Allow selecting the digest algorithm when creating a CA or Cert. Implements #2765
Use Certificate Manager in Captive Portal settings
Create $altnames earlier, and also fix a bracing issue with this if statement. Fixes certificate importing.
Add initial support for subjectAltName - still needs some select love for the "type" field, freetext for now for testing (it does work, cert gets the specified subjectAltName).
Carry over the key length on input errors when creating a certificate signing request. Fixes #2233
Add button to download a .p12 of a cert+key. Implements #2147
Check userid better here, 0 is also valid
Add an indication in the certificate list to show if a certificate is internally capable of being a CA (basicConstraints has CA:TRUE) or if the nsCertType is set to server.
When creating an internal certificate, offer the user a choice of what constraints to place upon the certificate (CA, Server, or User).
Unlock the fields when making a new internal cert, so we copy the data from the CA but are not locked into it. (Cert details often differ from CA details...)
Note consistency and gettext() added.
Internal cert and CSR creation error handling added.
Bug #1437. Dropdown list for country codes for CSRs (Cert Manager)
Bug #1437. Check for invalid characters in the fields for ca, cert and csr.
Redirect back to the CA/Cert management page after delete so a person can't refresh and accidentally delete other CA/Certs. (CRLs are deleted differently and don't need this fix)
Merge branch 'master' into yakatz-ssl
fix typo
missed a bit of my last commit
checking moduli of ssl csr request and response
override option for certificate subject mismatch
Validate imported CA/Cert a bit more strongly. Should fix #1190
Fix XSS issues
Indicate in various places if a certificate is revoked.
Indicate if a certificate has been revoked, both in the cert list and the user manager list.
Fix some forgotten name->descr changes.
Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA protection and standardize field names. Ticket #320.
Add CRL manager tab to other Cert Manager pages
Allow creating a user certificate, pre-fill some info, direct back to user edit screen if that is what led us here. If we are making a user certificate, give another choice to select a pre-existing certificate to associate with that user.
Only allow a certificate to be deleted if it is not currently in use.
Show was a certificate is used for, if anything.
CA/CERT Move
gettext fixes
Use array instead of explode for reqdfieldsn to fit it better with gettext() calls
Fixing gettext() implementation for required fields
Reviewing gettext()
Addin gettext to page title
Gettext for System::Cert manager
remove pfsense references, make generic
Fix typo
increase the default cert lifetime
Add pfSense_BUILDER_BINARIES: and pfSense_MODULE:. Adjust Copyright to include 2009 on files that I have asserted (C) on
Merge branch 'master' of git://rcs.pfsense.org/pfsense/nigel-ca-chain into review/master
Conflicts: etc/inc/certs.inc etc/inc/upgrade_config.inc
Remove certs.inc from functions.inc it is needed only by two pages usermanager and certmanager.
Added support for certificate chains to manager so that lighty can deliver them via SSL.
Correctly enforce limits on html input.
Migrate IPsec certificate management to centralized system.
This is the cert manager.
Cleanup the tab format of the system ca/certificate pages. The edges weresquare instead of rounded like most pfSense pages. While here, fix a bugthat made the submit button disappear when it shouldn't.
Add options to export ca, certificate and user certificate data from thewebui.
Rework most of the OpenVPN support. The interfaces have been updated tonot use the pkg system and the configuration has been migrated to anopenvpn prefix. The centralized user and certificate manager is now usedto support the openvpn configurations. Most of the files removed in this...
Implement a certificate authority and certificate webui that can be usedto centrally manage this data. There are no consumers at this time. Thisinterface allow for the following ...
Certificate Authority Manager:- List certificates authorities- Import existing certificate authority...