Feature #9918
closedcheck user certificates for correct ECDSA curves
0%
Description
Show only correct (IPsec = OpenVPN) ECDSA when adding existing certificates to users,
'Choose an Existing Certificate' on System \ Certificate Manager \ Certificates \ Edit page
Updated by Jim Pingle over 4 years ago
- Status changed from New to Closed
I don't think we should limit this here. When creating/assigning the certs, it's really up to the admin. We don't know what they are using them for necessarily.
Updated by Viktor Gurov over 4 years ago
Jim Pingle wrote:
We don't know what they are using them for necessarily.
As I understand user certs can be used only by IPsec and OpenVPN clients
It will automatically filter incorrect certs from OpenVPN client export page
Updated by Jim Pingle over 4 years ago
In the GUI, yes, but admins could be using them for other purposes. It's best to filter them at the point we know they are incompatible, such as preventing them from being used in the OpenVPN client export package, IPsec, etc.