Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 27 subscribers
  • Views 455 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

v18 - annoying CA passphrase limitations

DuS

Hi togehter,

 

I found some limitations in the CA passphrase field during CA imports on Sophos XG appliance. This limitation is pretty annoying, because we have to decrypt and reencrypt the certificate explicitly for the XG appliance and document this nonsense. No other software/appliance has any issues with special characters in the passphrase so why does Sophos XG?

 

Kind regards,

David



This thread was automatically locked due to age.
Parents
  • 0

    Additional hints:

    - providing an unencrypted key-file leads to an error "you have to enter a passphrase" -> you can not upload unencrypted keys

    - I would very much like to see support for pfx (pkcs#12) uploads

    - When uploading certficate authorities, cert-files with .cer extension are accepted. When uploading certificates (the tab 1 to the left), cert-files with .cer extension are not accepted. The form only checks for the file extension. Renaming the same file to .pem leads to a sucessful upload.

     

    In general, XG certificate management makes me feel as if the appliance wants to prevent me from doing my work. Please consider some improvements.

Reply
  • 0

    Additional hints:

    - providing an unencrypted key-file leads to an error "you have to enter a passphrase" -> you can not upload unencrypted keys

    - I would very much like to see support for pfx (pkcs#12) uploads

    - When uploading certficate authorities, cert-files with .cer extension are accepted. When uploading certificates (the tab 1 to the left), cert-files with .cer extension are not accepted. The form only checks for the file extension. Renaming the same file to .pem leads to a sucessful upload.

     

    In general, XG certificate management makes me feel as if the appliance wants to prevent me from doing my work. Please consider some improvements.

Children
No Data