Project

General

Profile

Actions

Bug #8801

closed

OpenVPN Wizard, User Manager, Cert Manager will place CA CN in the Country Code field of a Certificate

Added by Anonymous almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
OpenVPN
Target version:
Start date:
08/18/2018
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4
Affected Architecture:
All

Description

Go to System Cert Manager > CAs and make a new CA. Go to VPN > OpenVPN and click Wizards. On the first step choose local user access, then next and use the existing CA, then next and click Add new certificate. Notice the Country code is the CA's CN.


Files

18-08-2018_01_13_34.png (19.8 KB) 18-08-2018_01_13_34.png Anonymous, 08/18/2018 12:15 AM
18-08-2018_01_13_22.png (42.1 KB) 18-08-2018_01_13_22.png Anonymous, 08/18/2018 12:15 AM
Actions #1

Updated by Jim Pingle almost 4 years ago

  • Category set to OpenVPN
  • Status changed from New to 13
  • Assignee set to Jim Pingle
  • Affected Architecture All added
  • Affected Architecture deleted ()
Actions #2

Updated by Jim Pingle almost 4 years ago

Fix for this is coming. It affected more than just the OpenVPN wizard. The OpenVPN wizard, cert manager, and User Manager all made incorrect assumptions about the CA subject parameter order and count. They referenced these subject fields by number and not by name, so any CA with less fields than expected would confuse these areas. It actually resulted in the failure to create a new cert for a user entirely as well.

When testing, please check the following areas using a CA that only contains a CN, nothing else:

  • Using the OpenVPN wizard as described in this issue above
  • Creating a new user with a certificate (make the certificate while creating the user -- not after)
  • Create a new server or user certificate from inside the certificate manager, check that the CA fields are populated appropriately when selecting the CA

It would also be worth testing these areas again with a CA that has every field filled in.

Actions #3

Updated by Jim Pingle almost 4 years ago

  • Status changed from 13 to Feedback
  • % Done changed from 0 to 100
Actions #4

Updated by Jim Pingle almost 4 years ago

  • Subject changed from OpenVPN Wizard will place CA's CN in the Country Code field of Server Certificate to OpenVPN Wizard, User Manager, Cert Manager will place CA CN in the Country Code field of a Certificate
Actions #5

Updated by Chris Macmahon over 3 years ago

  • Status changed from Feedback to Resolved

tested on image 2.4.4.a.20180825.0917 this is no longer happening,
Using the OpenVPN wizard as described in this issue above
-this is resolved.

Creating a new user with a certificate (make the certificate while creating the user -- not after)
-this happened as desired, certificate made with out the country code being populated with ca cn

Create a new server or user certificate from inside the certificate manager, check that the CA fields are populated appropriately when selecting the CA
-this happened as desired, certificate made with out the country code being populated with ca cn

Actions

Also available in: Atom PDF