OPNsense Forum

Archive => 24.7, 24.10 Legacy Series => Topic started by: dangerousdave26 on August 02, 2024, 05:38:01 PM

Title: Can't delete user certificates
Post by: dangerousdave26 on August 02, 2024, 05:38:01 PM
With the recent upgrade I can no longer delete the users certificates.
System | Access | Users | {useraccount}
There used to be a delete icon by the certificate. It is no longer there.

System | Trust | Certificates
When I locate the certificate I want to delete it tells me it is "In use" and does not allow deletion

I can assign a new certificate to the user but that leaves the old cert in place.

Revoking the certificate is not an option as that looks like it only applies to Self-signed CA

Title: Re: Can't delete user certificates
Post by: atzouris on August 28, 2024, 06:52:24 AM
I recently updated my OPNSense from version 19.7 to 24.1. Now I'm trying to remove a couple of certificates under System>>>Trust>>>Certificates but I get "Item is in use by" "step9 - {wizardtemp.step9}" and "Item is in use by" "webgui - {system.webgui}".

I have disabled https and now use http. So the webgui should not be using a certificate anymore. Also, I have removed OpenVPN server so that other certificate should not be in use either.

The alternative is to restore factory detault settings and then manually restore only my desired configuration. Don't really want to do this. I would be willing to run a command line command as root to delete these two certificates. Any suggestions?
Title: Re: Can't delete user certificates
Post by: atzouris on August 29, 2024, 06:57:21 AM
Been working with PCEngines hardware. Took my config from my current APU2C2 and moved it over to my older ALIX.6E1 and then was able to remove the certificates. Then saved the config and moved the config over to the newer APU2C2 and that worked. A real Kludge but better than having to go to factory default settings and then add back in all of the configuration manually.
Title: Re: Can't delete user certificates
Post by: franco on August 29, 2024, 07:28:56 AM
The "linked" certificate thing is purely cosmetic. It simply matches the common name. Delete the certificate from the certificates section.


Cheers,
Franco