Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Feature request: CRL serial gap autofill / manual serial entry
« previous
next »
Print
Pages: [
1
]
Author
Topic: Feature request: CRL serial gap autofill / manual serial entry (Read 201 times)
Korkman
Newbie
Posts: 1
Karma: 0
Feature request: CRL serial gap autofill / manual serial entry
«
on:
August 27, 2024, 10:03:21 pm »
I'd like to suggest a feature for CRL management. Currently it is impossible to revoke a certificate which has been deleted from the certificate store. To solve this problem, I present two options:
The first option would be a checkbox to put all serials from 1 to n-1 onto the revocation list which are not present in the certificate store, n being the current serial counter from the CA.
The second option would be to have a text box for additional serials to put on the revocation list. Working out the serials manually is tedious but doable.
Either option would solve the issue, but having both would be best. A command to perform the first via Cron would be great, too.
Edit: OK it
is
possible to change the next serial for the CA, create a placeholder certificate and revoke that to get the serial onto the CRL, but that's unnecessarily complicated
«
Last Edit: August 27, 2024, 10:57:08 pm by Korkman
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Feature request: CRL serial gap autofill / manual serial entry
