Project

General

Profile

Bug #13832

Create Certificate key requirement

Added by Sean McCabe over 4 years ago. Updated about 4 years ago.

Status:
Resolved
Priority:
Nice to have
Assignee:
Suraj Ravichandran
Category:
Middleware
Target version:
Seen in:
Severity:
New
Reason for Closing:
Reason for Blocked:
Needs QA:
Yes
Needs Doc:
Yes
Needs Merging:
Yes
Needs Automation:
No
Support Suite Ticket:
n/a
Hardware Configuration:
ChangeLog Required:
No

Description

https://forums.freenas.org/index.php?threads/cloud-ldap-service.41672/

Setting up LDAP with a cloud provider and one of the requirements for ldaps is ssl enabled which requires a certificate.

On the certificate screen you can only add a certificate if you have the corresponding key. Since this is a cloud provider they do not give keys to their public cert.

Could it be possible to remove the requirement for a private key when creating a certificate in FreeNAS or be able to put in a null value?

FreeNAS-9.3-STABLE-201508250051

History

#1 Updated by Jordan Hubbard over 4 years ago

  • Assignee changed from John Hixson to Wojciech Kloska

#2 Updated by Jordan Hubbard over 4 years ago

  • Priority changed from No priority to Nice to have

BRB: Suraj says that we already allow this for CAs and could do this fairly easily for Certs as well.

#3 Updated by Jordan Hubbard over 4 years ago

  • Target version set to Unspecified

#4 Updated by Sean McCabe over 4 years ago

  • Assignee changed from Wojciech Kloska to John Hixson

Could you please elaborate on Suraj's workaround? I am very interested.

#5 Updated by Jordan Hubbard over 4 years ago

  • Assignee changed from John Hixson to Suraj Ravichandran

#6 Updated by Suraj Ravichandran over 4 years ago

  • Status changed from Unscreened to Screened

#7 Updated by Sean McCabe over 4 years ago

After doing some research all that needs to be updated is the documentation. You can close this issue.

"Actually importing a CA, can be done without providing the private key. The certificate selection field in the ldap advanced tab is to point at the CA who signed your ldap's server certificate. You need to import the CA certificate under: System > CAs."

Related:
https://bugs.pcbsd.org/issues/7749
https://forums.freenas.org/index.php?threads/ldap-config-certificate-drop-down-list-empty.27762/

#8 Updated by Jordan Hubbard over 4 years ago

  • Status changed from Screened to Resolved

#9 Avatar?id=14398&size=24x24 Updated by Kris Moore about 4 years ago

  • Target version changed from Unspecified to N/A

Also available in: Atom PDF