New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support ECC Certificate Creation #3649
Conversation
This is part 1 of adding support for generating certificates using EC keys.
A couple of things to explain with this PR:
|
2 is fixed - it was an issue specific to my VM. |
Added Part 2 mentioned in item 1 of my original comment -> support for EC key type during certificate creation under System > Trust > Certificates. Includes input validation code as well. Items outstanding:
|
Alright, I fixed the color banding issue. I want to do the OpenVPN Wizard changes on a different PR if that is ok. The OpenVPN Wizard is working fine, you just don't have the EC option. That being said, @AdSchellevis please review when you get time. |
@johnaheadley I don't have a lot of time to review at the moment, but looking at the cert creating code ( openssl_digest_algs and ec_curves look quite similar now, which adds quite some glue, which might not be absolutely necessary (since a cert can only be of one type at a time). |
ok makes sense. I will work on removing |
@johnaheadley any news on this? |
@AdSchellevis sorry to disappear on you guys! I will work on the changes we discussed this weekend |
@AdSchellevis added commits with the requested changes |
@johnaheadley thanks, some small fixes, which I've pushed in a separate branch. The
Can you check the new branch (https://github.com/opnsense/core/tree/ec-certs) and see if there's anything missing? My changes are in 018149c |
Hey @AdSchellevis, thanks for doing the style sweep! Your changes look great. I found the issue with your updates that broke The other cert creation functions, |
@johnaheadley thanks, I totally overlooked, I will fix that one and merge the set to master. |
Support ECC Certificate Creation (#3649)
closed in 02caac7 |
This is part 1 of adding support for generating certificates using EC keys as requested in #2908
This is a work in progress.