ssl-settings.jsp 9.81 KB
Newer Older
Bill Lynch's avatar
Bill Lynch committed
1
<%--
Matt Tucker's avatar
Matt Tucker committed
2 3 4
  -	$RCSfile$
  -	$Revision$
  -	$Date$
Bill Lynch's avatar
Bill Lynch committed
5 6 7 8 9
  -
  - Copyright (C) 2004 Jive Software. All rights reserved.
  -
  - This software is published under the terms of the GNU Public License (GPL),
  - a copy of which is included in this distribution.
Matt Tucker's avatar
Matt Tucker committed
10 11 12 13 14 15
--%>

<%@ page import="org.jivesoftware.util.*,
                 java.util.*,
                 org.jivesoftware.messenger.*,
                 org.jivesoftware.messenger.net.SSLConfig,
Bill Lynch's avatar
Bill Lynch committed
16 17
                 javax.net.ssl.KeyManager,
                 javax.net.ssl.TrustManager,
Matt Tucker's avatar
Matt Tucker committed
18 19 20
                 java.security.KeyStore,
                 java.security.cert.CertificateFactory,
                 java.security.cert.Certificate,
Derek DeMoro's avatar
Derek DeMoro committed
21 22
                 java.io.ByteArrayInputStream,
                 org.jivesoftware.admin.*"
Bill Lynch's avatar
Bill Lynch committed
23
    errorPage="error.jsp"
Matt Tucker's avatar
Matt Tucker committed
24
%>
Bill Lynch's avatar
Bill Lynch committed
25 26 27 28 29

<%@ taglib uri="core" prefix="c" %>

<%  try { %>

Bill Lynch's avatar
Bill Lynch committed
30
<%-- Define Administration Bean --%>
Matt Tucker's avatar
Matt Tucker committed
31 32 33 34
<jsp:useBean id="admin" class="org.jivesoftware.util.WebManager"  />
<% admin.init(request, response, session, application, out ); %>

<%  // Get parameters:
Bill Lynch's avatar
Bill Lynch committed
35 36 37 38
    String type = ParamUtils.getParameter(request, "type");
    String cert = ParamUtils.getParameter(request, "cert");
    String alias = ParamUtils.getParameter(request, "alias");
    boolean install = request.getParameter("install") != null;
Bill Lynch's avatar
Bill Lynch committed
39
    boolean uninstall = ParamUtils.getBooleanParameter(request,"uninstall");
Bill Lynch's avatar
Bill Lynch committed
40

Matt Tucker's avatar
Matt Tucker committed
41 42 43 44
    KeyStore keyStore = SSLConfig.getKeyStore();
    KeyStore trustStore = SSLConfig.getTrustStore();

    Map errors = new HashMap();
Bill Lynch's avatar
Bill Lynch committed
45 46
    if (install) {
        if (cert == null){
Matt Tucker's avatar
Matt Tucker committed
47 48
            errors.put("cert","");
        }
Bill Lynch's avatar
Bill Lynch committed
49
        if (alias == null) {
Matt Tucker's avatar
Matt Tucker committed
50 51
            errors.put("alias","");
        }
Bill Lynch's avatar
Bill Lynch committed
52 53 54 55 56 57 58 59 60 61 62 63 64
        if (errors.size() == 0) {
            try {
                CertificateFactory cf = CertificateFactory.getInstance("X.509");
                Certificate certificate = cf.generateCertificate(new ByteArrayInputStream(cert.getBytes()));
                if ("client".equals(type)){
                    trustStore.setCertificateEntry(alias,certificate);
                }
                else {
                    keyStore.setCertificateEntry(alias,certificate);
                }
                SSLConfig.saveStores();
                response.sendRedirect("ssl-settings.jsp?success=true");
                return;
Matt Tucker's avatar
Matt Tucker committed
65
            }
Bill Lynch's avatar
Bill Lynch committed
66 67
            catch (Exception e) {
                errors.put("general","");
Matt Tucker's avatar
Matt Tucker committed
68 69 70
            }
        }
    }
Bill Lynch's avatar
Bill Lynch committed
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89
    if (uninstall) {
        if (type != null && alias != null) {
            try {
                if ("client".equals(type)){
                    SSLConfig.getTrustStore().deleteEntry(alias);
                }
                else if ("server".equals(type)) {
                    SSLConfig.getKeyStore().deleteEntry(alias);
                }
                SSLConfig.saveStores();
                response.sendRedirect("ssl-settings.jsp?deletesuccess=true");
                return;
            }
            catch (Exception e) {
                e.printStackTrace();
                errors.put("delete", e);
            }
        }
    }
Bill Lynch's avatar
Bill Lynch committed
90
%>
Matt Tucker's avatar
Matt Tucker committed
91

Bill Lynch's avatar
Bill Lynch committed
92 93 94 95
<jsp:useBean id="pageinfo" scope="request" class="org.jivesoftware.admin.AdminPageBean" />
<%  // Title of this page and breadcrumbs
    String title = "SSL Security Settings";
    pageinfo.setTitle(title);
Bill Lynch's avatar
Bill Lynch committed
96
    pageinfo.getBreadcrumbs().add(new AdminPageBean.Breadcrumb("Main", "index.jsp"));
Bill Lynch's avatar
Bill Lynch committed
97 98
    pageinfo.getBreadcrumbs().add(new AdminPageBean.Breadcrumb(title, "ssl-settings.jsp"));
    pageinfo.setPageID("server-ssl");
Matt Tucker's avatar
Matt Tucker committed
99
%>
Bill Lynch's avatar
Bill Lynch committed
100 101
<jsp:include page="top.jsp" flush="true" />
<jsp:include page="title.jsp" flush="true" />
Matt Tucker's avatar
Matt Tucker committed
102 103 104

<%  if (ParamUtils.getBooleanParameter(request,"success")) { %>

Bill Lynch's avatar
Bill Lynch committed
105 106 107 108 109 110 111 112 113 114
    <div class="jive-success">
    <table cellpadding="0" cellspacing="0" border="0">
    <tbody>
        <tr><td class="jive-icon"><img src="images/success-16x16.gif" width="16" height="16" border="0"></td>
        <td class="jive-icon-label">
        Settings updated successfully.
        </td></tr>
    </tbody>
    </table>
    </div><br>
Matt Tucker's avatar
Matt Tucker committed
115

Bill Lynch's avatar
Bill Lynch committed
116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146
<%  } else if (ParamUtils.getBooleanParameter(request,"deletesuccess")) { %>

    <div class="jive-success">
    <table cellpadding="0" cellspacing="0" border="0">
    <tbody>
        <tr><td class="jive-icon"><img src="images/success-16x16.gif" width="16" height="16" border="0"></td>
        <td class="jive-icon-label">
        Certificate uninstalled successfully.
        </td></tr>
    </tbody>
    </table>
    </div><br>

<%  } else if (errors.containsKey("delete")) {
        Exception e = (Exception)errors.get("delete");
%>

    <div class="jive-error">
    <table cellpadding="0" cellspacing="0" border="0">
    <tbody>
        <tr><td class="jive-icon"><img src="images/error-16x16.gif" width="16" height="16" border="0"></td>
        <td class="jive-icon-label">
        Error uninstalling the certificate.
        <%  if (e != null && e.getMessage() != null) { %>
            Error message: <%= e.getMessage() %>
        <%  } %>
        </td></tr>
    </tbody>
    </table>
    </div><br>

Bill Lynch's avatar
Bill Lynch committed
147 148 149 150 151 152 153 154 155 156 157 158
<%  } else if (errors.size() > 0) { %>

    <div class="jive-error">
    <table cellpadding="0" cellspacing="0" border="0">
    <tbody>
        <tr><td class="jive-icon"><img src="images/error-16x16.gif" width="16" height="16" border="0"></td>
        <td class="jive-icon-label">
        Error installing the certificate, please see the form below.
        </td></tr>
    </tbody>
    </table>
    </div><br>
Matt Tucker's avatar
Matt Tucker committed
159

Bill Lynch's avatar
Bill Lynch committed
160
<%  } %>
Derek DeMoro's avatar
Derek DeMoro committed
161

Bill Lynch's avatar
Bill Lynch committed
162
<p>
Matt Tucker's avatar
Matt Tucker committed
163
SSL/TLS allows secure connections to be made between the server and clients.
Bill Lynch's avatar
Bill Lynch committed
164 165 166 167 168 169 170 171 172 173
This page displays installed certificates. Use the form at the bottom of the page to
install a new certificate.
</p>

<p><b>Installed Certificates</b></p>

<div class="jive-table">
<table cellpadding="0" cellspacing="0" border="0" width="100%">
<thead>
    <tr>
Bill Lynch's avatar
Bill Lynch committed
174
        <th width="1%">&nbsp;</th>
Bill Lynch's avatar
Bill Lynch committed
175 176 177 178 179 180
        <th>
            Alias (host)
        </th>
        <th>
            Certificate Type
        </th>
Bill Lynch's avatar
Bill Lynch committed
181
        <th width="1%">
Bill Lynch's avatar
Bill Lynch committed
182 183 184 185 186 187 188 189 190 191 192
            Uninstall
        </th>
    </tr>
</thead>
<tbody>

<%  int i=0;
    for (Enumeration aliases=keyStore.aliases(); aliases.hasMoreElements();) {
        i++;
        String a = (String)aliases.nextElement();
        Certificate c = keyStore.getCertificate(a);
Matt Tucker's avatar
Matt Tucker committed
193
%>
Bill Lynch's avatar
Bill Lynch committed
194 195 196 197 198 199 200 201 202
    <tr valign="top">
        <td width="1" rowspan="2"><%= (i) %>.</td>
        <td width="29%">
            <%= a %>
        </td>
        <td width="69%">
            <%= c.getType() %>
        </td>
        <td width="1" align="center">
Bill Lynch's avatar
Bill Lynch committed
203
            <a href="ssl-settings.jsp?alias=<%= a %>&type=server&uninstall=true"
Bill Lynch's avatar
Bill Lynch committed
204
             title="Click to uninstall..."
Bill Lynch's avatar
Bill Lynch committed
205
             onclick="return confirm('Are you sure you want to uninstall this certificate?');"
Matt Tucker's avatar
Matt Tucker committed
206
             ><img src="images/delete-16x16.gif" width="16" height="16" border="0"></a>
Bill Lynch's avatar
Bill Lynch committed
207 208 209 210 211 212
        </td>
    </tr>
    <tr>
        <td colspan="3">
            <span class="jive-description">
            Public Key:
Matt Tucker's avatar
Matt Tucker committed
213
            </span>
Bill Lynch's avatar
Bill Lynch committed
214 215 216 217
<textarea cols="40" rows="3" style="width:100%;font-size:8pt;" wrap="virtual">
<%= c.getPublicKey() %></textarea>
        </td>
    </tr>
Matt Tucker's avatar
Matt Tucker committed
218

Bill Lynch's avatar
Bill Lynch committed
219
<%  } %>
Matt Tucker's avatar
Matt Tucker committed
220

Bill Lynch's avatar
Bill Lynch committed
221 222 223 224 225 226 227 228 229 230 231 232
<%  if (i==0) { %>

    <tr>
        <td colspan="4">
            <p>
            No certificates installed. Use the form below to install one.
            </p>
        </td>
    </tr>

<%  } %>

Bill Lynch's avatar
Bill Lynch committed
233 234 235
</tbody>
</table>
</div>
Matt Tucker's avatar
Matt Tucker committed
236

Bill Lynch's avatar
Bill Lynch committed
237
<br><br>
Matt Tucker's avatar
Matt Tucker committed
238

Bill Lynch's avatar
Bill Lynch committed
239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279
<form action="ssl-settings.jsp" method="post">

<fieldset>
    <legend>Install Certificate</legend>
    <div>
    <p>
    New X.509 certificates can be added to the system by pasting in the certificate
    data sent to you by a Certificate Authority (e.g. Verisign) or you can
    generate your own self-signed certificates.
    </p>
    <table cellpadding="3" cellspacing="0" border="0" width="100%">
    <tbody>
        <%  if (errors.containsKey("alias")) { %>
            <tr><td>&nbsp;</td>
                <td>
                    <span class="jive-error-text">
                    Please enter a valid alias.
                    </span>
                </td>
            </tr>
        <%  } else if (errors.containsKey("cert")) { %>
            <tr><td>&nbsp;</td>
                <td>
                    <span class="jive-error-text">
                    Please enter a valid certificate.
                    </span>
                </td>
            </tr>
        <%  } else if (errors.containsKey("general")) {
                String error = (String)errors.get("general");
        %>
            <tr><td>&nbsp;</td>
                <td>
                    <span class="jive-error-text">
                    Error installing the certificate.
                    <%  if (error != null && !"".equals(error.trim())) { %>
                        Error reported: <%= error %>.
                    <%  } %>
                    </span>
                </td>
            </tr>
Matt Tucker's avatar
Matt Tucker committed
280
        <%  } %>
Bill Lynch's avatar
Bill Lynch committed
281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314
        <tr>
            <td nowrap>Certificate Type:</td>
            <td>
                <select name="type" size="1">
                    <option value="server">Server Certificate</option>
                    <option value="client">Client Certificate</option>
                </select>
            </td>
        </tr>
        <tr>
            <td nowrap>Alias:</td>
            <td>
                <input name="alias" type="text" size="50" maxlength="255" value="<%= (alias != null ? alias : "") %>">
            </td>
        </tr>
        <tr valign="top">
            <td nowrap>Certificate:</td>
            <td>
                <span class="jive-description">
                Paste in the certificate sent to you by the CA or the self-signed certificate generated via the keytool.<br>
                </span>
                <textarea name="cert" cols="55" rows="7" wrap="virtual" style="font-size:8pt;"></textarea>
            </td>
        </tr>
        <tr>
            <td colspan="2">
                <br>
                <input type="submit" name="install" value="Add Certificate">
            </td>
        </tr>
    </tbody>
    </table>
    </div>
</fieldset>
Matt Tucker's avatar
Matt Tucker committed
315 316

</form>
Bill Lynch's avatar
Bill Lynch committed
317 318 319

<%  } catch (Throwable t) { t.printStackTrace(); } %>

Bill Lynch's avatar
Bill Lynch committed
320
<jsp:include page="bottom.jsp" flush="true" />