Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | remove old DISABLE_PHP_LINT_CHECKING, which dates way back to the CVS days ↵ | Chris Buechler | 2014-11-04 | 1 | -1/+0 |
| | | | | and hasn't been relevant in years. | ||||
* | Teach the certificate generation code how to make a self-signed certificate, ↵ | jim-p | 2014-10-14 | 1 | -12/+25 |
| | | | | | | and change the GUI cert generation code to use it. Also, move the GUI cert generation code to its own function so we can add a GUI option to regenerate it later. Also use some more sane defaults for the contents of the default self-signed certificate's fields so it will be more unique and less likely to trigger problems in browser certificate storage handling. | ||||
* | cherry pic from 'hotfix/3347-Certificate_Authority_SAN_names_not_working': | yarick123 | 2014-08-14 | 1 | -0/+8 |
| | | | | | | | | bugfix #3347: Certificate Authority SAN names not working in 2.1 subjectAltName can be set _only_ via configuration file - created three extra sections in openssl.cnf to use in case of existing subjectAltName. Unfortunately it is not possible to assign empty value to subjectAltName in openssl.cnf | ||||
* | Return full issuer for DN with multiple attribute values | vsquared56 | 2014-03-24 | 1 | -4/+10 |
| | | | e.g. CN=Some Root CA,OU=Certificates Department,OU=(c) Copyright SomeCorp,O=SomeCorp,C=US | ||||
* | Perform a much more accurate comparison between two certificates to ↵ | jim-p | 2013-10-09 | 1 | -2/+28 |
| | | | | determine if they are identical when checking their revocation status. Fixes #3237 | ||||
* | Move variable declaration to the top, declare it global before defining. ↵ | jim-p | 2013-07-11 | 1 | -11/+13 |
| | | | | Fixes #3090 | ||||
* | Remove irrelevant comment. | jim-p | 2013-07-11 | 1 | -15/+0 |
| | |||||
* | Show cert start/end dates in list. | jim-p | 2013-02-25 | 1 | -0/+11 |
| | |||||
* | Allow selecting the digest algorithm when creating a CA or Cert. Implements ↵ | jim-p | 2013-01-21 | 1 | -8/+10 |
| | | | | #2765 | ||||
* | Implement certificate chain in Captive Portal | bcyrill | 2012-07-03 | 1 | -1/+1 |
| | |||||
* | Use Certificate Manager in Captive Portal settings | bcyrill | 2012-07-02 | 1 | -1/+13 |
| | |||||
* | Add an indication in the certificate list to show if a certificate is ↵ | jim-p | 2011-11-10 | 1 | -0/+11 |
| | | | | internally capable of being a CA (basicConstraints has CA:TRUE) or if the nsCertType is set to server. | ||||
* | When creating an internal certificate, offer the user a choice of what ↵ | jim-p | 2011-11-09 | 1 | -2/+15 |
| | | | | constraints to place upon the certificate (CA, Server, or User). | ||||
* | Specify full path to openssl.cnf, and select the relevant section to use ↵ | jim-p | 2011-10-27 | 1 | -0/+6 |
| | | | | when generating certificates. | ||||
* | Add function to return a certificate's common name. | jim-p | 2011-07-06 | 1 | -0/+21 |
| | |||||
* | Import error handling to avoid errors. | Ermal | 2011-06-24 | 1 | -4/+5 |
| | |||||
* | Internal cert and CSR creation error handling added. | Evgeny Yurchenko | 2011-06-23 | 1 | -4/+12 |
| | |||||
* | Internal CA creation error handling added. | Evgeny Yurchenko | 2011-06-23 | 1 | -2/+6 |
| | |||||
* | Intermediate CAs and openssl_xxx() error checking in CA management. | Evgeny Yurchenko | 2011-06-23 | 1 | -0/+42 |
| | |||||
* | Merge branch 'master' into yakatz-ssl | Bill Marquette | 2011-05-14 | 1 | -5/+13 |
|\ | |||||
| * | Test for array/size before foreach | jim-p | 2011-05-11 | 1 | -2/+4 |
| | | |||||
| * | Various CRL fixes, handle empty internal CRLs better. | jim-p | 2011-05-11 | 1 | -5/+8 |
| | | |||||
| * | If we have deleted the last cert from the CRL, blank out the text. | jim-p | 2011-05-05 | 1 | -1/+4 |
| | | |||||
* | | checking moduli of ssl csr request and response | yakatz | 2011-04-21 | 1 | -0/+19 |
|/ | |||||
* | Allow editing of CAs, so that imported CAs can have their private keys added ↵ | jim-p | 2011-03-30 | 1 | -2/+4 |
| | | | | later (mainly affected users upgrading from 1.2.3 and wanting to use the cert manager). Also, allow editing the CA's serial, since this shouldn't really be 0 for imported CAs, but the serial of the last cert that was made from this CA. | ||||
* | Don't consider a cert as in use by the GUI if it's in HTTP mode. Fixes #1171 | jim-p | 2011-02-22 | 1 | -1/+2 |
| | |||||
* | Do not use references here when building a ca_chain_array. Really fixes ↵ | jim-p | 2011-02-01 | 1 | -2/+2 |
| | | | | #1231 - CAs are no longer lost when a config write happens at bootup. | ||||
* | Ticket #621. Sort even csr subject to have the matching go ok during import ↵ | Ermal | 2011-01-12 | 1 | -0/+1 |
| | | | | of externally signed cers. | ||||
* | Ticket #621. sort the contents of array used for generating subject by keys ↵ | Ermal | 2011-01-07 | 1 | -3/+5 |
| | | | | so whenever we do subject comparison we will not have problem just because of the array keys ordering. | ||||
* | Fix this code a bit, my first attempt yesterday didn't work properly (this ↵ | jim-p | 2010-12-03 | 1 | -4/+8 |
| | | | | should). | ||||
* | Try to handle when cert subject entries are arrays. | jim-p | 2010-12-02 | 1 | -3/+4 |
| | |||||
* | Remove trailing carriage return | Scott Ullrich | 2010-11-10 | 1 | -1/+1 |
| | |||||
* | Add ability to select reason codes for revocation. Reformat CRL edit screen ↵ | jim-p | 2010-10-21 | 1 | -2/+1 |
| | | | | a bit. Ticket #555 | ||||
* | Add more CRL functionality. Needs to wait on a new build for further testing. | jim-p | 2010-10-20 | 1 | -1/+1 |
| | |||||
* | Rename 'name' to 'descr' for CA, Certificates, and CRLs, to gain CDATA ↵ | jim-p | 2010-10-19 | 1 | -5/+5 |
| | | | | protection and standardize field names. Ticket #320. | ||||
* | Pass args to openssl_pkey_new() so it gets the key length too. Fixes #905 | jim-p | 2010-09-23 | 1 | -3/+3 |
| | |||||
* | Properly check if this is in use. | jim-p | 2010-09-21 | 1 | -1/+1 |
| | |||||
* | Some fixes/enhancements/cleanup | jim-p | 2010-09-21 | 1 | -7/+37 |
| | |||||
* | Prevent a foreach on what might not be an array. Fixes #900 | jim-p | 2010-09-16 | 1 | -0/+4 |
| | |||||
* | Fix this function's logic/variable tests. | jim-p | 2010-09-16 | 1 | -3/+3 |
| | |||||
* | Add some safety belt checks so we don't try to update an imported crl | jim-p | 2010-09-16 | 1 | -0/+9 |
| | |||||
* | Add some CRL support functions, not active or used in the GUI yet. | jim-p | 2010-09-16 | 1 | -2/+119 |
| | |||||
* | Remove two unused functions (now useless) and add a few more utility functions. | jim-p | 2010-09-02 | 1 | -12/+48 |
| | |||||
* | CA/CERT Move | jim-p | 2010-09-01 | 1 | -11/+11 |
| | |||||
* | Add some user cert lookup functions. | jim-p | 2010-07-07 | 1 | -0/+26 |
| | |||||
* | Allow importing of a CA's private key (optionally). | jim-p | 2010-07-07 | 1 | -1/+3 |
| | |||||
* | Perform more strict validation on CA and Cert names before proceeding in the ↵ | jim-p | 2010-04-12 | 1 | -0/+6 |
| | | | | wizard. | ||||
* | Remove uneeded line because openssl module will be already loaded. | Ermal | 2010-03-15 | 1 | -2/+0 |
| | |||||
* | Ticket #161. Fix creation of certificates and the webgui one. This was a ↵ | Ermal | 2010-03-15 | 1 | -2/+2 |
| | | | | problem on php API docs. | ||||
* | Ticket #395. Add the path to the openssl.cnf to avoid errors. ↵ | Ermal Luçi | 2010-03-08 | 1 | -0/+2 |
| | | | | /etc/ssl/openssl.cnf needs to be tuned more to suit pfSense. |