[Feature Request] Sign CSR Using Self Signed CA via the GUI
-
I don't know how hard it would be, but could it be possible to add a new feature to the Certificate Manager?
The feature would be when going to Certificate Manager -> Certificates -> Add New. There would be a new Method called 'Sign a Certificate Signing Request'. This would allow you to paste in a CSR you generated somewhere else and then allow you to pick a CA on the pfSense box that would then sign that CSR.
The reason I would like this feature is I use a self-signed CA on my pfSense box as my main CA for my home lab. Normally I just create my own certs via the GUI and import them into the devices/systems that need them. However, there are some devices that do not allow you to import certificates but force you to create a CSR that you then have to get signed. I'm sure there might be others out there that could benefit from this feature as well. I guess this post could flesh that out to see if there's enough demand for this type of a feature and to see how hard it would be to implement.
Thank you!
-
I have added this to Redmine here: https://redmine.pfsense.org/issues/7383
-
I'd say it should be imported into the cert list, the user can do whatever they want with it from there.
The user should ideally be able to pick an existing CSR from the cert manager list to sign as well.
-
Agreed. I may add "Copy to clipboard" functionality as well since that was just developed for other pages in the GUI