktor Gurov almost 5 years ago
updated PR:
https://github.com/pfsense/pfsense/pull/4175
Updated by Renato Botelho over 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Anonymous