summaryrefslogtreecommitdiffstats
path: root/usr
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2011-04-21 10:32:09 -0400
committerjim-p <jimp@pfsense.org>2011-04-21 10:33:38 -0400
commit46698c3f3c5e3f2e98829757616ddda3ce779b6d (patch)
treeb34fae3c07b7f4edcfb82e3b3e9024ef33e0bbed /usr
parent0cc5ab42269a5aa1588ac2f862b0201917569ada (diff)
downloadpfsense-46698c3f3c5e3f2e98829757616ddda3ce779b6d.zip
pfsense-46698c3f3c5e3f2e98829757616ddda3ce779b6d.tar.gz
Reject encrypted CA private keys. Resolves #1446
Diffstat (limited to 'usr')
-rw-r--r--usr/local/www/system_camanager.php2
1 files changed, 2 insertions, 0 deletions
diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php
index 3bf1165..7fccb7e 100644
--- a/usr/local/www/system_camanager.php
+++ b/usr/local/www/system_camanager.php
@@ -153,6 +153,8 @@ if ($_POST) {
gettext("Certificate data"));
if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE")))
$input_errors[] = gettext("This certificate does not appear to be valid.");
+ if ($_POST['key'] && strstr($_POST['key'], "ENCRYPTED"))
+ $input_errors[] = gettext("Encrypted private keys are not yet supported.");
}
if ($pconfig['method'] == "internal") {
$reqdfields = explode(" ",
OpenPOWER on IntegriCloud