diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Trust/Api/CertController.php b/src/opnsense/mvc/app/controllers/OPNsense/Trust/Api/CertController.php
index 567039d0d..259f14f72 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Trust/Api/CertController.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Trust/Api/CertController.php
@@ -135,6 +135,11 @@ class CertController extends ApiMutableModelControllerBase
$error = $data['error'] ?? '';
}
break;
+ case 'manual':
+ if (!empty((string)$node->crt_payload)) {
+ $node->crt = base64_encode((string)$node->crt_payload);
+ }
+ break;
}
if ($error !== false) {
throw new UserException($error, "Certificate error");
diff --git a/src/opnsense/mvc/app/models/OPNsense/Trust/Cert.xml b/src/opnsense/mvc/app/models/OPNsense/Trust/Cert.xml
index 9a2ed1ae1..dda115ff9 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Trust/Cert.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Trust/Cert.xml
@@ -22,6 +22,7 @@
Import an existing Certificate
Import certificate (signed by CA)
Reissue and replace certificate (does not restart services)
+ Manual
diff --git a/src/opnsense/mvc/app/models/OPNsense/Trust/FieldTypes/CertificatesField.php b/src/opnsense/mvc/app/models/OPNsense/Trust/FieldTypes/CertificatesField.php
index e39de0094..7a1947d5a 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Trust/FieldTypes/CertificatesField.php
+++ b/src/opnsense/mvc/app/models/OPNsense/Trust/FieldTypes/CertificatesField.php
@@ -126,8 +126,10 @@ class CertificatesField extends ArrayField
$node->prv_payload = !empty((string)$node->prv) ? (string)base64_decode($node->prv) : '';
if (!empty((string)$node->csr_payload)) {
$node->action = 'import_csr';
- } elseif (!empty((string)$node->crt_payload)) {
+ } elseif (!empty((string)$node->crt_payload) && !empty((string)$node->prv_payload)) {
$node->action = 'reissue';
+ } elseif (!empty((string)$node->crt_payload)) {
+ $node->action = 'manual';
}
}
return parent::actionPostLoadingEvent();