Skip to content

O
OpnSense
Commit 375d4a2c authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) refactor system_certmanager.php

parent 95ed1a45
Show whitespace changes
Inline Side-by-side
Showing with 967 additions and 1066 deletions
src/www/system_certmanager.php
View file @ 375d4a2c
......@@ -80,94 +80,77 @@ function csr_get_modulus($str_crt, $decode = true)
return cert_get_modulus($str_crt, $decode, 'csr');
}
// types
$cert_methods = array(
"import" => gettext("Import an existing Certificate"),
"internal" => gettext("Create an internal Certificate"),
"external" => gettext("Create a Certificate Signing Request"),
);
$cert_keylens = array( "512", "1024", "2048", "4096");
$altname_types = array("DNS", "IP", "email", "URI");
$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512");
if (isset($_GET['userid']) && is_numericint($_GET['userid'])) {
$userid = $_GET['userid'];
}
if (isset($_POST['userid']) && is_numericint($_POST['userid'])) {
$userid = $_POST['userid'];
}
if (isset($userid)) {
$cert_methods["existing"] = gettext("Choose an existing certificate");
if (!is_array($config['system']['user'])) {
// config reference pointers
if (!isset($config['system']['user']) || !is_array($config['system']['user'])) {
$config['system']['user'] = array();
}
$a_user =& $config['system']['user'];
}
if (isset($_GET['id']) && is_numericint($_GET['id'])) {
$id = $_GET['id'];
}
if (isset($_POST['id']) && is_numericint($_POST['id'])) {
$id = $_POST['id'];
}
$a_user =& $config['system']['user'];
if (!isset($config['ca']) || !is_array($config['ca'])) {
$config['ca'] = array();
}
$a_ca =& $config['ca'];
if (!is_array($config['cert'])) {
$config['cert'] = array();
}
$a_cert =& $config['cert'];
$internal_ca_count = 0;
foreach ($a_ca as $ca) {
if ($ca['prv']) {
$internal_ca_count++;
// handle user GET/POST data
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($a_user[$_GET['userid']])) {
$userid = $_GET['userid'];
$cert_methods["existing"] = gettext("Choose an existing certificate");
}
if (isset($a_cert[$_GET['id']])) {
$id = $_GET['id'];
}
}
$act = null;
if (isset($_GET['act'])) {
if (isset($_GET['act'])) {
$act = $_GET['act'];
} elseif (isset($_POST['act'])) {
$act = $_POST['act'];
}
if ($act == "del") {
if (!isset($a_cert[$id])) {
header("Location: system_certmanager.php");
exit;
} else {
$act = null;
}
$name = $a_cert[$id]['descr'];
unset($a_cert[$id]);
write_config();
$savemsg = sprintf(gettext("Certificate %s successfully deleted"), $name) . "<br />";
header("Location: system_certmanager.php");
exit;
}
if ($act == "new") {
$pconfig = array();
if ($act == "new") {
if (isset($_GET['method'])) {
$pconfig['method'] = $_GET['method'];
$pconfig['certmethod'] = $_GET['method'];
} else {
$pconfig['method'] = null;
$pconfig['certmethod'] = null;
}
$pconfig['keylen'] = "2048";
$pconfig['digest_alg'] = "sha256";
$pconfig['csr_keylen'] = "2048";
$pconfig['csr_digest_alg'] = "sha256";
$pconfig['lifetime'] = "365";
}
$pconfig['cert'] = null;
$pconfig['key'] = null;
$pconfig['dn_country'] = null;
$pconfig['dn_state'] = null;
$pconfig['dn_city'] = null;
$pconfig['dn_organization'] = null;
$pconfig['dn_email'] = null;
if ($act == "exp") {
if (!$a_cert[$id]) {
if (isset($userid)) {
$pconfig['descr'] = $a_user[$userid]['name'];
$pconfig['dn_commonname'] = $a_user[$userid]['name'];
} else {
$pconfig['descr'] = null;
$pconfig['dn_commonname'] = null;
}
} elseif ($act == "exp") {
if (!isset($id)) {
header("Location: system_certmanager.php");
exit;
}
......@@ -181,10 +164,8 @@ if ($act == "exp") {
header("Content-Length: $exp_size");
echo $exp_data;
exit;
}
if ($act == "key") {
if (!$a_cert[$id]) {
} elseif ($act == "key") {
if (!isset($id)) {
header("Location: system_certmanager.php");
exit;
}
......@@ -198,10 +179,8 @@ if ($act == "key") {
header("Content-Length: $exp_size");
echo $exp_data;
exit;
}
if ($act == "p12") {
if (!$a_cert[$id]) {
} elseif ($act == "p12") {
if (!isset($id)) {
header("Location: system_certmanager.php");
exit;
}
......@@ -227,42 +206,88 @@ if ($act == "p12") {
header("Content-Length: $exp_size");
echo $exp_data;
exit;
}
if ($act == "csr") {
if (!$a_cert[$id]) {
} elseif ($act == "csr") {
if (!isset($id)) {
header("Location: system_certmanager.php");
exit;
}
$pconfig['descr'] = $a_cert[$id]['descr'];
$pconfig['csr'] = base64_decode($a_cert[$id]['csr']);
}
$pconfig['cert'] = null;
}
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($a_cert[$_POST['id']])) {
$id = $_POST['id'];
}
if (isset($a_user[$_POST['userid']])) {
$userid = $_POST['userid'];
}
if (isset($_POST['act'])) {
$act = $_POST['act'];
} else {
$act = null;
}
if ($act == "del") {
if (isset($id)) {
unset($a_cert[$id]);
write_config();
}
header("Location: system_certmanager.php");
exit;
} elseif ($act == "csr") {
$input_errors = array();
$pconfig = $_POST;
if (!isset($id)) {
header("Location: system_certmanager.php");
exit;
}
/* input validation */
$reqdfields = explode(" ", "descr cert");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Final Certificate data"));
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
$mod_csr = csr_get_modulus($pconfig['csr'], false);
$mod_cert = cert_get_modulus($pconfig['cert'], false);
if (strcmp($mod_csr, $mod_cert)) {
// simply: if the moduli don't match, then the private key and public key won't match
$input_errors[] = gettext("The certificate modulus does not match the signing request modulus.");
$subject_mismatch = true;
}
/* save modifications */
if (count($input_errors) == 0) {
$cert = $a_cert[$id];
csr_complete($cert, $pconfig['cert']);
if ($_POST) {
if ($_POST['save'] == gettext("Save")) {
$a_cert[$id] = $cert;
write_config();
header("Location: system_certmanager.php");
exit;
}
} elseif (!empty($_POST['save'])) {
$input_errors = array();
$pconfig = $_POST;
/* input validation */
if ($pconfig['method'] == "import") {
$reqdfields = explode(
" ",
"descr cert key"
);
if ($pconfig['certmethod'] == "import") {
$reqdfields = explode(" ", "descr cert key");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Certificate data"),
gettext("Key data"));
if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) {
if (!empty($pconfig['cert']) && (!strstr($pconfig['cert'], "BEGIN CERTIFICATE") || !strstr($pconfig['cert'], "END CERTIFICATE"))) {
$input_errors[] = gettext("This certificate does not appear to be valid.");
}
}
if ($pconfig['method'] == "internal") {
$reqdfields = explode(
" ",
"descr caref keylen lifetime dn_country dn_state dn_city ".
} elseif ($pconfig['certmethod'] == "internal") {
$reqdfields = explode(" ", "descr caref keylen lifetime dn_country dn_state dn_city ".
"dn_organization dn_email dn_commonname"
);
$reqdfieldsn = array(
......@@ -276,12 +301,8 @@ if ($_POST) {
gettext("Distinguished name Organization"),
gettext("Distinguished name Email Address"),
gettext("Distinguished name Common Name"));
}
if ($pconfig['method'] == "external") {
$reqdfields = explode(
" ",
"descr csr_keylen csr_dn_country csr_dn_state csr_dn_city ".
} elseif ($pconfig['certmethod'] == "external") {
$reqdfields = explode(" ", "descr csr_keylen csr_dn_country csr_dn_state csr_dn_city ".
"csr_dn_organization csr_dn_email csr_dn_commonname"
);
$reqdfieldsn = array(
......@@ -293,34 +314,23 @@ if ($_POST) {
gettext("Distinguished name Organization"),
gettext("Distinguished name Email Address"),
gettext("Distinguished name Common Name"));
}
if ($pconfig['method'] == "existing") {
} elseif ($pconfig['certmethod'] == "existing") {
$reqdfields = array("certref");
$reqdfieldsn = array(gettext("Existing Certificate Choice"));
}
$altnames = array();
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($pconfig['method'] != "import" && $pconfig['method'] != "existing") {
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
if (isset($pconfig['altname_value']) && $pconfig['certmethod'] != "import" && $pconfig['certmethod'] != "existing") {
/* subjectAltNames */
foreach ($_POST as $key => $value) {
$entry = '';
if (!substr_compare('altname_type', $key, 0, 12)) {
$entry = substr($key, 12);
$field = 'type';
} elseif (!substr_compare('altname_value', $key, 0, 13)) {
$entry = substr($key, 13);
$field = 'value';
foreach ($pconfig['altname_type'] as $altname_seq => $altname_type) {
if (!empty($pconfig['altname_value'][$altname_seq])) {
$altnames[] = array("type" => $altname_type, "value" => $pconfig['altname_value'][$altname_seq]);
}
if (ctype_digit($entry)) {
$altnames[$entry][$field] = $value;
}
}
$pconfig['altnames']['item'] = $altnames;
/* Input validation for subjectAltNames */
foreach ($altnames as $idx => $altname) {
foreach ($altnames as $altname) {
switch ($altname['type']) {
case "DNS":
if (!is_hostname($altname['value'])) {
......@@ -341,7 +351,6 @@ if ($_POST) {
}
break;
case "URI":
/* Close enough? */
if (!is_URL($altname['value'])) {
$input_errors[] = gettext("URI subjectAltName types must be a valid URI");
}
......@@ -354,40 +363,40 @@ if ($_POST) {
/* Make sure we do not have invalid characters in the fields for the certificate */
for ($i = 0; $i < count($reqdfields); $i++) {
if (preg_match('/email/', $reqdfields[$i])) {
/* dn_email or csr_dn_name */
if (preg_match("/[\!\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $_POST[$reqdfields[$i]])) {
/* dn_email or csr_dn_name */
if (preg_match("/[\!\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $pconfig[$reqdfields[$i]])) {
$input_errors[] = gettext("The field 'Distinguished name Email Address' contains invalid characters.");
}
} elseif (preg_match('/commonname/', $reqdfields[$i])) {
/* dn_commonname or csr_dn_commonname */
if (preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $_POST[$reqdfields[$i]])) {
/* dn_commonname or csr_dn_commonname */
if (preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $pconfig[$reqdfields[$i]])) {
$input_errors[] = gettext("The field 'Distinguished name Common Name' contains invalid characters.");
}
} elseif (($reqdfields[$i] != "descr") && preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\.\"\']/", $_POST[$reqdfields[$i]])) {
} elseif (($reqdfields[$i] != "descr") && preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\.\"\']/", $pconfig[$reqdfields[$i]])) {
$input_errors[] = sprintf(gettext("The field '%s' contains invalid characters."), $reqdfieldsn[$i]);
}
}
if (($pconfig['method'] != "external") && isset($_POST["keylen"]) && !in_array($_POST["keylen"], $cert_keylens)) {
if ($pconfig['certmethod'] != "external" && isset($pconfig["keylen"]) && !in_array($pconfig["keylen"], $cert_keylens)) {
$input_errors[] = gettext("Please select a valid Key Length.");
}
if (($pconfig['method'] != "external") && !in_array($_POST["digest_alg"], $openssl_digest_algs)) {
if ($pconfig['certmethod'] != "external" && !in_array($pconfig["digest_alg"], $openssl_digest_algs)) {
$input_errors[] = gettext("Please select a valid Digest Algorithm.");
}
if (($pconfig['method'] == "external") && isset($_POST["csr_keylen"]) && !in_array($_POST["csr_keylen"], $cert_keylens)) {
if ($pconfig['certmethod'] == "external" && isset($pconfig["csr_keylen"]) && !in_array($pconfig["csr_keylen"], $cert_keylens)) {
$input_errors[] = gettext("Please select a valid Key Length.");
}
if (($pconfig['method'] == "external") && !in_array($_POST["csr_digest_alg"], $openssl_digest_algs)) {
if ($pconfig['certmethod'] == "external" && !in_array($pconfig["csr_digest_alg"], $openssl_digest_algs)) {
$input_errors[] = gettext("Please select a valid Digest Algorithm.");
}
}
/* save modifications */
if (!$input_errors) {
if ($pconfig['method'] == "existing") {
if (count($input_errors) == 0) {
if ($pconfig['certmethod'] == "existing") {
$cert = lookup_cert($pconfig['certref']);
if ($cert && $a_user) {
if ($cert && !empty($userid)) {
$a_user[$userid]['cert'][] = $cert['refid'];
}
} else {
......@@ -401,11 +410,11 @@ if ($_POST) {
$old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warings directly to a page screwing menu tab */
if ($pconfig['method'] == "import") {
if ($pconfig['certmethod'] == "import") {
cert_import($cert, $pconfig['cert'], $pconfig['key']);
}
if ($pconfig['method'] == "internal") {
if ($pconfig['certmethod'] == "internal") {
$dn = array(
'countryName' => $pconfig['dn_country'],
'stateOrProvinceName' => $pconfig['dn_state'],
......@@ -420,6 +429,7 @@ if ($_POST) {
}
$dn['subjectAltName'] = implode(",", $altnames_tmp);
}
if (!cert_create(
$cert,
$pconfig['caref'],
......@@ -435,7 +445,7 @@ if ($_POST) {
}
}
if ($pconfig['method'] == "external") {
if ($pconfig['certmethod'] == "external") {
$dn = array(
'countryName' => $pconfig['csr_dn_country'],
'stateOrProvinceName' => $pconfig['csr_dn_state'],
......@@ -459,7 +469,7 @@ if ($_POST) {
}
error_reporting($old_err_level);
if (isset($id) && $a_cert[$id]) {
if (isset($id)) {
$a_cert[$id] = $cert;
} else {
$a_cert[] = $cert;
......@@ -468,614 +478,566 @@ if ($_POST) {
$a_user[$userid]['cert'][] = $cert['refid'];
}
}
if (!$input_errors) {
if (count($input_errors) == 0) {
write_config();
}
if (isset($userid)) {
header("Location: system_usermanager.php?act=edit&userid=".$userid);
exit;
}
}
} else {
header("Location: system_certmanager.php");
}
if ($_POST['save'] == gettext("Update")) {
unset($input_errors);
$pconfig = $_POST;
/* input validation */
$reqdfields = explode(" ", "descr cert");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Final Certificate data"));
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
// old way
/* make sure this csr and certificate subjects match */
// $subj_csr = csr_get_subject($pconfig['csr'], false);
// $subj_cert = cert_get_subject($pconfig['cert'], false);
//
// if ( !isset($_POST['ignoresubjectmismatch']) && !($_POST['ignoresubjectmismatch'] == "yes") ) {
// if (strcmp($subj_csr,$subj_cert)) {
// $input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert);
// $subject_mismatch = true;
// }
// }
$mod_csr = csr_get_modulus($pconfig['csr'], false);
$mod_cert = cert_get_modulus($pconfig['cert'], false);
if (strcmp($mod_csr, $mod_cert)) {
// simply: if the moduli don't match, then the private key and public key won't match
$input_errors[] = gettext("The certificate modulus does not match the signing request modulus.");
$subject_mismatch = true;
exit;
}
/* save modifications */
if (!$input_errors) {
$cert = $a_cert[$id];
$cert['descr'] = $pconfig['descr'];
csr_complete($cert, $pconfig['cert']);
$a_cert[$id] = $cert;
write_config();
header("Location: system_certmanager.php");
}
}
}
include("head.inc");
$main_buttons = array(
if (empty($act)) {
$main_buttons = array(
array('label'=>gettext("add or import certificate"), 'href'=>'system_certmanager.php?act=new'),
);
);
}
?>
<body>
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
//<![CDATA[
function method_change() {
<?php
if ($internal_ca_count) {
$submit_style = "";
} else {
$submit_style = "none";
}
?>
method = document.iform.method.selectedIndex;
<script type="text/javascript">
$( document ).ready(function() {
// delete entry
$(".act_delete").click(function(event){
event.preventDefault();
var id = $(this).data('id');
BootstrapDialog.show({
type:BootstrapDialog.TYPE_INFO,
title: "<?= gettext("Certificates");?>",
message: "<?=gettext("Do you really want to delete this Certificate?");?>",
buttons: [{
label: "<?=gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?=gettext("Yes");?>",
action: function(dialogRef) {
$("#id").val(id);
$("#action").val("del");
$("#iform").submit()
}
}]
});
});
/**
* remove row from altNametable
*/
function removeRowAltNm() {
if ( $('#altNametable > tbody > tr').length == 1 ) {
$('#altNametable > tbody > tr:last > td > input').each(function(){
$(this).val("");
});
} else {
$(this).parent().parent().remove();
}
}
// javascript only for edit forms
if ($('#certmethod').length) {
// no ca's found, display message
if ($("#caref option").size() == 0) {
$("#no_caref").removeClass("hidden");
$("#caref").addClass("hidden");
}
// add new detail record
$("#addNewAltNm").click(function(){
// copy last row and reset values
$('#altNametable > tbody').append('<tr>'+$('#altNametable > tbody > tr:last').html()+'</tr>');
$('#altNametable > tbody > tr:last > td > input').each(function(){
$(this).val("");
});
$(".act-removerow-altnm").click(removeRowAltNm);
});
$(".act-removerow-altnm").click(removeRowAltNm);
$("#certmethod").change(function(){
$("#import").addClass("hidden");
$("#internal").addClass("hidden");
$("#external").addClass("hidden");
$("#existing").addClass("hidden");
if ($(this).val() == "import") {
$("#import").removeClass("hidden");
} else if ($(this).val() == "internal") {
$("#internal").removeClass("hidden");
} else if ($(this).val() == "external") {
$("#external").removeClass("hidden");
} else {
$("#existing").removeClass("hidden");
}
});
switch (method) {
case 0:
document.getElementById("import").style.display="";
document.getElementById("internal").style.display="none";
document.getElementById("external").style.display="none";
document.getElementById("existing").style.display="none";
document.getElementById("descriptivename").style.display="";
document.getElementById("submit").style.display="";
break;
case 1:
document.getElementById("import").style.display="none";
document.getElementById("internal").style.display="";
document.getElementById("external").style.display="none";
document.getElementById("existing").style.display="none";
document.getElementById("descriptivename").style.display="";
document.getElementById("submit").style.display="<?=$submit_style;?>";
break;
case 2:
document.getElementById("import").style.display="none";
document.getElementById("internal").style.display="none";
document.getElementById("external").style.display="";
document.getElementById("existing").style.display="none";
document.getElementById("descriptivename").style.display="";
document.getElementById("submit").style.display="";
break;
case 3:
document.getElementById("import").style.display="none";
document.getElementById("internal").style.display="none";
document.getElementById("external").style.display="none";
document.getElementById("existing").style.display="";
document.getElementById("descriptivename").style.display="none";
document.getElementById("submit").style.display="";
break;
$("#certmethod").change();
}
}
});
</script>
<?php if ($internal_ca_count) :
?>
function internalca_change() {
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
$( document ).ready(function() {
//<![CDATA[
function internalca_change() {
index = document.iform.caref.selectedIndex;
caref = document.iform.caref[index].value;
switch (caref) {
<?php
foreach ($a_ca as $ca) :
<?php
foreach ($a_ca as $ca) :
if (!$ca['prv']) {
continue;
}
$subject = cert_get_subject_array($ca['crt']);
?>
case "<?=$ca['refid'];?>":
document.iform.dn_country.value = "<?=$subject[0]['v'];?>";
document.iform.dn_state.value = "<?=$subject[1]['v'];?>";
document.iform.dn_city.value = "<?=$subject[2]['v'];?>";
document.iform.dn_organization.value = "<?=$subject[3]['v'];?>";
document.iform.dn_email.value = "<?=$subject[4]['v'];?>";
?>
case "<?=$ca['refid'];?>":
$("#dn_state").val("<?=$subject[1]['v'];?>");
$("#dn_city").val("<?=$subject[2]['v'];?>");
$("#dn_organization").val("<?=$subject[3]['v'];?>");
$("#dn_email").val("<?=$subject[4]['v'];?>");
$('#dn_country option').removeAttr('selected');
$('#dn_country option').filter('[value="<?=$subject[0]['v'];?>"]').prop('selected', true);
$("#dn_country").selectpicker('refresh');
break;
<?php
endforeach; ?>
<?php
endforeach; ?>
}
}
}
<?php
endif; ?>
//]]>
</script>
<script type="text/javascript" src="/javascript/row_helper_dynamic.js"></script>
<input type='hidden' name='altname_value_type' value='select' />
<input type='hidden' name='altname_type_type' value='textbox' />
<script type="text/javascript">
//<![CDATA[
rowname[0] = "altname_type";
rowtype[0] = "textbox";
rowsize[0] = "10";
rowname[1] = "altname_value";
rowtype[1] = "textbox";
rowsize[1] = "30";
// only trigger change event when in edit mode.
if ($('#certmethod').length) {
$("#caref").change(internalca_change);
$("#caref").change();
}
});
//]]>
</script>
<!-- row -->
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
<?php
if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors);
}
if (isset($savemsg)) {
print_info_box($savemsg);
}
?>
?>
<section class="col-xs-12">
<div class="content-box tab-content table-responsive">
<?php if ($act == "new" || ((isset($_POST['save']) && $_POST['save'] == gettext("Save")) && $input_errors)) :
?>
<?php
if ($act == "new") :?>
<form action="system_certmanager.php" method="post" name="iform" id="iform" >
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" class="table table-striped">
<?php if (!isset($id)) :
?>
<input type="hidden" name="act" value="<?=$act;?>"/>
<?php
if (isset($userid)) :?>
<input name="userid" type="hidden" value="<?=htmlspecialchars($userid);?>" />
<?php
endif;?>
<?php
if (isset($id)) :?>
<input name="id" type="hidden" value="<?=$id;?>" />
<?php
endif;?>
<table class="table table-striped">
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
<td width="78%" class="vtable">
<select name='method' id='method' class="formselect" onchange='method_change()'>
<?php
foreach ($cert_methods as $method => $desc) :
$selected = "";
if ($pconfig['method'] == $method) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$method;
?>"<?=$selected;
?>><?=$desc;?></option>
<?php
<td width="22%"></td>
<td width="78%" align="right">
<small><?=gettext("full help"); ?> </small>
<i class="fa fa-toggle-off text-danger" style="cursor: pointer;" id="show_all_help_page" type="button"></i></a>
</td>
</tr>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Method");?></td>
<td>
<select name="certmethod" id="certmethod">
<?php
foreach ($cert_methods as $method => $desc) :?>
<option value="<?=$method;?>" <?=$pconfig['certmethod'] == $method ? "selected=\"selected\"":"";?>>
<?=$desc;?>
</option>
<?php
endforeach; ?>
</select>
</td>
</tr>
<?php
endif; ?>
<tr id="descriptivename">
<?php
if (isset($a_user) && empty($pconfig['descr'])) {
$pconfig['descr'] = $a_user[$userid]['name'];
}
?>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
<td width="78%" class="vtable">
<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?php if(isset($pconfig['descr'])) echo htmlspecialchars($pconfig['descr']);?>"/>
<tr>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Descriptive name");?></td>
<td>
<input name="descr" type="text" id="descr" size="20" value="<?=$pconfig['descr'];?>"/>
</td>
</tr>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="import" summary="import" class="table table-striped">
<!-- existing cert -->
<table id="import" class="table table-striped">
<thead>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Import Certificate");?></th>
<th colspan="2"><?=gettext("Import Certificate");?></th>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td>
<td width="78%" class="vtable">
<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?php if(isset($pconfig['cert'])) echo htmlspecialchars($pconfig['cert']);?></textarea>
<br />
<td width="22%"><a id="help_for_cert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Certificate data");?></td>
<td width="78%">
<textarea name="cert" id="cert" cols="65" rows="7"><?=$pconfig['cert'];?></textarea>
<div class="hidden" for="help_for_cert">
<?=gettext("Paste a certificate in X.509 PEM format here.");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td>
<td width="78%" class="vtable">
<textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?php if(isset($pconfig['key'])) echo htmlspecialchars($pconfig['key']);?></textarea>
<br />
<td><a id="help_for_key" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Private key data");?></td>
<td>
<textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea>
<div class="hidden" for="help_for_key">
<?=gettext("Paste a private key in X.509 PEM format here.");?>
</div>
</td>
</tr>
</tbody>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal" summary="internal" class="table table-striped">
<!-- internal cert -->
<table id="internal" class="table table-striped">
<thead>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate");?></th>
<th colspan="2"><?=gettext("Internal Certificate");?></th>
</tr>
</thead>
<tbody>
<?php if (!$internal_ca_count) :
?>
<tr>
<td colspan="2" align="center" class="vtable">
<?=gettext("No internal Certificate Authorities have been defined. You must");?>
<a href="system_camanager.php?act=new&amp;method=internal"><?=gettext("create");?></a>
<?=gettext("an internal CA before creating an internal certificate.");?>
</td>
</tr>
<?php
else :
?>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
<td width="78%" class="vtable">
<select name='caref' id='caref' class="formselect" onchange='internalca_change()'>
<?php
<td width="22%"><?=gettext("Certificate authority");?></td>
<td width="78%">
<select name='caref' id='caref'>
<?php
foreach ($a_ca as $ca) :
if (!$ca['prv']) {
continue;
}
$selected = "";
if (isset($pconfig['caref']) && isset($ca['refid']) && $pconfig['caref'] == $ca['refid']) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$ca['refid'];
?>"<?=$selected;
?>><?=$ca['descr'];?></option>
<?php
}?>
<option value="<?=$ca['refid'];?>" <?=isset($pconfig['caref']) && isset($ca['refid']) && $pconfig['caref'] == $ca['refid'] ? "selected=\"selected\"" : "";?>><?=$ca['descr'];?></option>
<?php
endforeach; ?>
</select>
<div class="hidden" id="no_caref">
<?=gettext("No internal Certificate Authorities have been defined. You must");?>
<a href="system_camanager.php?act=new&amp;method=internal"><?=gettext("create");?></a>
<?=gettext("an internal CA before creating an internal certificate.");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
<td width="78%" class="vtable">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Key length");?> (<?=gettext("bits");?>)</td>
<td>
<select name='keylen' class="formselect">
<?php
foreach ($cert_keylens as $len) :
$selected = "";
if ($pconfig['keylen'] == $len) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$len;
?>"<?=$selected;
?>><?=$len;?></option>
<?php
<?php
foreach ($cert_keylens as $len) :?>
<option value="<?=$len;?>" <?=$pconfig['keylen'] == $len ? "selected=\"selected\"" : "";?>><?=$len;?></option>
<?php
endforeach; ?>
</select>
<?=gettext("bits");?>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Digest Algorithm");?></td>
<td width="78%" class="vtable">
<td><a id="help_for_digest_alg" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Digest Algorithm");?></td>
<td>
<select name='digest_alg' id='digest_alg' class="formselect">
<?php
foreach ($openssl_digest_algs as $digest_alg) :
$selected = "";
if ($pconfig['digest_alg'] == $digest_alg) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$digest_alg;
?>"<?=$selected;
?>><?=strtoupper($digest_alg);?></option>
<?php
<?php
foreach ($openssl_digest_algs as $digest_alg) :?>
<option value="<?=$digest_alg;?>" <?=$pconfig['digest_alg'] == $digest_alg ? "selected=\"selected\"" : "";?>>
<?=strtoupper($digest_alg);?>
</option>
<?php
endforeach; ?>
</select>
<br /><?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
<div class="hidden" for="help_for_digest_alg">
<?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
<td width="78%" class="vtable">
<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
<?=gettext("days");?>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Lifetime");?> (<?=gettext("days");?>)</td>
<td>
<input name="lifetime" type="text" id="lifetime" size="5" value="<?=$pconfig['lifetime'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="name">
<th colspan="2"><?=gettext("Distinguished name");?> </th>
</tr>
<tr>
<td align="right"><?=gettext("Country Code");?> : &nbsp;</td>
<td align="left">
<input name="dn_country" type="text" class="formfld unknown" maxlength="2" size="2" value="<?php if (isset($pconfig['dn_country'])) echo htmlspecialchars($pconfig['dn_country']);?>"/>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Country Code");?> : &nbsp;</td>
<td>
<select name="dn_country" id="dn_country" class="selectpicker">
<?php
foreach (get_country_codes() as $cc => $cn):?>
<option value="<?=$cc;?>" <?=$pconfig['dn_country'] == $cc ? "selected=\"selected\"" : "";?>>
<?=$cc;?> (<?=$cn;?>)
</option>
<?php
endforeach;?>
</select>
</td>
</tr>
<tr>
<td align="right"><?=gettext("State or Province");?> : &nbsp;</td>
<td align="left">
<input name="dn_state" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_state'])) echo htmlspecialchars($pconfig['dn_state']);?>"/>
<td><a id="help_for_digest_dn_state" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("State or Province");?> : &nbsp;</td>
<td>
<input name="dn_state" id="dn_state" type="text" size="40" value="<?=$pconfig['dn_state'];?>"/>
<div class="hidden" for="help_for_digest_dn_state">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Sachsen");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("City");?> : &nbsp;</td>
<td align="left">
<input name="dn_city" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_city'])) echo htmlspecialchars($pconfig['dn_city']);?>"/>
<td><a id="help_for_digest_dn_city" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("City");?> : &nbsp;</td>
<td>
<input name="dn_city" id="dn_city" type="text" size="40" value="<?=$pconfig['dn_city'];?>"/>
<div class="hidden" for="help_for_digest_dn_city">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Leipzig");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Organization");?> : &nbsp;</td>
<td align="left">
<input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_organization'])) echo htmlspecialchars($pconfig['dn_organization']);?>"/>
<td><a id="help_for_digest_dn_organization" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Organization");?> : &nbsp;</td>
<td>
<input name="dn_organization" id="dn_organization" type="text" size="40" value="<?=$pconfig['dn_organization'];?>"/>
<div class="hidden" for="help_for_digest_dn_organization">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("My Company Inc");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Email Address");?> : &nbsp;</td>
<td align="left">
<input name="dn_email" type="text" class="formfld unknown" size="25" value="<?php if (isset($pconfig['dn_email'])) echo htmlspecialchars($pconfig['dn_email']);?>"/>
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_dn_email" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Email Address");?> : &nbsp;</td>
<td>
<input name="dn_email" id="dn_email" type="text" size="25" value="<?=$pconfig['dn_email'];?>"/>
<div class="hidden" for="help_for_digest_dn_email">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("webadmin@mycompany.com");?>
<?=gettext("admin@mycompany.com");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Common Name");?> : &nbsp;</td>
<td align="left">
<?php
if (isset($a_user) && empty($pconfig['dn_commonname'])) {
$pconfig['dn_commonname'] = $a_user[$userid]['name'];
}
?>
<input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?php if (isset($pconfig['dn_commonname'])) htmlspecialchars($pconfig['dn_commonname']);?>"/>
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_dn_commonname" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Common Name");?> : &nbsp;</td>
<td>
<input name="dn_commonname" id="dn_commonname" type="text" size="25" value="<?=$pconfig['dn_commonname'];?>"/>
<div class="hidden" for="help_for_digest_dn_commonname">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("www.example.com");?>
<?=gettext("internal-ca");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Alternative Names");?> : &nbsp;</td>
<td align="left">
<table id="altNametable">
<td><?=gettext("Alternative Names");?></td>
<td>
<table class="table table-condensed" id="altNametable">
<thead>
<tr>
<th><div id="onecolumn"><?=gettext("Type");?></div></th>
<th><div id="twocolumn"><?=gettext("Value");?></div></th>
<th><?=gettext("Type");?></th>
<th><?=gettext("Value");?></th>
<th></th>
</tr>
</thead>
<tbody>
<?php
$counter = 0;
if (isset($pconfig['altnames']['item'])) :
foreach ($pconfig['altnames']['item'] as $item) :
$type = $item['type'];
$value = $item['value'];
?>
<?php
if (!isset($pconfig['altname_value']) || count($pconfig['altname_value']) ==0) :?>
<tr>
<td>
<input autocomplete="off" name="altname_type<?php echo $counter; ?>" type="text" class="formfld unknown" id="altname_type<?php echo $counter;
?>" size="20" value="<?=htmlspecialchars($type);?>" />
<select name="altname_type[]" id="altname_type">
<option value="DNS"><?=gettext("DNS");?></option>
<option value="IP"><?=gettext("IP");?></option>
<option value="email"><?=gettext("email");?></option>
<option value="URI"><?=gettext("URI");?></option>
</select>
</td>
<td>
<input autocomplete="off" name="altname_value<?php echo $counter; ?>" type="text" class="formfld unknown" id="altname_value<?php echo $counter;
?>" size="20" value="<?=htmlspecialchars($value);?>" />
<input name="altname_value[]" type="text" size="20" value="" />
</td>
<td>
<a onclick="removeRow(this); return false;" href="#" title="<?=gettext("remove this entry"); ?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a>
<div style="cursor:pointer;" class="act-removerow-altnm btn btn-default btn-xs" alt="remove"><span class="glyphicon glyphicon-minus"></span></div>
</td>
</tr>
<?php
$counter++;
<?php
else:
foreach ($pconfig['altname_value'] as $itemid => $item) :
$altname_type = isset($pconfig['altname_type'][$itemid]) ? $pconfig['altname_type'][$itemid] : null; ?>
<tr>
<td>
<select name="altname_type[]" id="altname_type">
<option value="DNS" <?=$altname_type == "DNS" ? "selected=\"selected\"" : "";?>><?=gettext("DNS");?></option>
<option value="IP" <?=$altname_type == "IP" ? "selected=\"selected\"" : "";?>><?=gettext("IP");?></option>
<option value="email" <?=$altname_type == "email" ? "selected=\"selected\"" : "";?>><?=gettext("email");?></option>
<option value="URI" <?=$altname_type == "URI" ? "selected=\"selected\"" : "";?>><?=gettext("URI");?></option>
</select>
</td>
<td>
<input name="altname_value[]" type="text" size="20" value="<?=$item;?>" />
</td>
<td>
<div style="cursor:pointer;" class="act-removerow-altnm btn btn-default btn-xs" alt="remove"><span class="glyphicon glyphicon-minus"></span></div>
</td>
</tr>
<?php
endforeach;
endif;
?>
<tr><td>&nbsp;</td></tr>
endif;?>
</tbody>
</table>
<a onclick="javascript:addRowTo('altNametable', 'formfldalias'); return false;" href="#" title="<?=gettext("add another entry");?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a>
<script type="text/javascript">
//<![CDATA[
field_counter_js = 3;
rows = 1;
totalrows = <?php echo $counter; ?>;
loaded = <?php echo $counter; ?>;
//]]>
</script>
<br /><?=gettext('NOTE: Type must be one of DNS (FQDN or Hostname), IP (IP address), URI, or email.') ?>
<tfoot>
<tr>
<td colspan="2"></td>
<td>
<div id="addNewAltNm" style="cursor:pointer;" class="btn btn-default btn-xs" alt="add"><span class="glyphicon glyphicon-plus"></span></div>
</td>
</tr>
</tfoot>
</table>
</td>
</tr>
</tbody>
<?php
endif; ?>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="external" summary="external" class="table table-striped">
<!-- external cert -->
<table id="external" class="table table-striped">
<thead>
<tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("External Signing Request");?></td>
<td colspan="2"><?=gettext("External Signing Request");?></td>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
<td width="78%" class="vtable">
<select name='csr_keylen' class="formselect">
<?php
if (!isset($pconfig['csr_keylen']) && isset($pconfig['csr_keylen'])) {
$pconfig['csr_keylen'] = $pconfig['csr_keylen'];
}
foreach ($cert_keylens as $len) :
$selected = "";
if ($pconfig['csr_keylen'] == $len) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$len;
?>"<?=$selected;
?>><?=$len;?></option>
<?php
<td width="22%"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Key length");?> (<?=gettext("bits");?>)</td>
<td width="78%">
<select name='csr_keylen' class="selectpicker">
<?php
foreach ($cert_keylens as $len) :?>
<option value="<?=$len;?>" <?=$pconfig['csr_keylen'] == $len ? "selected=\"selected\"" : "";?>><?=$len;?></option>
<?php
endforeach; ?>
</select>
bits
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Digest Algorithm");?></td>
<td width="78%" class="vtable">
<select name='csr_digest_alg' id='csr_digest_alg' class="formselect">
<?php
foreach ($openssl_digest_algs as $csr_digest_alg) :
$selected = "";
if ($pconfig['csr_digest_alg'] == $csr_digest_alg) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$csr_digest_alg;
?>"<?=$selected;
?>><?=strtoupper($csr_digest_alg);?></option>
<?php
<td><a id="help_for_csr_digest_alg" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Digest Algorithm");?></td>
<td>
<select name='csr_digest_alg' class="formselect">
<?php
foreach ($openssl_digest_algs as $csr_digest_alg) :?>
<option value="<?=$csr_digest_alg;?>" <?=$pconfig['csr_digest_alg'] == $csr_digest_alg ? $pconfig['csr_digest_alg'] == $csr_digest_alg : "";?>>
<?=strtoupper($csr_digest_alg);?>
</option>
<?php
endforeach; ?>
</select>
<br /><?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
<div class="hidden" for="help_for_csr_digest_alg">
<?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="name">
<th colspan="2"><?=gettext("Distinguished name");?> </th>
</tr>
<tr>
<td align="right"><?=gettext("Country Code");?> : &nbsp;</td>
<td align="left">
<select name='csr_dn_country' class="formselect">
<?php
$dn_cc = get_country_codes();
foreach ($dn_cc as $cc => $cn) {
$selected = '';
if (isset($pconfig['csr_dn_country']) && $pconfig['csr_dn_country'] == $cc) {
$selected = ' selected="selected"';
}
print "<option value=\"$cc\"$selected>$cc ($cn)</option>";
}
?>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Country Code");?> : &nbsp;</td>
<td>
<select name="csr_dn_country" id="csr_dn_country" class="selectpicker">
<?php
foreach (get_country_codes() as $cc => $cn):?>
<option value="<?=$cc;?>" <?=$pconfig['csr_dn_country'] == $cc ? "selected=\"selected\"" : "";?>>
<?=$cc;?> (<?=$cn;?>)
</option>
<?php
endforeach;?>
</select>
</td>
</tr>
<tr>
<td align="right"><?=gettext("State or Province");?> : &nbsp;</td>
<td align="left">
<input name="csr_dn_state" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['csr_dn_state'])) echo htmlspecialchars($pconfig['csr_dn_state']);?>" />
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_csr_dn_state" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("State or Province");?> : &nbsp;</td>
<td>
<input name="csr_dn_state" type="text" size="40" value="<?=$pconfig['csr_dn_state'];?>"/>
<div class="hidden" for="help_for_digest_csr_dn_state">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Sachsen");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("City");?> : &nbsp;</td>
<td align="left">
<input name="csr_dn_city" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['csr_dn_city'])) echo htmlspecialchars($pconfig['csr_dn_city']);?>" />
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_csr_dn_city" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("City");?> : &nbsp;</td>
<td>
<input name="csr_dn_city" type="text" size="40" value="<?=$pconfig['csr_dn_city'];?>"/>
<div class="hidden" for="help_for_digest_csr_dn_city">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Leipzig");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Organization");?> : &nbsp;</td>
<td align="left">
<input name="csr_dn_organization" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['csr_dn_organization'])) echo htmlspecialchars($pconfig['csr_dn_organization']);?>" />
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_csr_dn_organization" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Organization");?> : &nbsp;</td>
<td>
<input name="csr_dn_organization" type="text" size="40" value="<?=$pconfig['csr_dn_organization'];?>"/>
<div class="hidden" for="help_for_digest_csr_dn_organization">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("My Company Inc.");?>
<?=gettext("My Company Inc");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Email Address");?> : &nbsp;</td>
<td align="left">
<input name="csr_dn_email" type="text" class="formfld unknown" size="25" value="<?php if (isset($pconfig['csr_dn_email'])) echo htmlspecialchars($pconfig['csr_dn_email']);?>"/>
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_csr_dn_email" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Email Address");?> : &nbsp;</td>
<td>
<input name="csr_dn_email" type="text" size="25" value="<?=$pconfig['csr_dn_email'];?>"/>
<div class="hidden" for="help_for_digest_csr_dn_email">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("webadmin@mycompany.com");?>
<?=gettext("admin@mycompany.com");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Common Name");?> : &nbsp;</td>
<td align="left">
<input name="csr_dn_commonname" type="text" class="formfld unknown" size="25" value="<?php if(isset($pconfig['csr_dn_commonname'])) echo htmlspecialchars($pconfig['csr_dn_commonname']);?>"/>
&nbsp;
<em>ex:</em>
<td><a id="help_for_digest_csr_dn_commonname" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Common Name");?> : &nbsp;</td>
<td>
<input name="csr_dn_commonname" type="text" size="25" value="<?=$pconfig['csr_dn_commonname'];?>"/>
<div class="hidden" for="help_for_digest_csr_dn_commonname">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("www.example.com");?>
</td>
</tr>
</table>
<?=gettext("internal-ca");?>
</div>
</td>
</tr>
</tbody>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing" summary="existing" class="table table-striped">
<!-- choose existing cert -->
<table id="existing" class="table table-striped">
<thead>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Choose an Existing Certificate");?></th>
<th colspan="2"><?=gettext("Choose an Existing Certificate");?></th>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Existing Certificates");?></td>
<td width="78%" class="vtable">
<?php if (isset($userid) && $a_user) :
?>
<input name="userid" type="hidden" value="<?=htmlspecialchars($userid);?>" />
<?php
endif;?>
<td width="22%"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Existing Certificates");?></td>
<td width="78%">
<select name='certref' class="formselect">
<?php
<?php
foreach ($config['cert'] as $cert) :
$selected = "";
$caname = "";
$inuse = "";
$revoked = "";
$usercert = isset($config['system']['user'][$userid]['cert']) ? $config['system']['user'][$userid]['cert'] : array();
if (isset($userid) && in_array($cert['refid'], $usercert)) {
continue;
......@@ -1085,123 +1047,100 @@ endif;?>
if ($ca) {
$caname = " (CA: {$ca['descr']})";
}
} else {
$ca = null;
}
if (isset($pconfig['certref']) && isset($cert['refid']) && $pconfig['certref'] == $cert['refid']) {
$selected = " selected=\"selected\"";
}
if (isset($cert['refid']) && cert_in_use($cert['refid'])) {
$inuse = " *In Use";
}
if (is_cert_revoked($cert)) {
$revoked = " *Revoked";
}
?>
<option value="<?=$cert['refid'];
?>"<?=$selected;
?>><?=$cert['descr'] . $caname . $inuse . $revoked;?></option>
<?php
}?>
<option value="<?=$cert['refid'];?>" <?=isset($pconfig['certref']) && isset($cert['refid']) && $pconfig['certref'] == $cert['refid'] ? "selected=\"selected\"" : "";?>>
<?=$cert['descr'];?> <?=$caname;?>
<?=isset($cert['refid']) && cert_in_use($cert['refid']) ? gettext("*In Use") : "";?>
<?=is_cert_revoked($cert) ? gettext("*Revoked") :"";?>
</option>
<?php
endforeach; ?>
</select>
</td>
</tr>
</tbody>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="save" class="table">
<!-- submit -->
<table class="table">
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="22%">&nbsp;</td>
<td width="78%">
<input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save");?>" />
<?php if (isset($id) && $a_cert[$id]) :
?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<?php
endif;?>
</td>
</tr>
</table>
</form>
<?php
elseif ($act == "csr" || ((isset($_POST['save']) && $_POST['save'] == gettext("Update")) && $input_errors)) :
<?php
elseif ($act == "csr") :
?>
<form action="system_certmanager.php" method="post" name="iform" id="iform">
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="name" class="table table-striped">
<input name="act" type="hidden" value="csr" />
<?php
if (isset($id)) :?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<?php
endif;?>
<table class="table table-striped">
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
<td width="78%" class="vtable">
<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/>
<td width="22%"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Descriptive name");?></td>
<td width="78%">
<input name="descr" type="text" id="descr" readonly="readonly" value="<?=$pconfig['descr'];?>"/>
</td>
</tr>
<tr>
<td colspan="2" class="list" height="12"></td>
</tr>
<tr>
<td colspan="2" valign="top" class="listtopic"><?=gettext("Complete Signing Request");?></td>
<td colspan="2"><?=gettext("Complete Signing Request");?></td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Signing request data");?></td>
<td width="78%" class="vtable">
<textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly="readonly"><?=htmlspecialchars($pconfig['csr']);?></textarea>
<td><?=gettext("Signing request data");?></td>
<td>
<textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly="readonly"><?=$pconfig['csr'];?></textarea>
<br />
<?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Final certificate data");?></td>
<td width="78%" class="vtable">
<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=htmlspecialchars($pconfig['cert']);?></textarea>
<td><?=gettext("Final certificate data");?></td>
<td>
<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea>
<br />
<?=gettext("Paste the certificate received from your certificate authority here.");?></td>
</td>
</tr>
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="78%">
<?php /* if ( isset($subject_mismatch) && $subject_mismatch === true): ?>
<input id="ignoresubjectmismatch" name="ignoresubjectmismatch" type="checkbox" class="formbtn" value="yes" />
<label for="ignoresubjectmismatch"><strong><?=gettext("Ignore certificate subject mismatch"); ?></strong></label><br />
<?php echo gettext("Warning: Using this option may create an " .
"invalid certificate. Check this box to disable the request -> " .
"response subject verification. ");
?><br />
<?php endif; */ ?>
<input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Update");?>" />
<?php if (isset($id) && $a_cert[$id]) :
?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<input name="act" type="hidden" value="csr" />
<?php
endif;?>
<td>&nbsp;</td>
<td>
<input id="submit" name="update" type="submit" class="btn btn-primary" value="<?=gettext("Update");?>" />
</td>
</tr>
</table>
</form>
<?php
else :
?>
<?php
else :?>
<form action="system_certmanager.php" method="post" name="iform" id="iform">
<input type="hidden" name="id" id="id" value="<?=isset($id) ? $id :"";?>"/>
<input type="hidden" name="act" id="action" value="<?=$act;?>"/>
</form>
<table summary="details" class="table table-striped">
<thead>
<tr>
<td width="15%" class="listhdrr"><?=gettext("Name");?></td>
<td width="15%" class="listhdrr"><?=gettext("Issuer");?></td>
<td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td>
<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
<th><?=gettext("Name");?></th>
<th><?=gettext("Issuer");?></th>
<th><?=gettext("Distinguished Name");?></th>
<th><?=gettext("In Use");?></th>
</tr>
</thead>
<tbody>
<?php
<?php
$i = 0;
foreach ($a_cert as $cert) :
$name = htmlspecialchars($cert['descr']);
$purpose = null;
if ($cert['crt']) {
if (!empty($cert['crt'])) {
$subj = cert_get_subject($cert['crt']);
$issuer = cert_get_issuer($cert['crt']);
$purpose = cert_get_purpose($cert['crt']);
......@@ -1213,7 +1152,6 @@ else :
}
$subj = htmlspecialchars($subj);
}
if (isset($cert['csr'])) {
$subj = htmlspecialchars(csr_get_subject($cert['csr']));
$caname = "<em>" . gettext("external - signature pending") . "</em>";
......@@ -1223,34 +1161,21 @@ else :
if ($ca) {
$caname = $ca['descr'];
}
}
$certimg = '<span class="glyphicon glyphicon-certificate __iconspacer"></span>';
?>
}?>
<tr>
<td class="listlr">
<table summary="icon">
<tr>
<td align="left" valign="middle">
<?=$certimg;?>
</td>
<td align="left" valign="middle">
<td>
<span class="glyphicon glyphicon-certificate __iconspacer"></span>
<?=$name;?>
<?php
if (is_array($purpose)) :?>
<br/><br/>
<?=gettext('CA:') ?> <?=$purpose['ca']; ?>,
<?=gettext('Server:') ?> <?=$purpose['server']; ?>
<?php
endif; ?>
</td>
</tr>
<tr><td>&nbsp;</td></tr>
<?php if (is_array($purpose)) :
?>
<tr><td colspan="2">
<?=gettext('CA:') ?> <?php echo $purpose['ca']; ?>,
<?=gettext('Server:') ?> <?php echo $purpose['server']; ?>
</td></tr>
<?php
endif; ?>
</table>
</td>
<td class="listr"><?=$caname;?>&nbsp;</td>
<td class="listr"><?=$subj;?>&nbsp;<br />
<td><?=$caname;?>&nbsp;</td>
<td><?=$subj;?>&nbsp;<br />
<table summary="valid">
<tr>
<td width="10%">&nbsp;</td>
......@@ -1264,77 +1189,63 @@ endif; ?>
</tr>
</table>
</td>
<td class="listr">
<?php if (is_cert_revoked($cert)) :
?>
<td>
<?php
if (is_cert_revoked($cert)) :?>
<b><?=gettext('Revoked') ?></b><br />
<?php
endif; ?>
<?php if (is_webgui_cert($cert['refid'])) :
?>
<?php
endif;
if (is_webgui_cert($cert['refid'])) :?>
<?=gettext('webConfigurator') ?><br />
<?php
endif; ?>
<?php if (is_user_cert($cert['refid'])) :
?>
<?php
endif;
if (is_user_cert($cert['refid'])) :?>
<?=gettext('User Cert') ?><br />
<?php
endif; ?>
<?php if (is_openvpn_server_cert($cert['refid'])) :
?>
<?php
endif;
if (is_openvpn_server_cert($cert['refid'])) :?>
<?=gettext('OpenVPN Server') ?><br />
<?php
endif; ?>
<?php if (is_openvpn_client_cert($cert['refid'])) :
?>
<?php
endif;
if (is_openvpn_client_cert($cert['refid'])) :?>
<?=gettext('OpenVPN Client') ?><br />
<?php
endif; ?>
<?php if (is_ipsec_cert($cert['refid'])) :
?>
<?php
endif;
if (is_ipsec_cert($cert['refid'])) :?>
<?=gettext('IPsec Tunnel') ?><br />
<?php
endif; ?>
<?php
endif; ?>
<a href="system_certmanager.php?act=exp&amp;id=<?=$i;
?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export ca");?>">
<a href="system_certmanager.php?act=exp&amp;id=<?=$i;?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export ca");?>">
<span class="glyphicon glyphicon-download"></span>
</a>
<a href="system_certmanager.php?act=key&amp;id=<?=$i;
?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export key");?>">
<a href="system_certmanager.php?act=key&amp;id=<?=$i;?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export key");?>">
<span class="glyphicon glyphicon-download"></span>
</a>
<a href="system_certmanager.php?act=p12&amp;id=<?=$i;
?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export ca cert+user cert+user cert key in .p12 format");?>">
<a href="system_certmanager.php?act=p12&amp;id=<?=$i;?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("export ca cert+user cert+user cert key in .p12 format");?>">
<span class="glyphicon glyphicon-download"></span>
</a>
<?php if (!cert_in_use($cert['refid'])) :
?>
<?php
if (!cert_in_use($cert['refid'])) :?>
<a href="system_certmanager.php?act=del&amp;id=<?=$i;
?>" class="btn btn-default btn-xs" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");
?>')" data-toggle="tooltip" data-placement="left" title="<?=gettext("delete cert");?>">
<a id="del_<?=$i;?>" data-id="<?=$i;?>" title="<?=gettext("delete cert"); ?>" data-toggle="tooltip" class="act_delete btn btn-default btn-xs">
<span class="glyphicon glyphicon-remove"></span>
</a>
<?php
endif; ?>
<?php if (isset($cert['csr'])) :
?>
<a href="system_certmanager.php?act=csr&amp;id=<?=$i;
?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("update csr");?>">
<?php
endif;
if (isset($cert['csr'])) :?>
<a href="system_certmanager.php?act=csr&amp;id=<?=$i;?>" class="btn btn-default btn-xs" data-toggle="tooltip" data-placement="left" title="<?=gettext("update csr");?>">
<span class="glyphicon glyphicon-edit"></span>
</a>
<?php
endif; ?>
<?php
endif; ?>
</td>
</tr>
<?php $i++;
<?php
$i++;
endforeach; ?>
<tr>
......@@ -1343,21 +1254,11 @@ endif; ?>
</tr>
</tbody>
</table>
<?php
endif; ?>
<?php
endif; ?>
</div>
</section>
</div>
</div>
</section>
<script type="text/javascript">
//<![CDATA[
method_change();
internalca_change();
//]]>
</script>
<?php include("foot.inc");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023