netconan icon indicating copy to clipboard operation
netconan copied to clipboard
verified publisher icon intentionet

FortiOS multiline private-keys & certificates are not handled correctly

Open ryanmerolle opened this issue 4 years ago • 1 comments

FortiOS multiline private-keys are not handled correctly. Only the first line is handled

private-keys can be found in multiple sections of a config, but as an example:

config vpn certificate local
    edit "fortinet_CA_SSL"
        set password ENC 535456656ghffgfdgfdgf
        set comments "This is the default CA certificate the SSL Inspection....."
        set private-key "-----BEGIN ENCRYPTED PRIVATE KEY-----
gfgGFDBFFFfffffffffffffffffffffffffffffffghhgfhhfhghghghgjjghfh
<continues for several lines>
-----END ENCRYPTED PRIVATE KEY-----"
        set certificate "-----BEGIN CERTIFICATE-----
gfgGFDBFFFfffffffffffffffffffffffffffffffghhgfhhfhghghghgjjghfh
<continues for several lines>
-----END CERTIFICATE-----"
    next
end

ryanmerolle avatar Jan 21 '21 13:01 ryanmerolle

The first line of the private-key is being anonymized, but not the entire key. The certificate is not being anonymized.

ryanmerolle avatar Jan 21 '21 13:01 ryanmerolle