OPNsense Forum
English Forums => General Discussion => Topic started by: SynAck on May 25, 2018, 05:16:01 am
-
I am trying to use an internal opnsense CA to create a certificate for another device. I've created the certificate and exported the cert + key in the PKCS #12 format, however the device won't allow an import without supplying the password for the private key. If I leave it blank, it just tells me I have to include the password -- there is no option to "import certificate without a password".
I've gone through the certificate screens in opnsense and I don't see a way to encrypt a key with a password prior to export. Is this something that can be done?
-
Hello,
I second this request, for user certificates.
I've created a Mobile client VPN settings, and the usual way to create configurations for VPN Client users is to provide an encrypted p12 file.
Thanks,
Fred.
-
Can you try it via PowerShell?
Import-PfxCertificate –FilePath C:\pfxcert.pfx cert:\localMachine\my
Password should be optional via PS.
-
The generated .p12 is Ok, and can be imported without password.
The suggestion is to have the possibility to specify a password. This is necessary, for security reasons, when you'd like to distribute certificates to users (in my case VPN users).
Regards,
Fred.
-
Can you open a feature request in github/core?
I dont think will be done pre-MVC rewrite ...
-
Done as #2609.