Fix for WebDAV SSL choices
It appears that only certificates that have been generated in the FreeNAS GUI (signed by a CA created with the FreeNAS GUI) are available to the WEBDAV service when using HTTPS.
#4 Updated by Waqar Ahmed over 2 years ago
- File list_of_cas.png list_of_cas.png added
- File list_of_certs.png list_of_certs.png added
- File webdav_cert_options.png webdav_cert_options.png added
Hi Brian! I went through the description and the screenshots you shared. Interestingly I wasn't able to reproduce the issue. So what I did was, I created 3 CA's. One using import CA, one using internal CA button and the last one using intermediate_CA's button. After that, I went to certificates and created 3 certificates. First one was creating using import Certificate Button, second was created using create internal button with the CA being selected as internal_ca ( This CA was created internally ), and the last certificate created used the CA "import_ca" ( this is the CA which was imported ). Now in webDAV options, I see all the certificates. I have attached relevant screenshots. Please let me know if I missed something and we can continue from there and have this resolved. Thank you
#6 Updated by brian saia over 2 years ago
What I did was create a Certificate Signing Request under System > Certificates, then I had a CA sign it and then imported the Generated certificate. It might have something to do with the fact the way I did it was the only way to have a certificate without a CA's private key residing on FreeNAS.
#7 Updated by Waqar Ahmed over 2 years ago
Hi Brian, please confirm if that's how it went. So what you did was, after the CA ( this CA does not exist on the freenas system I presume ? ) had signed the CSR, you did not use import button to import the newly generated certificate but rather you placed the certificate ( public key ) in the csr row in certificates. I have attached a screenshot for an example as to where you placed the certificate. Kindly let me know if that's where you did it. Cheers
#8 Updated by brian saia over 2 years ago
Yes this is how I created the certificate. After filling in the Certificate information the UI allowed me to edit the certificate with the 'edit' button I copied the Certificate Signing Request, had it signed by a CA and then copied the generated certificate into the empty section labeled 'certificate'
#12 Updated by Dru Lavigne over 2 years ago
- Subject changed from Certificates generated outside of FreeNAS are not available to the WEBDAV service when using HTTPS to Fix for WebDAV SSL choices
- Target version changed from 11.2-RC2 to 11.2-BETA1
- Needs Doc changed from Yes to No
- Needs Merging changed from Yes to No