Bug #8801
closed
OpenVPN Wizard, User Manager, Cert Manager will place CA CN in the Country Code field of a Certificate
Added by Anonymous over 6 years ago.
Updated about 6 years ago.
Affected Architecture:
All
Description
Go to System Cert Manager > CAs and make a new CA. Go to VPN > OpenVPN and click Wizards. On the first step choose local user access, then next and use the existing CA, then next and click Add new certificate. Notice the Country code is the CA's CN.
Files
- Category set to OpenVPN
- Status changed from New to 13
- Assignee set to Jim Pingle
- Affected Architecture All added
- Affected Architecture deleted (
Fix for this is coming. It affected more than just the OpenVPN wizard. The OpenVPN wizard, cert manager, and User Manager all made incorrect assumptions about the CA subject parameter order and count. They referenced these subject fields by number and not by name, so any CA with less fields than expected would confuse these areas. It actually resulted in the failure to create a new cert for a user entirely as well.
When testing, please check the following areas using a CA that only contains a CN, nothing else:
- Using the OpenVPN wizard as described in this issue above
- Creating a new user with a certificate (make the certificate while creating the user -- not after)
- Create a new server or user certificate from inside the certificate manager, check that the CA fields are populated appropriately when selecting the CA
It would also be worth testing these areas again with a CA that has every field filled in.
- Status changed from 13 to Feedback
- % Done changed from 0 to 100
- Subject changed from OpenVPN Wizard will place CA's CN in the Country Code field of Server Certificate to OpenVPN Wizard, User Manager, Cert Manager will place CA CN in the Country Code field of a Certificate
- Status changed from Feedback to Resolved
tested on image 2.4.4.a.20180825.0917 this is no longer happening,
Using the OpenVPN wizard as described in this issue above
-this is resolved.
Creating a new user with a certificate (make the certificate while creating the user -- not after)
-this happened as desired, certificate made with out the country code being populated with ca cn
Create a new server or user certificate from inside the certificate manager, check that the CA fields are populated appropriately when selecting the CA
-this happened as desired, certificate made with out the country code being populated with ca cn
Also available in: Atom
PDF
Updated by 
Updated by 
