system_certmanager.php: add ability to import certificate without private key
This is needed in case when VPN clients uses PKCS#11 token for authentication, and they not able to export private key
#2 Updated by Jim Pingle 11 months ago
- Status changed from New to Pull Request Review
- Priority changed from Normal to Very Low
It's nowhere near that simple. In doing this, there would also have to be quite a bit of code preventing users from picking these keyless certificates in places where they would cause problems (which is everywhere). There would have to be a special option to mark the entry as being specifically for this purpose, and anywhere that uses certificates would need to be made aware of it.
If this is only for the client export package, then I don't see the purpose of causing all these problems just for that. If someone wants to do that, they can put together their own config files.