Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Unable to Delete User Certicate

    General pfSense Questions
    3
    9
    127
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • arrmo
      arrmo last edited by

      Hi,

      It seems that for some user certificates, I have the option (available Action) to delete - but some don't show that option. The "trigger" seems to be if there is an emailAddress set ... if there is, I don't have the option to delete.

      Is there a more manual way to delete then?

      Thanks!

      viktor_g johnpoz 2 Replies Last reply Reply Quote 0
      • viktor_g
        viktor_g Netgate @arrmo last edited by

        @arrmo Unable to reproduce your issue
        Please provide more information.
        If possible, please provide a certificate for testing.

        1 Reply Last reply Reply Quote 0
        • johnpoz
          johnpoz LAYER 8 Global Moderator @arrmo last edited by johnpoz

          Certs that have no trashcan to delete - are in use..

          I have certs that have email addresses in them..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 23.01 | Lab VMs CE 2.6, 2.7

          arrmo 1 Reply Last reply Reply Quote 1
          • arrmo
            arrmo @johnpoz last edited by

            @johnpoz Was thinking that too! But I have some that are not in use (I think ... LOL!), and no trashcan. Hmm ... need to see if I can figure out why pfSense thinks they are in use. At least one or two I created (planned for testing) never got used at all.

            Let me see if I can find where / why they appear to be in use. Thanks!

            arrmo johnpoz 2 Replies Last reply Reply Quote 0
            • arrmo
              arrmo @arrmo last edited by

              @arrmo BTW, one interesting tidbit - the user certs that have an emailAddress in their properties all show as "User Cert" for "In Use". But all those that don't, are blank for In Use.

              Not saying this is the trigger ... but In Use = User Cert shouldn't block removal, should it?

              Thanks!

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator @arrmo last edited by

                if you are on current version - should show you where they are being used. There is the "in use" column :)

                Do you have them assigned to a user on pfsense? Used as external vpn client, etc..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                arrmo 1 Reply Last reply Reply Quote 1
                • arrmo
                  arrmo @johnpoz last edited by

                  @johnpoz said in Unable to Delete User Certicate:

                  Do you have them assigned to a user on pfsense?

                  That's it - found it under Users. Thanks! Hmm ... not sure how they got there though, I don't recall adding them as users. That part is a mystery.

                  Not thinking I need them as users for OpenVPN, do I? I may not be making the connection there.

                  Thanks again.

                  johnpoz 1 Reply Last reply Reply Quote 0
                  • johnpoz
                    johnpoz LAYER 8 Global Moderator @arrmo last edited by

                    Any user can have a cert assigned to it.. Maybe you did it when you created the user - but it clearly shows that its in use..

                    If you remove the cert from the user account you can then delete the cert.

                    here.png

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 23.01 | Lab VMs CE 2.6, 2.7

                    arrmo 1 Reply Last reply Reply Quote 1
                    • arrmo
                      arrmo @johnpoz last edited by

                      @johnpoz Yep, makes sense, and works. Appreciate the pointers!

                      I need to now test here, confirm that I don't need a cert to be assigned to a user - for it to work with OpenVPN. But that's just for me to understand 😆

                      Thanks again.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post