Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Certificate + PK -> Encrypt w/Password?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Certificate + PK -> Encrypt w/Password? (Read 6329 times)
SynAck
Newbie
Posts: 4
Karma: 0
Certificate + PK -> Encrypt w/Password?
«
on:
May 25, 2018, 05:16:01 am »
I am trying to use an internal opnsense CA to create a certificate for another device. I've created the certificate and exported the cert + key in the PKCS #12 format, however the device won't allow an import without supplying the password for the private key. If I leave it blank, it just tells me I have to include the password -- there is no option to "import certificate without a password".
I've gone through the certificate screens in opnsense and I don't see a way to encrypt a key with a password prior to export. Is this something that can be done?
Logged
FredTGB
Newbie
Posts: 8
Karma: 1
Re: Certificate + PK -> Encrypt w/Password?
«
Reply #1 on:
August 03, 2018, 09:09:36 am »
Hello,
I second this request, for user certificates.
I've created a Mobile client VPN settings, and the usual way to create configurations for VPN Client users is to provide an encrypted p12 file.
Thanks,
Fred.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Certificate + PK -> Encrypt w/Password?
«
Reply #2 on:
August 03, 2018, 02:44:14 pm »
Can you try it via PowerShell?
Import-PfxCertificate –FilePath C:\pfxcert.pfx cert:\localMachine\my
Password should be optional via PS.
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
FredTGB
Newbie
Posts: 8
Karma: 1
Re: Certificate + PK -> Encrypt w/Password?
«
Reply #3 on:
August 06, 2018, 08:38:06 am »
The generated .p12 is Ok, and can be imported without password.
The suggestion is to have the possibility to specify a password. This is necessary, for security reasons, when you'd like to distribute certificates to users (in my case VPN users).
Regards,
Fred.
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Certificate + PK -> Encrypt w/Password?
«
Reply #4 on:
August 06, 2018, 09:36:40 am »
Can you open a feature request in github/core?
I dont think will be done pre-MVC rewrite ...
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
FredTGB
Newbie
Posts: 8
Karma: 1
Re: Certificate + PK -> Encrypt w/Password?
«
Reply #5 on:
August 06, 2018, 11:46:04 am »
Done as #2609.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Certificate + PK -> Encrypt w/Password?