View Issue Details

IDProjectCategoryView StatusLast Update
0001003DCP-o-matic[All Projects] Featurespublic2017-06-08 11:24
ReportercarlAssigned To 
Status acknowledgedResolutionopen 
Product Version 
Target Version2.12.0Fixed in Version 
Summary0001003: Improve the interface for editing certificate chain
DescriptionLots of possibly-confusing export buttons; it's possible to add certificates in the wrong order; no option to import a certificate chain. Could probably be simplified.
TagsNo tags attached.
Estimated work requiredAverage


related to 0001002 resolvedcarl Better docs on various export buttons for DCP decryption chain 



2017-05-22 21:23

administrator   ~0001685

CertificateChain::attempt_reorder() is there but it seems to be expected that the user of CertificateChain calls it. This could be clearer; CC should probably call attempt_reorder() on add(), or at least assert valid() on root_to_leaf/leaf_to_root.


2017-06-05 19:38

administrator   ~0001699

42a30c6c05ffdf00acf44daed07d48388175c7a4 should prevent out-of-order chains and non-matching private keys.


2017-06-05 19:41

administrator   ~0001700

Not sure if it's necessary/possible to remove the number of export buttons.


2017-06-08 11:02

reporter   ~0001704

Maybe just autodetect proper order, and do some button rearranging, e.g. put chain export buttons closer to individual export - so it is clearer they belong together and are not completely different things. Like 'Export single/export chain'.

- Carsten


2017-06-08 11:17

reporter   ~0001705

I guess many people have problems to understand the difference between (1) and (2) here:


2017-06-08 11:22

reporter   ~0001706

Also, there is some space on this dialog between the two certificate systems. Maybe add hints there to the importance of backing up these files, and maybe to their location on the different OS's as well. Otherwise, I think it is sufficient if the button placement is reordered so people have a better understanding of what single certs and chains mean and how to deal with them. There is space below the single certificate management buttons, so maybe move the buttons from below the leaf-private key part there. But clearly, dealing with this will never be easy for the beginner.


2017-06-08 11:24

reporter   ~0001707

...but being able to (re)import complete chains would certainly help in backing up and restoring these files. The trouble with this is that usually mistakes only show up when it's too late, so we should make it as failproof as possible.

Issue History

Date Modified Username Field Change
2016-11-15 10:31 carl New Issue
2017-04-21 09:38 carl Status new => acknowledged
2017-04-21 09:38 carl Target Version 2.11.0 => 2.12.0
2017-04-21 09:39 carl Relationship added related to 0001002
2017-05-22 21:23 carl Note Added: 0001685
2017-06-05 19:38 carl Note Added: 0001699
2017-06-05 19:41 carl Note Added: 0001700
2017-06-08 11:02 Carsten Note Added: 0001704
2017-06-08 11:17 Carsten File Added: Bildschirmfoto 2017-06-08 um 13.15.17.jpg
2017-06-08 11:17 Carsten Note Added: 0001705
2017-06-08 11:22 Carsten Note Added: 0001706
2017-06-08 11:24 Carsten Note Added: 0001707