Template for storing SSL certificates

SergeyK
SergeyK
Community Member
in Mac

Public / private keys in PEM format
Preview and search by fields of public key (subject, domain name etc.).

Would be very handy to store my issued TLS certificates alongside with other secrets.

1Password Version: 6.8
Extension Version: Not Provided
OS Version: OS X
Sync Type: Not Provided

Comments

  • Smudge
    Smudge
    Community Member
    edited August 2017

    I would like to :+1: this idea!

    However, I would like to expand on Sergey's request to

    • A new key/certificate category is created (or is that what you mean by a new Template?)
    • Accept a file dropped and if it detects it is a key or cert, put it into the new key/cert category instead of with all the other Documents
    • Automatically parse the file to populate the item fields
    • Create variants and other related files like
      • when a private SSH key is added, extract the public key and add it to the entry
      • If the supplied cert is in PEM format, have an option to create/export a DER-based file.
      • If a cert is related to a SSH key item, have an option to create/export a combined file in PKCS format (often used with Microsoft servers)

    These options are possible by using the appropriate arguments to openssl (which is standard on OSX and distributable on other platforms) but I always have to go read the man pages to remember the proper args. Having it all managed within the security of 1P would just be amazing. I've always wanted a good key/cert management application but never found one. (no, Keychain Access does not count as a good app)

    @SergeyK Until they add a template or full key/cert support, you can create your own entry with blank fields and copy it when adding new entries. I do this now and put them into the Server category since these files are usually related to a server.

    Since PEM based files are just text, you can paste the key/cert contents into one of the item fields. This way you can just hover over one and click on the Copy button.
    If you are using DER based files (which are binary), or you want to keep the PEM files as separate text files, you could add them into 1P as a Document then link them as related files (see below for a similar example)

    Here are samples for a web server certificate and an SSH key that you can use to create your own. Assuming 1P share URLs work in the forums, click the link and they will be added to your 1P. If not, create new a new entry in the Server category, delete all the existing template fields, and add fields using these examples.

    Click to add "webserver certificate" to 1Password.

    Click to add "webserver SSH key" to 1Password.

  • Smudge
    Smudge
    Community Member

    So I was just logged into my 1password.com account to do some user/vault maintenance and I was pleasantly surprised to see a Templates option in the menu. I clicked on it and was presented with a list of all the current templates but more importantly the ability to add new templates! :)

    I created a couple of templates and switched back to 1P app where I was able to create new items with those templates!
    The more advanced part of my request above is still valid but this is a great discovery.

    I do have a 1Password for Teams Pro account but don't know if it is available to all other account types.

  • Ben
    Ben
    edited August 2017

    Hi @Smudge

    That is a beta feature, which is only available to 1Password Teams Pro plan customers at the moment. That is much more likely to be the direction that we head, however, rather than spending development time creating templates. There have been a lot of requests over the years for a lot of different templates, and if our developers spent their time filling all of those requests they'd never have time for anything else. ;)

    Thank you both for the feedback. Hopefully this is something that will be possible in the future.

    Ben

  • XIII
    XIII
    Community Member

    That is a beta feature, which is only available to 1Password Teams Pro plan customers at the moment.

    That explains why I could not find it in my Family account... :(

  • Ben
    Ben

    Indeed. Beta features are currently limited to 1Password Teams Pro customers.

    Thanks.

    Ben

  • seahunt
    seahunt
    Community Member

    First, thank you, Smudge, for the key/cert details--I can make use of that immediately!

    Second, I love the idea of creating my own templates. In fact, a repository of (or at least links to) user created templates would also be a great idea.

  • AGAlumB
    AGAlumB
    1Password Alumni

    It's certainly a dream we've had. Hopefully we can make this work, and usable by everyone in the future! :)

This discussion has been closed.