Project

General

Profile

Bug #9745

can't add ECDSA certificate key when signing CSR

Added by Viktor Gurov about 1 month ago. Updated about 22 hours ago.

Status:
Pull Request Review
Priority:
Normal
Assignee:
-
Category:
Certificates
Target version:
Start date:
09/11/2019
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.4.4-p3
Affected Architecture:

Description

If you try to sign CSR it not allow to add Key data with following errors:

The following input errors were detected:

This private does not appear to be valid.
Key data field should be blank, or a valid x509 private key

it is ok it you add only CSR, without ec key data.
it is ok if you import existing certificate and ec-key with "Import an existing Certificate"

key created with:
openssl ecparam -name brainpoolP160r1 -genkey -param_enc explicit -out ec-ovpns.pem
openssl req -key ec-ovpns.pem -new -out ec-ovpns.csr

ec-ovpns.pem (647 Bytes) ec-ovpns.pem test ECDSA key Viktor Gurov, 09/11/2019 09:42 AM
ec-ovpns.csr (562 Bytes) ec-ovpns.csr test CSR Viktor Gurov, 09/11/2019 09:42 AM
Screenshot from 2019-09-11 17-37-23.png (103 KB) Screenshot from 2019-09-11 17-37-23.png Viktor Gurov, 09/11/2019 09:43 AM

History

#1 Updated by Jim Pingle about 1 month ago

  • Assignee set to Jim Pingle
  • Target version set to 2.5.0

This is probably the check needing to recognize the EC key header text since it's different.

#3 Updated by Jim Pingle about 22 hours ago

  • Status changed from New to Pull Request Review
  • Assignee deleted (Jim Pingle)

Also available in: Atom PDF