Hello,
May be missing something obvious here, but when issuing a certificate on 6.44, I can no longer import them to a device running the 6.42.12 long-term branch. I notice the changelog does show that some things have changed with certificates in 6.44, but nothing that looked like it would break backwards compatibility.
As far as I can tell, I’m not doing anything special:
# Create and export from 6.44:
[admin@ca] > /certificate add common-name=$certname name=$certname key-usage=tls-client key-size=4096 days-valid=365
[admin@ca] > /certificate sign ca=$caname $certname
[admin@ca] > /certificate export-certificate $certname export-passphrase=$passphrase type=pkcs12
# Import to 6.42.12
[admin@client] > /certificate import file-name=$certfile passphrase=$passphrase
certificates-imported: 0
private-keys-imported: 0
files-imported: 0
decryption-failures: 1
keys-with-no-certificate: 0
# Import to 6.44
[admin@client] > /certificate import file-name=$certfile passphrase=$passphrase
certificates-imported: 2
private-keys-imported: 1
files-imported: 1
decryption-failures: 0
keys-with-no-certificate: 0
Is this expected behaviour, have I messed up and should be doing something different on the 6.44 certificate issuance process, or is this a bug?
Thanks in advance folks!