⚲
Project
General
Profile
Sign in
Register
Home
Projects
Help
Search
:
pfSense
All Projects
pfSense
Overview
Activity
Roadmap
Issues
Gantt
Calendar
News
Documents
Repository
«
Previous
|
Next
»
Revision 3ad1e1cb
Added by
Jim Pingle
almost 2 years
ago
ID
3ad1e1cb0dd5fa9a486448bfd44c82c230741306
Parent
b6698d5b
Child
8c605478
Certificate digest strength changes
Part of ongoing changes for OpenSSL 3.x
Consolidate and improve checks for weak digest algorithms.
Fixes
#14678
Ensure that incompatible CA/Certs are not listed for use by the GUI
(Issue
#14672
), Captive Portal (same), or OpenVPN (Issue
#14677
)
Add ability for wizards to filter weak digest certificates and use
this ability in the OpenVPN wizard for issue
#14677
Add/improve warnings to relevant GUI pages about incompatible
certificates.
Mark weak digests in CA/Cert detail info blocks
Related issues
Todo #14672
: Prevent weak SHA1 certificates from being used with GUI and Captive Portal
Todo #14677
: Prevent weak SHA1 certificates from being used with OpenVPN clients and servers
Regression #14678
: CA and Certificate renewal page does not properly list some SHA1 certificates as being weak
Changes
View differences
added
modified
copied
renamed
deleted
src
etc
inc
certs.inc
(
diff
)
usr
local
www
services_captiveportal.php
(
diff
)
system_advanced_admin.php
(
diff
)
system_certmanager_renew.php
(
diff
)
vpn_openvpn_client.php
(
diff
)
vpn_openvpn_server.php
(
diff
)
wizard.php
(
diff
)
wizards
openvpn_wizard.xml
(
diff
)
Loading...
Added by Jim Pingle almost 2 years ago
Certificate digest strength changes
Part of ongoing changes for OpenSSL 3.x
Fixes #14678
(Issue #14672), Captive Portal (same), or OpenVPN (Issue #14677)
this ability in the OpenVPN wizard for issue #14677
certificates.