Hi, I'm using routeros 7.13 and found that it do not ask for password when importing password-protected certificates:
while it works when specifying passphrase explicitly:Is it bug or feature? If it's feature - it's pretty bad feature because printing password on the screen is a somewhat of a security compromise.
File ttt.pem generated in the following way:where `openssl rsa -in ttt-key.pem` asks for password.
Or I'm missing something and the PEM should be generated in other way to be imported with password prompt?
Thank you.
Code:
[admin@MICL] /> /certificate/import file-name=ttt.pem certificates-imported: 1 private-keys-imported: 0 files-imported: 0 decryption-failures: 0 keys-with-no-certificate: 0Code:
[admin@MICL] /> /certificate/import file-name=ttt.pem passphrase=foobar certificates-imported: 1 private-keys-imported: 1 files-imported: 1 decryption-failures: 0 keys-with-no-certificate: 0File ttt.pem generated in the following way:
Code:
export OPASS=foobaropenssl genrsa -aes192 -out ttt-key.pem -passout env:OPASS 2048openssl req -new -config etc/client.conf -out ttt.csr -key ttt-key.pem -subj "/CN=ttt/O=ORG/OU=ORGU/"openssl ca -config etc/signing-ca.conf -in ttt.csr -out ttt.crt -extensions client_extcat ttt.crt ttt-key.pem > ttt.pemOr I'm missing something and the PEM should be generated in other way to be imported with password prompt?
Thank you.
Statistics: Posted by doka — Wed Dec 27, 2023 8:18 pm