Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CSR issues on 2.3

    Scheduled Pinned Locked Moved 2.3-RC Snapshot Feedback and Issues - ARCHIVED
    14 Posts 4 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • awebsterA
      awebster
      last edited by

      Thanks for the update.

      Confirmed #5 (country code) is working properly.

      I think for issue #1 that the problem is that the variable(s) that contain the certificate start/end dates are not cleared before processing the entry consequently are showing the same values as seen in the webConfigurator default self-signed certificate.

      I'll wait until #2,3,4 are addressed because the cert manager it is pretty much unusable in its current state.

      –A.

      1 Reply Last reply Reply Quote 0
      • S
        Steve_B Netgate
        last edited by

        The other items were determined to be suspect in 2.2.x so we just updated 2.3 (largely) per your suggestions.

        Thanks

        Als ik kan

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          1 - Steve_B added some code to hide the date for CSRs, it wasn't present it was re-using values from previous certificate entries
          2 - Icons reorderd and changed - the first icon is now a pencil, which should more clearly indicate that it's an edit function
          3 - Export options changed for CSR to export the request data instead, .p12 option hidden since it's irrelevant
          4 - That's handled via the edit function (See #2)
          5 - I confirmed country selection is working again now after Steve_B's last fixes

          Still some room for formatting improvement but it's better now.

          @awebster:

          the cert manager it is pretty much unusable in its current state.

          That's not true – you could always edit the data and copy/paste out the req -- just had to click the proper icon to get to that screen. There was no actual functional problem preventing its use among the listed items. CSRs are not frequently used in pfSense so there are likely to be more bugs along that path, working with internal certificates is the most common path and that has been working well.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • awebsterA
            awebster
            last edited by

            Thanks for the update.
            I will give that a try.

            In 20151202 snapshot, there was no way to view the CSR, so I'm looking forward to the fixes.
            My utilisation scenario is a centralized CA issuing certificates to VPN endpoints. 
            I could always do a manual openssl key gen/csr/import, but would rather use the GUI, particularly if having remote users fill the fields in and send the resulting CSR for signature.

            –A.

            1 Reply Last reply Reply Quote 0
            • awebsterA
              awebster
              last edited by

              Its looking much better!
              Pencil icon is clear and concise as to its purpose.
              Export icon now works as expected.

              However, these issues remain:

              • Pasting certificate data into Final Certificate Data text box and clicking Update just reloads the page and the Final Certificate Data text box is empty.

              • Cosmetic: adjust the default width of the Signing request data and Final Certificate Data text boxes to not wrap the text.  See screen cap.

              Capture.PNG
              Capture.PNG_thumb

              –A.

              1 Reply Last reply Reply Quote 0
              • S
                Steve_B Netgate
                last edited by

                Thanks. I have a fix for these and will push it out as soon as a local networking issue is resolved.

                Als ik kan

                1 Reply Last reply Reply Quote 0
                • awebsterA
                  awebster
                  last edited by

                  Update on the update…

                  Text boxes look good now!

                  But not out of the woods yet...
                  Pasting the Final Certificate Data and clicking update gives an error:  "The field Descriptive name is required", and can't continue.
                  See screenshot.

                  Capture.PNG
                  Capture.PNG_thumb

                  –A.

                  1 Reply Last reply Reply Quote 0
                  • S
                    Steve_B Netgate
                    last edited by

                    I wondered about that but was unable to compare the behavior to 2.2.5 yesterday. Investigating now.

                    Als ik kan

                    1 Reply Last reply Reply Quote 0
                    • S
                      Steve_B Netgate
                      last edited by

                      The descriptive name field was missing from the CSR completion form. Should be fixed now.

                      Als ik kan

                      1 Reply Last reply Reply Quote 0
                      • awebsterA
                        awebster
                        last edited by

                        Thanks, it works!

                        Would be nice to retain the pencil icon for easy access to certificate contents for cutting/pasting when moving it from one box to another.

                        –A.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.