Feature #9834

system_certmanager.php: add ability to import certificate without private key

Added by Viktor Gurov over 1 year ago. Updated about 1 year ago.

Very Low
Target version:
Start date:
Due date:
% Done:


Estimated time:
Release Notes:


This is needed in case when VPN clients uses PKCS#11 token for authentication, and they not able to export private key

Associated revisions

Revision 8c145373 (diff)
Added by Viktor Gurov about 1 year ago

Allow import cert without private key. Issue #9834


#2 Updated by Jim Pingle over 1 year ago

  • Status changed from New to Pull Request Review
  • Priority changed from Normal to Very Low

It's nowhere near that simple. In doing this, there would also have to be quite a bit of code preventing users from picking these keyless certificates in places where they would cause problems (which is everywhere). There would have to be a special option to mark the entry as being specifically for this purpose, and anywhere that uses certificates would need to be made aware of it.

If this is only for the client export package, then I don't see the purpose of causing all these problems just for that. If someone wants to do that, they can put together their own config files.

#3 Updated by Renato Botelho about 1 year ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • Target version set to 2.5.0

PR has been merged. Thanks!

#4 Updated by Viktor Gurov about 1 year ago

  • Status changed from Feedback to Resolved

works as expected on 2.5.0.a.20200317.1949

Also available in: Atom PDF