/usr/local/www/system_certmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_certmanager.php @ d590fa20

1	64cc39d3	Matthew Grooms	<?php
2			/*
3			system_certmanager.php
4
5			Copyright (C) 2008 Shrew Soft Inc.
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29	1d333258	Scott Ullrich	/*
30			pfSense_MODULE: certificate_managaer
31			*/
32	64cc39d3	Matthew Grooms
33			##\|+PRIV
34			##\|*IDENT=page-system-certmanager
35			##\|*NAME=System: Certificate Manager
36			##\|*DESCR=Allow access to the 'System: Certificate Manager' page.
37			##\|MATCH=system_certmanager.php
38			##\|-PRIV
39
40			require("guiconfig.inc");
41	14f5ae08	Ermal Lu?i	require_once("certs.inc");
42	64cc39d3	Matthew Grooms
43			$cert_methods = array(
44	a37753d7	Vinicius Coque	"existing" => gettext("Import an existing Certificate"),
45			"internal" => gettext("Create an internal Certificate"),
46			"external" => gettext("Create a Certificate Signing Request"));
47	64cc39d3	Matthew Grooms
48			$cert_keylens = array( "512", "1024", "2048", "4096");
49
50	51e4f7a3	Vinicius Coque	$pgtitle = array(gettext("System"), gettext("Certificate Manager"));
51	64cc39d3	Matthew Grooms
52			$id = $_GET['id'];
53			if (isset($_POST['id']))
54			$id = $_POST['id'];
55
56	b4e6524c	jim-p	if (!is_array($config['ca']))
57			$config['ca'] = array();
58	64cc39d3	Matthew Grooms
59	b4e6524c	jim-p	$a_ca =& $config['ca'];
60	64cc39d3	Matthew Grooms
61	b4e6524c	jim-p	if (!is_array($config['cert']))
62			$config['cert'] = array();
63	64cc39d3	Matthew Grooms
64	b4e6524c	jim-p	$a_cert =& $config['cert'];
65	64cc39d3	Matthew Grooms
66			$internal_ca_count = 0;
67			foreach ($a_ca as $ca)
68			if ($ca['prv'])
69			$internal_ca_count++;
70
71			$act = $_GET['act'];
72			if ($_POST['act'])
73			$act = $_POST['act'];
74
75			if ($act == "del") {
76
77			if (!$a_cert[$id]) {
78			pfSenseHeader("system_certmanager.php");
79			exit;
80			}
81
82			$name = $a_cert[$id]['name'];
83			unset($a_cert[$id]);
84			write_config();
85	ea53e38f	Renato Botelho	$savemsg = sprintf(gettext("Certificate %s successfully deleted"), $name) . "<br/>";
86	64cc39d3	Matthew Grooms	}
87
88			if ($act == "new") {
89			$pconfig['method'] = $_GET['method'];
90			$pconfig['keylen'] = "2048";
91	cf360495	Chris Buechler	$pconfig['lifetime'] = "3650";
92	64cc39d3	Matthew Grooms	}
93
94	93823b10	Matthew Grooms	if ($act == "exp") {
95
96			if (!$a_cert[$id]) {
97			pfSenseHeader("system_certmanager.php");
98			exit;
99			}
100
101			$exp_name = urlencode("{$a_cert[$id]['name']}.crt");
102			$exp_data = base64_decode($a_cert[$id]['crt']);
103			$exp_size = strlen($exp_data);
104
105			header("Content-Type: application/octet-stream");
106			header("Content-Disposition: attachment; filename={$exp_name}");
107			header("Content-Length: $exp_size");
108			echo $exp_data;
109			exit;
110			}
111
112	73fbece8	mgrooms	if ($act == "key") {
113
114			if (!$a_cert[$id]) {
115			pfSenseHeader("system_certmanager.php");
116			exit;
117			}
118
119			$exp_name = urlencode("{$a_cert[$id]['name']}.key");
120			$exp_data = base64_decode($a_cert[$id]['prv']);
121			$exp_size = strlen($exp_data);
122
123			header("Content-Type: application/octet-stream");
124			header("Content-Disposition: attachment; filename={$exp_name}");
125			header("Content-Length: $exp_size");
126			echo $exp_data;
127			exit;
128			}
129
130	64cc39d3	Matthew Grooms	if ($act == "csr") {
131
132			if (!$a_cert[$id]) {
133			pfSenseHeader("system_certmanager.php");
134			exit;
135			}
136
137			$pconfig['name'] = $a_cert[$id]['name'];
138			$pconfig['csr'] = base64_decode($a_cert[$id]['csr']);
139			}
140
141			if ($_POST) {
142
143	e64aa6f8	Carlos Eduardo Ramos	if ($_POST['save'] == gettext("Save")) {
144	64cc39d3	Matthew Grooms
145			unset($input_errors);
146			$pconfig = $_POST;
147
148			/* input validation */
149			if ($pconfig['method'] == "existing") {
150			$reqdfields = explode(" ",
151			"name cert key");
152	38fb1109	Vinicius Coque	$reqdfieldsn = array(
153			gettext("Descriptive name"),
154			gettext("Certificate data"),
155			gettext("Key data"));
156	64cc39d3	Matthew Grooms	}
157
158			if ($pconfig['method'] == "internal") {
159			$reqdfields = explode(" ",
160			"name caref keylen lifetime dn_country dn_state dn_city ".
161			"dn_organization dn_email dn_commonname");
162	38fb1109	Vinicius Coque	$reqdfieldsn = array(
163			gettext("Descriptive name"),
164			gettext("Certificate authority"),
165			gettext("Key length"),
166			gettext("Lifetime"),
167			gettext("Distinguished name Country Code"),
168			gettext("Distinguished name State or Province"),
169			gettext("Distinguished name City"),
170			gettext("Distinguished name Organization"),
171			gettext("Distinguished name Email Address"),
172	a37753d7	Vinicius Coque	gettext("Distinguished name Common Name"));
173	64cc39d3	Matthew Grooms	}
174
175			if ($pconfig['method'] == "external") {
176			$reqdfields = explode(" ",
177			"name csr_keylen csr_dn_country csr_dn_state csr_dn_city ".
178			"csr_dn_organization csr_dn_email csr_dn_commonname");
179	38fb1109	Vinicius Coque	$reqdfieldsn = array(
180			gettext("Descriptive name"),
181			gettext("Key length"),
182			gettext("Distinguished name Country Code"),
183			gettext("Distinguished name State or Province"),
184			gettext("Distinguished name City"),
185			gettext("Distinguished name Organization"),
186			gettext("Distinguished name Email Address"),
187	a37753d7	Vinicius Coque	gettext("Distinguished name Common Name"));
188	64cc39d3	Matthew Grooms	}
189
190			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
191
192			/* if this is an AJAX caller then handle via JSON */
193			if (isAjax() && is_array($input_errors)) {
194			input_errors2Ajax($input_errors);
195			exit;
196			}
197
198			/* save modifications */
199			if (!$input_errors) {
200
201			$cert = array();
202			$cert['refid'] = uniqid();
203			if (isset($id) && $a_cert[$id])
204			$cert = $a_cert[$id];
205
206			$cert['name'] = $pconfig['name'];
207
208			if ($pconfig['method'] == "existing")
209			cert_import($cert, $pconfig['cert'], $pconfig['key']);
210
211			if ($pconfig['method'] == "internal") {
212			$dn = array(
213			'countryName' => $pconfig['dn_country'],
214			'stateOrProvinceName' => $pconfig['dn_state'],
215			'localityName' => $pconfig['dn_city'],
216			'organizationName' => $pconfig['dn_organization'],
217			'emailAddress' => $pconfig['dn_email'],
218			'commonName' => $pconfig['dn_commonname']);
219
220			cert_create($cert, $pconfig['caref'], $pconfig['keylen'],
221			$pconfig['lifetime'], $dn);
222			}
223
224			if ($pconfig['method'] == "external") {
225			$dn = array(
226			'countryName' => $pconfig['csr_dn_country'],
227			'stateOrProvinceName' => $pconfig['csr_dn_state'],
228			'localityName' => $pconfig['csr_dn_city'],
229			'organizationName' => $pconfig['csr_dn_organization'],
230			'emailAddress' => $pconfig['csr_dn_email'],
231			'commonName' => $pconfig['csr_dn_commonname']);
232
233			csr_generate($cert, $pconfig['csr_keylen'], $dn);
234			}
235
236			if (isset($id) && $a_cert[$id])
237			$a_cert[$id] = $cert;
238			else
239			$a_cert[] = $cert;
240
241			write_config();
242
243			// pfSenseHeader("system_certmanager.php");
244			}
245			}
246
247	a37753d7	Vinicius Coque	if ($_POST['save'] == gettext("Update")) {
248	64cc39d3	Matthew Grooms	unset($input_errors);
249			$pconfig = $_POST;
250
251			/* input validation */
252			$reqdfields = explode(" ", "name cert");
253	76d49f20	Renato Botelho	$reqdfieldsn = array(
254			gettext("Descriptive name"),
255			gettext("Final Certificate data"));
256	64cc39d3	Matthew Grooms
257			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
258
259			/* make sure this csr and certificate subjects match */
260			$subj_csr = csr_get_subject($pconfig['csr'], false);
261			$subj_cert = cert_get_subject($pconfig['cert'], false);
262
263			if (strcmp($subj_csr,$subj_cert))
264	a37753d7	Vinicius Coque	$input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert);
265	64cc39d3	Matthew Grooms
266			/* if this is an AJAX caller then handle via JSON */
267			if (isAjax() && is_array($input_errors)) {
268			input_errors2Ajax($input_errors);
269			exit;
270			}
271
272			/* save modifications */
273			if (!$input_errors) {
274
275			$cert = $a_cert[$id];
276
277			$cert['name'] = $pconfig['name'];
278
279			csr_complete($cert, $pconfig['cert']);
280
281			$a_cert[$id] = $cert;
282
283			write_config();
284
285			pfSenseHeader("system_certmanager.php");
286			}
287			}
288			}
289
290			include("head.inc");
291			?>
292
293			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
294			<?php include("fbegin.inc"); ?>
295			<script type="text/javascript">
296			<!--
297
298			function method_change() {
299
300			<?php
301			if ($internal_ca_count)
302			$submit_style = "";
303			else
304			$submit_style = "none";
305			?>
306
307			method = document.iform.method.selectedIndex;
308
309			switch (method) {
310			case 0:
311			document.getElementById("existing").style.display="";
312			document.getElementById("internal").style.display="none";
313			document.getElementById("external").style.display="none";
314	96c7a492	Matthew Grooms	document.getElementById("submit").style.display="";
315	64cc39d3	Matthew Grooms	break;
316			case 1:
317			document.getElementById("existing").style.display="none";
318			document.getElementById("internal").style.display="";
319			document.getElementById("external").style.display="none";
320			document.getElementById("submit").style.display="<?=$submit_style;?>";
321			break;
322			case 2:
323			document.getElementById("existing").style.display="none";
324			document.getElementById("internal").style.display="none";
325			document.getElementById("external").style.display="";
326	96c7a492	Matthew Grooms	document.getElementById("submit").style.display="";
327	64cc39d3	Matthew Grooms	break;
328			}
329			}
330
331			<?php if ($internal_ca_count): ?>
332			function internalca_change() {
333
334			index = document.iform.caref.selectedIndex;
335			caref = document.iform.caref[index].value;
336
337			switch (caref) {
338			<?php
339			foreach ($a_ca as $ca):
340			if (!$ca['prv'])
341			continue;
342			$subject = cert_get_subject_array($ca['crt']);
343			?>
344			case "<?=$ca['refid'];?>":
345			document.iform.dn_country.value = "<?=$subject[0]['v'];?>";
346			document.iform.dn_state.value = "<?=$subject[1]['v'];?>";
347			document.iform.dn_city.value = "<?=$subject[2]['v'];?>";
348			document.iform.dn_organization.value = "<?=$subject[3]['v'];?>";
349			break;
350			<?php endforeach; ?>
351			}
352			}
353			<?php endif; ?>
354
355			//-->
356			</script>
357			<?php
358			if ($input_errors)
359			print_input_errors($input_errors);
360			if ($savemsg)
361			print_info_box($savemsg);
362			?>
363			<table width="100%" border="0" cellpadding="0" cellspacing="0">
364			<tr>
365			<td class="tabnavtbl">
366			<?php
367			$tab_array = array();
368			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
369			$tab_array[] = array(gettext("Certificates"), true, "system_certmanager.php");
370			display_top_tabs($tab_array);
371			?>
372			</td>
373			</tr>
374			<tr>
375	96c7a492	Matthew Grooms	<td id="mainarea">
376			<div class="tabcont">
377
378	e64aa6f8	Carlos Eduardo Ramos	<?php if ($act == "new" \|\| (($_POST['save'] == gettext("Save")) && $input_errors)): ?>
379	96c7a492	Matthew Grooms
380			<form action="system_certmanager.php" method="post" name="iform" id="iform">
381			<table width="100%" border="0" cellpadding="6" cellspacing="0">
382			<tr>
383			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
384			<td width="78%" class="vtable">
385			<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
386			</td>
387			</tr>
388			<?php if (!isset($id)): ?>
389			<tr>
390			<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
391			<td width="78%" class="vtable">
392			<select name='method' id='method' class="formselect" onchange='method_change()'>
393			<?php
394			foreach($cert_methods as $method => $desc):
395			$selected = "";
396			if ($pconfig['method'] == $method)
397			$selected = "selected";
398			?>
399			<option value="<?=$method;?>"<?=$selected;?>><?=$desc;?></option>
400			<?php endforeach; ?>
401			</select>
402			</td>
403			</tr>
404			<?php endif; ?>
405			</table>
406
407			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing">
408			<tr>
409			<td colspan="2" class="list" height="12"></td>
410			</tr>
411			<tr>
412	a37753d7	Vinicius Coque	<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate");?></td>
413	96c7a492	Matthew Grooms	</tr>
414
415			<tr>
416	a37753d7	Vinicius Coque	<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td>
417	96c7a492	Matthew Grooms	<td width="78%" class="vtable">
418			<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea>
419			<br>
420	a37753d7	Vinicius Coque	<?=gettext("Paste a certificate in X.509 PEM format here.");?></td>
421	96c7a492	Matthew Grooms	</td>
422			</tr>
423			<tr>
424	a37753d7	Vinicius Coque	<td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td>
425	96c7a492	Matthew Grooms	<td width="78%" class="vtable">
426			<textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea>
427			<br>
428	a37753d7	Vinicius Coque	<?=gettext("Paste a private key in X.509 PEM format here.");?></td>
429	96c7a492	Matthew Grooms	</td>
430			</tr>
431			</table>
432
433			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal">
434			<tr>
435			<td colspan="2" class="list" height="12"></td>
436			</tr>
437			<tr>
438	a37753d7	Vinicius Coque	<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate");?></td>
439	96c7a492	Matthew Grooms	</tr>
440
441			<?php if (!$internal_ca_count): ?>
442
443			<tr>
444			<td colspan="2" align="center" class="vtable">
445	a37753d7	Vinicius Coque	<?=gettext("No internal Certificate Authorities have been defined. You must");?>
446			<a href="system_camanager.php?act=new&method=internal"><?=gettext("create");?></a>
447			<?=gettext("an internal CA before creating an internal certificate.");?>
448	96c7a492	Matthew Grooms	</td>
449			</tr>
450
451			<?php else: ?>
452
453			<tr>
454			<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
455			<td width="78%" class="vtable">
456			<select name='caref' id='caref' class="formselect" onChange='internalca_change()'>
457			<?php
458			foreach( $a_ca as $ca):
459			if (!$ca['prv'])
460			continue;
461			$selected = "";
462			if ($pconfig['caref'] == $ca['refid'])
463			$selected = "selected";
464			?>
465			<option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['name'];?></option>
466			<?php endforeach; ?>
467			</select>
468			</td>
469			</tr>
470			<tr>
471			<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
472			<td width="78%" class="vtable">
473			<select name='keylen' class="formselect">
474			<?php
475			foreach( $cert_keylens as $len):
476			$selected = "";
477			if ($pconfig['keylen'] == $len)
478			$selected = "selected";
479			?>
480			<option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option>
481			<?php endforeach; ?>
482			</select>
483	a37753d7	Vinicius Coque	<?=gettext("bits");?>
484	96c7a492	Matthew Grooms	</td>
485			</tr>
486			<tr>
487			<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
488			<td width="78%" class="vtable">
489			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
490	a37753d7	Vinicius Coque	<?=gettext("days");?>
491	96c7a492	Matthew Grooms	</td>
492			</tr>
493			<tr>
494			<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
495			<td width="78%" class="vtable">
496			<table border="0" cellspacing="0" cellpadding="2">
497			<tr>
498	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Country Code");?> :  </td>
499	96c7a492	Matthew Grooms	<td align="left">
500	cee476e8	Ermal Lu?i	<input name="dn_country" type="text" class="formfld unknown" maxlength="2" size="2" value="<?=htmlspecialchars($pconfig['dn_country']);?>" readonly/>
501	96c7a492	Matthew Grooms	</td>
502			</tr>
503			<tr>
504	a37753d7	Vinicius Coque	<td align="right"><?=gettext("State or Province");?> :  </td>
505	96c7a492	Matthew Grooms	<td align="left">
506			<input name="dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_state']);?>" readonly/>
507			</td>
508			</tr>
509			<tr>
510	a37753d7	Vinicius Coque	<td align="right"><?=gettext("City");?> :  </td>
511	96c7a492	Matthew Grooms	<td align="left">
512			<input name="dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_city']);?>" readonly/>
513			</td>
514			</tr>
515			<tr>
516	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Organization");?> :  </td>
517	96c7a492	Matthew Grooms	<td align="left">
518			<input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_organization']);?>" readonly/>
519			</td>
520			</tr>
521			<tr>
522	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Email Address");?> :  </td>
523	96c7a492	Matthew Grooms	<td align="left">
524			<input name="dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_email']);?>"/>
525
526			<em>ex:</em>
527
528	a37753d7	Vinicius Coque	<?=gettext("webadmin@mycompany.com");?>
529	96c7a492	Matthew Grooms	</td>
530			</tr>
531			<tr>
532	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Common Name");?> :  </td>
533	96c7a492	Matthew Grooms	<td align="left">
534			<input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_commonname']);?>"/>
535
536			<em>ex:</em>
537
538	a37753d7	Vinicius Coque	<?=gettext("www.example.com");?>
539	96c7a492	Matthew Grooms	</td>
540			</tr>
541			</table>
542			</td>
543			</tr>
544	64cc39d3	Matthew Grooms
545			<?php endif; ?>
546
547	96c7a492	Matthew Grooms	</table>
548
549			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="external">
550			<tr>
551			<td colspan="2" class="list" height="12"></td>
552			</tr>
553			<tr>
554	a37753d7	Vinicius Coque	<td colspan="2" valign="top" class="listtopic"><?=gettext("External Signing Request");?></td>
555	96c7a492	Matthew Grooms	</tr>
556			<tr>
557			<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
558			<td width="78%" class="vtable">
559			<select name='csr_keylen' class="formselect">
560			<?php
561			foreach( $cert_keylens as $len):
562			$selected = "";
563			if ($pconfig['keylen'] == $len)
564			$selected = "selected";
565			?>
566			<option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option>
567			<?php endforeach; ?>
568			</select>
569			bits
570			</td>
571			</tr>
572			<tr>
573			<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
574			<td width="78%" class="vtable">
575			<table border="0" cellspacing="0" cellpadding="2">
576			<tr>
577	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Country Code");?> :  </td>
578	96c7a492	Matthew Grooms	<td align="left">
579			<input name="csr_dn_country" type="text" class="formfld unknown" size="2" value="<?=htmlspecialchars($pconfig['csr_dn_country']);?>" />
580
581			<em>ex:</em>
582
583			US
584
585	a37753d7	Vinicius Coque	<em><?=gettext("( two letters )");?></em>
586	96c7a492	Matthew Grooms	</td>
587			</tr>
588			<tr>
589	a37753d7	Vinicius Coque	<td align="right"><?=gettext("State or Province");?> :  </td>
590	96c7a492	Matthew Grooms	<td align="left">
591			<input name="csr_dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_state']);?>" />
592
593			<em>ex:</em>
594
595	a37753d7	Vinicius Coque	<?=gettext("Texas");?>
596	96c7a492	Matthew Grooms	</td>
597			</tr>
598			<tr>
599	a37753d7	Vinicius Coque	<td align="right"><?=gettext("City");?> :  </td>
600	96c7a492	Matthew Grooms	<td align="left">
601			<input name="csr_dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_city']);?>" />
602
603			<em>ex:</em>
604
605	a37753d7	Vinicius Coque	<?=gettext("Austin");?>
606	96c7a492	Matthew Grooms	</td>
607			</tr>
608			<tr>
609	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Organization");?> :  </td>
610	96c7a492	Matthew Grooms	<td align="left">
611			<input name="csr_dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_organization']);?>" />
612
613			<em>ex:</em>
614
615	a37753d7	Vinicius Coque	<?=gettext("My Company Inc.");?>
616	96c7a492	Matthew Grooms	</td>
617			</tr>
618			<tr>
619	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Email Address");?> :  </td>
620	96c7a492	Matthew Grooms	<td align="left">
621			<input name="csr_dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_email']);?>"/>
622
623			<em>ex:</em>
624
625	a37753d7	Vinicius Coque	<?=gettext("webadmin@mycompany.com");?>
626	96c7a492	Matthew Grooms	</td>
627			</tr>
628			<tr>
629	a37753d7	Vinicius Coque	<td align="right"><?=gettext("Common Name");?> :  </td>
630	96c7a492	Matthew Grooms	<td align="left">
631			<input name="csr_dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_commonname']);?>"/>
632
633			<em>ex:</em>
634
635	a37753d7	Vinicius Coque	<?=gettext("www.example.com");?>
636	96c7a492	Matthew Grooms	</td>
637			</tr>
638			</table>
639			</td>
640			</tr>
641			</table>
642
643			<table width="100%" border="0" cellpadding="6" cellspacing="0">
644			<tr>
645			<td width="22%" valign="top"> </td>
646			<td width="78%">
647	e64aa6f8	Carlos Eduardo Ramos	<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
648	96c7a492	Matthew Grooms	<?php if (isset($id) && $a_cert[$id]): ?>
649			<input name="id" type="hidden" value="<?=$id;?>" />
650			<?php endif;?>
651			</td>
652			</tr>
653			</table>
654			</form>
655
656	e64aa6f8	Carlos Eduardo Ramos	<?php elseif ($act == "csr" \|\| (($_POST['save'] == gettext("Update")) && $input_errors)):?>
657	96c7a492	Matthew Grooms
658			<form action="system_certmanager.php" method="post" name="iform" id="iform">
659			<table width="100%" border="0" cellpadding="6" cellspacing="0">
660			<tr>
661			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
662			<td width="78%" class="vtable">
663			<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
664			</td>
665			</tr>
666			<tr>
667			<td colspan="2" class="list" height="12"></td>
668			</tr>
669			<tr>
670	a37753d7	Vinicius Coque	<td colspan="2" valign="top" class="listtopic"><?=gettext("Complete Signing Request");?></td>
671	96c7a492	Matthew Grooms	</tr>
672
673			<tr>
674	a37753d7	Vinicius Coque	<td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Request data");?></td>
675	96c7a492	Matthew Grooms	<td width="78%" class="vtable">
676			<textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=$pconfig['csr'];?></textarea>
677			<br>
678	a37753d7	Vinicius Coque	<?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td>
679	96c7a492	Matthew Grooms	</td>
680			</tr>
681			<tr>
682	a37753d7	Vinicius Coque	<td width="22%" valign="top" class="vncellreq"><?=gettext("Final Certificate data");?></td>
683	96c7a492	Matthew Grooms	<td width="78%" class="vtable">
684			<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea>
685			<br>
686	a37753d7	Vinicius Coque	<?=gettext("Paste the certificate received from your cerificate authority here.");?></td>
687	96c7a492	Matthew Grooms	</td>
688			</tr>
689			<tr>
690			<td width="22%" valign="top"> </td>
691			<td width="78%">
692	e64aa6f8	Carlos Eduardo Ramos	<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Update");?>" />
693	96c7a492	Matthew Grooms	<?php if (isset($id) && $a_cert[$id]): ?>
694			<input name="id" type="hidden" value="<?=$id;?>" />
695			<input name="act" type="hidden" value="csr" />
696			<?php endif;?>
697			</td>
698			</tr>
699			</table>
700			</form>
701
702			<?php else:?>
703
704			<table width="100%" border="0" cellpadding="0" cellspacing="0">
705	64cc39d3	Matthew Grooms	<tr>
706	d590fa20	jim-p	<td width="15%" class="listhdrr"><?=gettext("Name");?></td>
707			<td width="15%" class="listhdrr"><?=gettext("Issuer");?></td>
708	a37753d7	Vinicius Coque	<td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td>
709	d590fa20	jim-p	<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
710	96c7a492	Matthew Grooms	<td width="10%" class="list"></td>
711	64cc39d3	Matthew Grooms	</tr>
712	96c7a492	Matthew Grooms	<?php
713			$i = 0;
714			foreach($a_cert as $cert):
715			$name = htmlspecialchars($cert['name']);
716
717			if ($cert['crt']) {
718	2cf6ddcb	Nigel Graham	$subj = cert_get_subject($cert['crt']);
719			$issuer = cert_get_issuer($cert['crt']);
720			if($subj==$issuer)
721	a37753d7	Vinicius Coque	$caname = "<em>" . gettext("self-signed") . "</em>";
722	2cf6ddcb	Nigel Graham	else
723	a37753d7	Vinicius Coque	$caname = "<em>" . gettext("external"). "</em>";
724	2cf6ddcb	Nigel Graham	$subj = htmlspecialchars($subj);
725	96c7a492	Matthew Grooms	}
726
727			if ($cert['csr']) {
728			$subj = htmlspecialchars(csr_get_subject($cert['csr']));
729	a37753d7	Vinicius Coque	$caname = "<em>" . gettext("external - signature pending") . "</em>";
730	96c7a492	Matthew Grooms	}
731
732			$ca = lookup_ca($cert['caref']);
733			if ($ca)
734			$caname = $ca['name'];
735
736			if($cert['prv'])
737			$certimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
738			else
739			$certimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
740			?>
741	64cc39d3	Matthew Grooms	<tr>
742	96c7a492	Matthew Grooms	<td class="listlr">
743			<table border="0" cellpadding="0" cellspacing="0">
744	64cc39d3	Matthew Grooms	<tr>
745	96c7a492	Matthew Grooms	<td align="left" valign="center">
746			<img src="<?=$certimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
747	64cc39d3	Matthew Grooms	</td>
748	96c7a492	Matthew Grooms	<td align="left" valign="middle">
749			<?=$name;?>
750	64cc39d3	Matthew Grooms	</td>
751			</tr>
752			</table>
753			</td>
754	96c7a492	Matthew Grooms	<td class="listr"><?=$caname;?> </td>
755			<td class="listr"><?=$subj;?> </td>
756	d590fa20	jim-p	<td class="listr">
757			<?php if (is_webgui_cert($cert['refid'])): ?>
758			webConfigurator<br/>
759			<?php endif; ?>
760			<?php if (is_user_cert($cert['refid'])): ?>
761			User Cert<br/>
762			<?php endif; ?>
763			<?php if (is_openvpn_server_cert($cert['refid'])): ?>
764			OpenVPN Server<br/>
765			<?php endif; ?>
766			<?php if (is_openvpn_client_cert($cert['refid'])): ?>
767			OpenVPN Client<br/>
768			<?php endif; ?>
769			<?php if (is_ipsec_cert($cert['refid'])): ?>
770			IPsec Tunnel<br/>
771			<?php endif; ?>
772			</td>
773	96c7a492	Matthew Grooms	<td valign="middle" nowrap class="list">
774	ea53e38f	Renato Botelho	<a href="system_certmanager.php?act=exp&id=<?=$i;?>">
775	a37753d7	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" />
776	96c7a492	Matthew Grooms	</a>
777	ea53e38f	Renato Botelho	<a href="system_certmanager.php?act=key&id=<?=$i;?>">
778	a37753d7	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export key");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" />
779	73fbece8	mgrooms	</a>
780	96c7a492	Matthew Grooms	<a href="system_certmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')">
781	a37753d7	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete cert");?>" alt="<?=gettext("delete cert");?>" width="17" height="17" border="0" />
782	96c7a492	Matthew Grooms	</a>
783			<?php if ($cert['csr']): ?>
784
785			<a href="system_certmanager.php?act=csr&id=<?=$i;?>">
786	a37753d7	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("update csr");?>" alt="<?=gettext("update csr");?>" width="17" height="17" border="0" />
787	96c7a492	Matthew Grooms	</a>
788			<?php endif; ?>
789	64cc39d3	Matthew Grooms	</td>
790			</tr>
791	96c7a492	Matthew Grooms	<?php
792			$i++;
793			endforeach;
794			?>
795	64cc39d3	Matthew Grooms	<tr>
796	96c7a492	Matthew Grooms	<td class="list" colspan="3"></td>
797			<td class="list">
798			<a href="system_certmanager.php?act=new">
799	a37753d7	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add or import ca");?>" alt="<?=gettext("add ca");?>" width="17" height="17" border="0" />
800	96c7a492	Matthew Grooms	</a>
801	64cc39d3	Matthew Grooms	</td>
802			</tr>
803			</table>
804
805	96c7a492	Matthew Grooms	<?php endif; ?>
806	64cc39d3	Matthew Grooms
807	96c7a492	Matthew Grooms	</div>
808	64cc39d3	Matthew Grooms	</td>
809			</tr>
810			</table>
811			<?php include("fend.inc");?>
812			<script type="text/javascript">
813			<!--
814
815			method_change();
816			internalca_change();
817
818			//-->
819			</script>
820
821			</body>

Project

General

Profile

pfSense