Feature #9918
closed
check user certificates for correct ECDSA curves
Added by Viktor Gurov over 4 years ago.
Updated over 4 years ago.
Description
Show only correct (IPsec = OpenVPN) ECDSA when adding existing certificates to users,
'Choose an Existing Certificate' on System \ Certificate Manager \ Certificates \ Edit page
https://github.com/pfsense/pfsense/pull/4118
- Status changed from New to Closed
I don't think we should limit this here. When creating/assigning the certs, it's really up to the admin. We don't know what they are using them for necessarily.
Jim Pingle wrote:
We don't know what they are using them for necessarily.
As I understand user certs can be used only by IPsec and OpenVPN clients
It will automatically filter incorrect certs from OpenVPN client export page
In the GUI, yes, but admins could be using them for other purposes. It's best to filter them at the point we know they are incompatible, such as preventing them from being used in the OpenVPN client export package, IPsec, etc.
Also available in: Atom
PDF