Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix CA reference so serial increases properly. Remove variable for feature ↵ | jim-p | 2017-07-07 | 1 | -1/+1 |
| | | | | that didn't work out. Ticket #7527 | ||||
* | Restructure how certificate types and SANs are handled in the cert manager ↵ | jim-p | 2017-07-06 | 1 | -24/+53 |
| | | | | | | when making a Cert/CSR/Signing, so each section can properly use the controls without duplicating. It is now possible to add SANs and EKUs to certificates when signing using the certificate manager. Fixes #7527 and also Fixes #7677 NOTE: Attributes such as SANs and KU/EKU cannot be copied from a CSR when signing due to a deficiency in OpenSSL's x509 functions (they do not support "copy_extensions" at this time). They must be specified manually. | ||||
* | Add the ability to set certificate type and SAN attributes in a CSR. Ticket ↵ | jim-p | 2017-07-05 | 1 | -2/+24 |
| | | | | | | #7527 TODO: They are not carried over after signing in the GUI | ||||
* | Fix some additional cases for CN->SAN handling, and move some code to a ↵ | jim-p | 2017-07-05 | 1 | -0/+27 |
| | | | | function to avoid duplication for other pending uses. Ticket #7666 | ||||
* | Allow a wider range of characters to be used in certificate fields, as laid ↵ | jim-p | 2017-05-11 | 1 | -0/+16 |
| | | | | out by RFC 4514. Fixes #7540 | ||||
* | Show SAN, KU, and EKU info in the certificate list. Implements #7505 | jim-p | 2017-05-02 | 1 | -1/+39 |
| | | | | While here, also fix "server" cert detection to key off of the EKU For "TLS Web Server Authentication" since nsCertType has been deprecated. | ||||
* | Merge pull request #3699 from PiBa-NL/20170417-certificatemanager-ca-crl-inuse | Renato Botelho | 2017-04-20 | 1 | -0/+21 |
|\ | |||||
| * | certificate manager, show 'in use' also for CA and CRL where certificates ↵ | PiBa-NL | 2017-04-17 | 1 | -0/+21 |
| | | | | | | | | are in use by packages. | ||||
* | | certificate manager, allow importing of ECC certificates, change multiple ↵ | PiBa-NL | 2017-04-17 | 1 | -13/+14 |
| | | | | | | | | 'if' to 'switch' | ||||
* | | certificate manager, allow importing of ECC certificates | PiBa-NL | 2017-04-16 | 1 | -24/+16 |
|/ | |||||
* | Remove whirlpool from the list of CA/Cert digest algorithms as it does not ↵ | jim-p | 2017-03-08 | 1 | -1/+1 |
| | | | | | | work properly. OpenSSL claims it's not valid ("unknown signature algorithm"). Fixes #7370 While I'm here, stop needlessly repeating the algo list, it's a global in certs.inc, so use that single copy of the list. | ||||
* | certificatemanager, link certificate to the proper CA after completing the ↵ | PiBa-NL | 2017-02-25 | 1 | -4/+2 |
| | | | | CSR request | ||||
* | Fix certificate generation for CAs without a serial set on import. Fixes #6952 | jim-p | 2016-11-29 | 1 | -2/+7 |
| | |||||
* | Add some CA in-use test utility functions. Ticket #6947 | jim-p | 2016-11-29 | 1 | -0/+59 |
| | |||||
* | Put original match back | doktornotor | 2016-11-17 | 1 | -1/+1 |
| | | | Did not mean to remove SSL substring from the check... | ||||
* | Fix nsCertType matching for some certificates (Bug #6877) | doktornotor | 2016-11-17 | 1 | -1/+1 |
| | | | See https://redmine.pfsense.org/issues/6877#note-4 | ||||
* | Move copyright from ESF to Netgate | Renato Botelho | 2016-09-06 | 1 | -1/+1 |
| | |||||
* | Move to Apache License 2.0 | Renato Botelho | 2016-07-15 | 1 | -41/+9 |
| | |||||
* | Review license / copyright on all files (1st round) | Renato Botelho | 2016-07-14 | 1 | -50/+51 |
| | |||||
* | Merge pull request #2994 from stilez/patch-31 | Chris Buechler | 2016-06-30 | 1 | -0/+8 |
|\ | |||||
| * | Get modulus keysize | stilez | 2016-06-06 | 1 | -0/+8 |
| | | | | | | Useful utility function when it's necessary to verify that existing keys meets current practices | ||||
* | | Add missing recommended digest | stilez | 2016-05-08 | 1 | -1/+1 |
|/ | |||||
* | Do not allow certificate to be deleted if it's been used by a package. Fixes ↵ | Renato Botelho | 2016-01-15 | 1 | -1/+19 |
| | | | | #4142 | ||||
* | Update license on files from /etc/inc | Renato Botelho | 2016-01-15 | 1 | -16/+40 |
| | |||||
* | Remove all pfSense_MODULE and pfSense_BUILDER_BINARIES definitions, whatever ↵ | Renato Botelho | 2015-12-15 | 1 | -2/+0 |
| | | | | was the reason they were added, it was never finished and it's not being used | ||||
* | etc inc delete $Id comments | Phil Davis | 2015-11-10 | 1 | -1/+0 |
| | | | | | | and bits of white space. Note: There are plenty of files still with old-format copyright sections in here. | ||||
* | Add 'caref' attribute to the ca object passed into ca_inter_create so a | Matt Smith | 2015-10-16 | 1 | -0/+1 |
| | | | | relationship to the signing CA can be maintained. Fixes #5313. | ||||
* | Move main pfSense content to src/ | Renato Botelho | 2015-08-25 | 1 | -0/+867 |