Project

General

Profile

Download (19.2 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
	system_crlmanager.php
4
	
5
	Copyright (C) 2010 Jim Pingle
6
	All rights reserved.
7
	
8
	Redistribution and use in source and binary forms, with or without
9
	modification, are permitted provided that the following conditions are met:
10
	
11
	1. Redistributions of source code must retain the above copyright notice,
12
	this list of conditions and the following disclaimer.
13
	
14
	2. Redistributions in binary form must reproduce the above copyright
15
	notice, this list of conditions and the following disclaimer in the
16
	documentation and/or other materials provided with the distribution.
17
	
18
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
	POSSIBILITY OF SUCH DAMAGE.
28
*/
29
/*
30
	pfSense_MODULE:	certificate_managaer
31
*/
32

    
33
##|+PRIV
34
##|*IDENT=page-system-crlmanager
35
##|*NAME=System: CRL Manager
36
##|*DESCR=Allow access to the 'System: CRL Manager' page.
37
##|*MATCH=system_crlmanager.php*
38
##|-PRIV
39

    
40
require("guiconfig.inc");
41
require_once("certs.inc");
42

    
43
global $openssl_crl_status;
44

    
45
$pgtitle = array(gettext("System"), gettext("Certificate Revocation List Manager"));
46

    
47
$crl_methods = array(
48
	"internal" => gettext("Create an internal Certificate Revocation List"),
49
	"existing" => gettext("Import an existing Certificate Revocation List"));
50

    
51
$id = $_GET['id'];
52
if (isset($_POST['id']))
53
	$id = $_POST['id'];
54

    
55
if (!is_array($config['ca']))
56
	$config['ca'] = array();
57

    
58
$a_ca =& $config['ca'];
59

    
60
if (!is_array($config['cert']))
61
	$config['cert'] = array();
62

    
63
$a_cert =& $config['cert'];
64

    
65
if (!is_array($config['crl']))
66
	$config['crl'] = array();
67

    
68
$a_crl =& $config['crl'];
69

    
70
foreach ($a_crl as $cid => $acrl)
71
	if (!isset($acrl['refid']))
72
		unset ($a_crl[$cid]);
73

    
74
$act = $_GET['act'];
75
if ($_POST['act'])
76
	$act = $_POST['act'];
77

    
78
if (!empty($id))
79
	$thiscrl =& lookup_crl($id);
80

    
81
// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors.
82
if (!$thiscrl && (($act != "") && ($act != "new"))) {
83
	pfSenseHeader("system_crlmanager.php");
84
	$act="";
85
	$savemsg = gettext("Invalid CRL reference.");
86
}
87

    
88
if ($act == "del") {
89
	$name = $thiscrl['descr'];
90
	if (crl_in_use($id)) {
91
		$savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br/>";
92
	} else {
93
		foreach ($a_crl as $cid => $acrl)
94
			if ($acrl['refid'] == $thiscrl['refid'])
95
				unset($a_crl[$cid]);
96
		write_config("Deleted CRL {$name}.");
97
		$savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br/>";
98
	}
99
}
100

    
101
if ($act == "new") {
102
	$pconfig['method'] = $_GET['method'];
103
	$pconfig['caref'] = $_GET['caref'];
104
	$pconfig['lifetime'] = "9999";
105
	$pconfig['serial'] = "0";
106
}
107

    
108
if ($act == "exp") {
109
	$exp_name = urlencode("{$thiscrl['descr']}.crl");
110
	$exp_data = base64_decode($thiscrl['text']);
111
	$exp_size = strlen($exp_data);
112

    
113
	header("Content-Type: application/octet-stream");
114
	header("Content-Disposition: attachment; filename={$exp_name}");
115
	header("Content-Length: $exp_size");
116
	echo $exp_data;
117
	exit;
118
}
119

    
120
if ($act == "addcert") {
121
	if ($_POST) {
122
		unset($input_errors);
123
		$pconfig = $_POST;
124

    
125
		if (!$pconfig['crlref'] || !$pconfig['certref']) {
126
			pfSenseHeader("system_crlmanager.php");
127
			exit;
128
		}
129

    
130
		// certref, crlref
131
		$crl =& lookup_crl($pconfig['crlref']);
132
		$cert = lookup_cert($pconfig['certref']);
133

    
134
		if (!$crl['caref'] || !$cert['caref']) {
135
			$input_errors[] = gettext("Both the Certificate and CRL must be specified.");
136
		}
137

    
138
		if ($crl['caref'] != $cert['caref']) {
139
			$input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke.");
140
		}
141
		if (!is_crl_internal($crl)) {
142
			$input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL.");
143
		}
144

    
145
		if (!$input_errors) {
146
			$reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason'];
147
			cert_revoke($cert, $crl, $reason);
148
			write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
149
			require_once('openvpn.inc');
150
			openvpn_refresh_crls();
151
			pfSenseHeader("system_crlmanager.php");
152
			exit;
153
		}
154
	}
155
}
156

    
157
if ($act == "delcert") {
158
	if (!is_array($thiscrl['cert'])) {
159
		pfSenseHeader("system_crlmanager.php");
160
		exit;
161
	}
162
	$found = false;
163
	foreach ($thiscrl['cert'] as $acert) {
164
		if ($acert['refid'] == $_GET['certref']) {
165
			$found = true;
166
			$thiscert = $acert;
167
		}
168
	}
169
	if (!$found) {
170
		pfSenseHeader("system_crlmanager.php");
171
		exit;
172
	}
173
	$name = $thiscert['descr'];
174
	if (cert_unrevoke($thiscert, $thiscrl)) {
175
		write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
176
		$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
177
		require_once('openvpn.inc');
178
		openvpn_refresh_crls();
179
	} else {
180
		$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
181
	}
182
	$act="edit";
183
}
184

    
185
if ($_POST) {
186

    
187
	unset($input_errors);
188
	$pconfig = $_POST;
189

    
190
	/* input validation */
191
	if ($pconfig['method'] == "existing") {
192
		$reqdfields = explode(" ", "descr crltext");
193
		$reqdfieldsn = array(
194
				gettext("Descriptive name"),
195
				gettext("Certificate Revocation List data"));
196
	}
197
	if ($pconfig['method'] == "internal") {
198
		$reqdfields = explode(" ",
199
				"descr caref");
200
		$reqdfieldsn = array(
201
				gettext("Descriptive name"),
202
				gettext("Certificate Authority"));
203
	}
204

    
205
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
206

    
207
	/* if this is an AJAX caller then handle via JSON */
208
	if (isAjax() && is_array($input_errors)) {
209
		input_errors2Ajax($input_errors);
210
		exit;
211
	}
212

    
213
	/* save modifications */
214
	if (!$input_errors) {
215
		$result = false;
216

    
217
		if ($thiscrl) {
218
			$crl =& $thiscrl;
219
		} else {
220
			$crl = array();
221
			$crl['refid'] = uniqid();
222
		}
223

    
224
		$crl['descr'] = $pconfig['descr'];
225
		$crl['caref'] = $pconfig['caref'];
226

    
227
		if ($pconfig['method'] == "existing") {
228
			$crl['text'] = base64_encode($pconfig['crltext']);
229
		}
230

    
231
		if ($pconfig['method'] == "internal") {
232
			$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
233
			$crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
234
			$crl['cert'] = array();
235
		}
236

    
237
		if (!$thiscrl)
238
			$a_crl[] = $crl;
239

    
240
		write_config("Saved CRL {$crl['descr']}");
241

    
242
		pfSenseHeader("system_crlmanager.php");
243
	}
244
}
245

    
246
include("head.inc");
247
?>
248

    
249
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
250
<?php include("fbegin.inc"); ?>
251
<script type="text/javascript">
252
<!--
253

    
254
function method_change() {
255

    
256
	method = document.iform.method.selectedIndex;
257

    
258
	switch (method) {
259
		case 0:
260
			document.getElementById("existing").style.display="none";
261
			document.getElementById("internal").style.display="";
262
			break;
263
		case 1:
264
			document.getElementById("existing").style.display="";
265
			document.getElementById("internal").style.display="none";
266
			break;
267
	}
268
}
269

    
270
//-->
271
</script>
272
<?php
273
	if ($input_errors)
274
		print_input_errors($input_errors);
275
	if ($savemsg)
276
		print_info_box($savemsg);
277
?>
278
<table width="100%" border="0" cellpadding="0" cellspacing="0">
279
	<tr>
280
		<td>
281
		<?php
282
			$tab_array = array();
283
			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
284
			$tab_array[] = array(gettext("Certificates"), false, "system_certmanager.php");
285
			$tab_array[] = array(gettext("Certificate Revocation"), true, "system_crlmanager.php");
286
			display_top_tabs($tab_array);
287
		?>
288
		</td>
289
	</tr>
290
	<tr>
291
		<td id="mainarea">
292
			<div class="tabcont">
293

    
294
				<?php if ($act == "new" || $act == gettext("Save") || $input_errors): ?>
295

    
296
				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
297
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
298
						<?php if (!isset($id)): ?>
299
						<tr>
300
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
301
							<td width="78%" class="vtable">
302
								<select name='method' id='method' class="formselect" onchange='method_change()'>
303
								<?php
304
									foreach($crl_methods as $method => $desc):
305
									$selected = "";
306
									if ($pconfig['method'] == $method)
307
										$selected = "selected";
308
								?>
309
									<option value="<?=$method;?>"<?=$selected;?>><?=$desc;?></option>
310
								<?php endforeach; ?>
311
								</select>
312
							</td>
313
						</tr>
314
						<?php endif; ?>
315
						<tr>
316
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
317
							<td width="78%" class="vtable">
318
								<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/>
319
							</td>
320
						</tr>
321
						<tr>
322
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Authority");?></td>
323
							<td width="78%" class="vtable">
324
								<select name='caref' id='caref' class="formselect">
325
								<?php
326
									foreach($a_ca as $ca):
327
									$selected = "";
328
									if ($pconfig['caref'] == $ca['refid'])
329
										$selected = "selected";
330
								?>
331
									<option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['descr'];?></option>
332
								<?php endforeach; ?>
333
								</select>
334
							</td>
335
						</tr>
336
					</table>
337

    
338
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing">
339
						<tr>
340
							<td colspan="2" class="list" height="12"></td>
341
						</tr>
342
						<tr>
343
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Revocation List");?></td>
344
						</tr>
345

    
346
						<tr>
347
							<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
348
							<td width="78%" class="vtable">
349
								<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea>
350
								<br>
351
								<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
352
							</td>
353
						</tr>
354
					</table>
355

    
356
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal">
357
						<tr>
358
							<td colspan="2" class="list" height="12"></td>
359
						</tr>
360
						<tr>
361
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Revocation List");?></td>
362
						</tr>
363
						<tr>
364
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
365
							<td width="78%" class="vtable">
366
								<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
367
								<?=gettext("days");?><br/>
368
								<?=gettext("Default: 9999");?>
369
							</td>
370
						</tr>
371
						<tr>
372
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial");?></td>
373
							<td width="78%" class="vtable">
374
								<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['serial']);?>"/>
375
								<br/>
376
								<?=gettext("Default: 0");?>
377
							</td>
378
						</tr>
379
					</table>
380

    
381
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
382
						<tr>
383
							<td width="22%" valign="top">&nbsp;</td>
384
							<td width="78%">
385
								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
386
								<?php if (isset($id) && $thiscrl): ?>
387
								<input name="id" type="hidden" value="<?=$id;?>" />
388
								<?php endif;?>
389
							</td>
390
						</tr>
391
					</table>
392
				</form>
393
				<?php elseif ($act == "edit"): ?>
394
				<?php 	$crl = $thiscrl; ?>
395
				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
396
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
397
					<thead>
398
					<tr>
399
						<th width="90%" class="listhdrr" colspan="3"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th>
400
						<th width="10%" class="list"></th>
401
					</tr>
402
					<tr>
403
						<th width="30%" class="listhdrr"><b><?php echo gettext("Certificate Name")?></b></th>
404
						<th width="30%" class="listhdrr"><b><?php echo gettext("Revocation Reason")?></b></th>
405
						<th width="30%" class="listhdrr"><b><?php echo gettext("Revoked At")?></b></th>
406
						<th width="10%" class="list"></th>
407
					</tr>
408
					</thead>
409
					<tbody>
410
				<?php /* List Certs on CRL */
411
					if (!is_array($crl['cert']) || (count($crl['cert']) == 0)): ?>
412
					<tr>
413
						<td class="listlr" colspan="3">
414
							&nbsp;&nbsp;&nbsp;&nbsp;<?php echo gettext("No Certificates Found for this CRL."); ?>
415
						</td>
416
						<td class="list">&nbsp;</td>
417
					</td>
418
				<?php	else:
419
					foreach($crl['cert'] as $i => $cert):
420
						$name = htmlspecialchars($cert['descr']);
421
				 ?>
422
					<tr>
423
						<td class="listlr">
424
							<?php echo $name; ?>
425
						</td>
426
						<td class="listlr">
427
							<?php echo $openssl_crl_status[$cert["reason"]]; ?>
428
						</td>
429
						<td class="listlr">
430
							<?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?>
431
						</td>
432
						<td class="list">
433
							<a href="system_crlmanager.php?act=delcert&id=<?php echo $crl['refid']; ?>&certref=<?php echo $cert['refid']; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')">
434
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" />
435
							</a>
436
						</td>
437
					</tr>
438
					<?php
439
					endforeach;
440
					endif;
441
					?>
442
				<?php /* Drop-down with other certs from this CA. */
443
					// Map Certs to CAs in one pass
444
					$ca_certs = array();
445
					foreach($a_cert as $cert)
446
						if ($cert['caref'] == $crl['caref'])
447
							$ca_certs[] = $cert;
448
					if (count($ca_certs) == 0): ?>
449
					<tr>
450
						<td class="listlr" colspan="3">
451
							&nbsp;&nbsp;&nbsp;&nbsp;<?php echo gettext("No Certificates Found for this CA."); ?>
452
						</td>
453
						<td class="list">&nbsp;</td>
454
					</td>
455
				<?php	else: ?>
456
					<tr>
457
						<td class="listlr" colspan="3" align="center">
458
							<b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>: <select name='certref' id='certref' class="formselect">
459
				<?php	foreach($ca_certs as $cert): ?>
460
							<option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
461
				<?php	endforeach; ?>
462
							</select>
463
							<b><?php echo gettext("Reason");?></b>:
464
							<select name='crlreason' id='crlreason' class="formselect">
465
				<?php	foreach($openssl_crl_status as $code => $reason): ?>
466
							<option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option>
467
				<?php	endforeach; ?>
468
							</select>
469
							<input name="act" type="hidden" value="addcert" />
470
							<input name="crlref" type="hidden" value="<?=$crl['refid'];?>" />
471
							<input name="id" type="hidden" value="<?=$crl['refid'];?>" />
472
							<input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" />
473
						</td>
474
						<td class="list">&nbsp;</td>
475
					</tr>
476
				<?php	endif; ?>
477
					</tbody>
478
				</table>
479
				</form>
480
				<?php else: ?>
481

    
482
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
483
					<thead>
484
					<tr>
485
						<td width="35%" class="listhdrr"><?=gettext("Name");?></td>
486
						<td width="10%" class="listhdrr"><?=gettext("Internal");?></td>
487
						<td width="35%" class="listhdrr"><?=gettext("Certificates");?></td>
488
						<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
489
						<td width="10%" class="list"></td>
490
					</tr>
491
					</thead>
492
					<tbody>
493
					<?php
494
						// Map CRLs to CAs in one pass
495
						$ca_crl_map = array();
496
						foreach($a_crl as $crl)
497
							$ca_crl_map[$crl['caref']][] = $crl['refid'];
498

    
499
						$i = 0;
500
						foreach($a_ca as $ca):
501
							$name = htmlspecialchars($ca['descr']);
502

    
503
							if($ca['prv']) {
504
								$caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
505
								$internal = "YES";
506
							} else 
507
								continue;
508
					?>
509
					<tr>
510
						<td class="listlr" colspan="4">
511
							<table border="0" cellpadding="0" cellspacing="0">
512
								<tr>
513
									<td align="left" valign="center">
514
										<img src="<?=$caimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
515
									</td>
516
									<td align="left" valign="middle">
517
										<?=$name;?>
518
									</td>
519
								</tr>
520
							</table>
521
						</td>
522
						<td class="list">
523
							<a href="system_crlmanager.php?act=new&caref=<?php echo $ca['refid']; ?>">
524
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("Add or Import CRL for ") . $ca['descr'];?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
525
							</a>
526
						</td>
527
					</tr>
528
					
529
						<?php
530
						if (is_array($ca_crl_map[$ca['refid']])):
531
							foreach($ca_crl_map[$ca['refid']] as $crl):
532
								$tmpcrl = lookup_crl($crl);
533
								$internal = is_crl_internal($tmpcrl);
534
								$inuse = crl_in_use($tmpcrl['refid']);
535
						?>
536
					<tr>
537
						<td class="listlr"><?php echo $tmpcrl['descr']; ?></td>
538
						<td class="listr"><?php echo ($internal) ? "YES" : "NO"; ?></td>
539
						<td class="listr"><?php echo ($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td>
540
						<td class="listr"><?php echo ($inuse) ? "YES" : "NO"; ?></td>
541
						<td valign="middle" nowrap class="list">
542
							<?php if (!$internal || count($tmpcrl['cert'])): ?>
543
							<a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid'];?>")">
544
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
545
							</a>
546
							<?php endif; ?>
547
							<?php if ($internal): ?>
548
							<a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid'];?>")">
549
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
550
							</a>
551
							<?php endif; ?>
552
							<?php if (!$inuse): ?>
553
							<a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')">
554
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']); ?>" width="17" height="17" border="0" />
555
							</a>
556
							<?php endif; ?>
557
						</td>
558
					</tr>
559
						<?php
560
								$i++;
561
							endforeach;
562
						endif;
563
						?>
564
					<tr><td colspan="5">&nbsp;</td></tr>
565
					<?php
566
							$i++;
567
						endforeach;
568
					?>
569
					</tbody>
570
					<tfoot>
571
					<tr>
572
						<td colspan="5">
573
							<p>
574
								<?=gettext("Additional Certificate Revocation Lists can be added here.");?>
575
							</p>
576
						</td>
577
					</tr>
578
					</tfoot>
579
				</table>
580

    
581
				<?php endif; ?>
582

    
583
			</div>
584
		</td>
585
	</tr>
586
</table>
587
<?php include("fend.inc");?>
588
<script type="text/javascript">
589
<!--
590

    
591
method_change();
592

    
593
//-->
594
</script>
595

    
596
</body>
(185-185/224)