Clipper
Dabbler
- Joined
- Mar 5, 2019
- Messages
- 10
Hi,
I have created a CA and have a few observations. Let me know if I should open distinct bugs/features:
Thanks
Clipper
I have created a CA and have a few observations. Let me know if I should open distinct bugs/features:
- If you generate a Root CA certificate, it is marked as Internal / Self-signed. If you export it with the key, and later after a full reinstall from scratch you want to re-import the CA, it ends up as External / Externally Issued. I think we should be able to set these metadata upon importing
- It could be helpful to have the official X.509 acronyms on the creation form fields labels (e.g. : Common Name (CN), Organisation (O), etc.). That helps to avoid mistakes
- the Organisation Unit (OU) field is missing
- Upon creation of a CA, the field Subject Alternate Names shouldn't be present. It does not make sense as a Root CA cert is not related to DNS names
- When exporting a private key from either a CA or a cert, there is no way to provide a passphrase to encrypt the key. This is a huge risk.
- When importing a private key there is a confusing double-entry for the private key. This is a nonsense, double check fields should be asked upon encrypting private keys, not decrypting them
- No big deal but it would really be helpful to have a Browse File button on all these import functions, copy/pasting huge ascii content is not very practical.
Thanks
Clipper
