From 46698c3f3c5e3f2e98829757616ddda3ce779b6d Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Thu, 21 Apr 2011 10:32:09 -0400
Subject: Reject encrypted CA private keys. Resolves #1446

---
 usr/local/www/system_camanager.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'usr')

diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php
index 3bf1165..7fccb7e 100644
--- a/usr/local/www/system_camanager.php
+++ b/usr/local/www/system_camanager.php
@@ -153,6 +153,8 @@ if ($_POST) {
 				gettext("Certificate data"));
 		if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE")))
 			$input_errors[] = gettext("This certificate does not appear to be valid.");
+		if ($_POST['key'] && strstr($_POST['key'], "ENCRYPTED"))
+			$input_errors[] = gettext("Encrypted private keys are not yet supported.");
 	}
 	if ($pconfig['method'] == "internal") {
 		$reqdfields = explode(" ",
-- 
cgit v1.1