Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
How to create certificates with invalid URIs
« previous
next »
Print
Pages: [
1
]
Author
Topic: How to create certificates with invalid URIs (Read 555 times)
Barry2023
Newbie
Posts: 1
Karma: 0
How to create certificates with invalid URIs
«
on:
September 28, 2023, 07:21:50 pm »
OPNSense 23.7.5.
I am trying to create an internal certificate or CSR signed by the OPNSense PKI, but GUI fails with "URI subjectAltName types must be a valid URI". I want to create a service certificate with the following SubjetAltNames:
URL=urn:myhost.mydomain.com:UA:Advosol:uaPLUS
DNS=myhost.mydomain.com
I have several commerciale software packages that generate self-signed service certificates in this format for the OPC-UA industrial protocol, so it appears to be a valid format (or was valid at one time). The industrial controllers expect the service URI in a very specific format.
OpenSSL3 accepts this as a valid URI, so it appears the OPNSense GUI is applying its own checks.
Does anyone know of a way to force the OPNSense Trust GUI to accept "invalid" URIs (i.e. special escape chars or formatting) ?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
How to create certificates with invalid URIs
