Problem with certificate manager
-
Hi,
I have a pfSense installation on which one I cannot create internal certificate.
I can create a CA without problem, I can correctly export cert and key.
But when I create a new cert, the certificate is an empty file and I cannot export any private key.
On a clean pfSense installation I create CA and certs with same settings without any problem.Where can I found log for certificate manager?
Is there some command line tools for the psSense's certificate manager I can use debug this installation? -
What version are you on?
What exact settings are you putting in each field when creating the CA and certificate? Anything special about it?
-
I upgraded from 2.3.x to last stable 2.4.x before to add the CA.
I leave default settings for CA and certificates (key length: 2048, digest: SHA256, Lifetime: 3650) and fill all information fields without any special characters.
I try on a new pfSense installation to test exactly same settings and its working well. -
If it works on a fresh installation then there must be some part of that previous upgrade that failed.
If you run "pfSense-upgrade" from a console or ssh shell, does it find anything that needs updated?
Does "pkg version -vL=" show anything?
-
All packages are up to:
pkg version -vL= Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. pfSense-upgrade >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. >>> Unlocking package pfSense-kernel-pfSense... done. >>> Setting vital flag on pkg... done. >>> Setting vital flag on pfSense... done. Your packages are up to date
