Project

General

Profile

Download (25.9 KB) Statistics
| Branch: | Tag: | Revision:
1
<?php
2
/*
3
    system_certmanager.php
4

    
5
    Copyright (C) 2008 Shrew Soft Inc.
6
    All rights reserved.
7

    
8
    Redistribution and use in source and binary forms, with or without
9
    modification, are permitted provided that the following conditions are met:
10

    
11
    1. Redistributions of source code must retain the above copyright notice,
12
       this list of conditions and the following disclaimer.
13

    
14
    2. Redistributions in binary form must reproduce the above copyright
15
       notice, this list of conditions and the following disclaimer in the
16
       documentation and/or other materials provided with the distribution.
17

    
18
    THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
    INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
    AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
    AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
    OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
    SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
    INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
    CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
    ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
    POSSIBILITY OF SUCH DAMAGE.
28
*/
29
/*
30
	pfSense_MODULE:	certificate_managaer
31
*/
32

    
33
##|+PRIV
34
##|*IDENT=page-system-certmanager
35
##|*NAME=System: Certificate Manager
36
##|*DESCR=Allow access to the 'System: Certificate Manager' page.
37
##|*MATCH=system_certmanager.php*
38
##|-PRIV
39

    
40
require("guiconfig.inc");
41
require_once("certs.inc");
42

    
43
$cert_methods = array(
44
	"existing" => gettext("Import an existing Certificate"),
45
	"internal" => gettext("Create an internal Certificate"),
46
	"external" => gettext("Create a Certificate Signing Request"));
47

    
48
$cert_keylens = array( "512", "1024", "2048", "4096");
49

    
50
$pgtitle = array(gettext("System"), gettext("Certificate Manager"));
51

    
52
$id = $_GET['id'];
53
if (isset($_POST['id']))
54
	$id = $_POST['id'];
55

    
56
if (!is_array($config['system']['ca']))
57
	$config['system']['ca'] = array();
58

    
59
$a_ca =& $config['system']['ca'];
60

    
61
if (!is_array($config['system']['cert']))
62
	$config['system']['cert'] = array();
63

    
64
$a_cert =& $config['system']['cert'];
65

    
66
$internal_ca_count = 0;
67
foreach ($a_ca as $ca)
68
	if ($ca['prv'])	
69
		$internal_ca_count++;
70

    
71
$act = $_GET['act'];
72
if ($_POST['act'])
73
	$act = $_POST['act'];
74

    
75
if ($act == "del") {
76

    
77
	if (!$a_cert[$id]) {
78
		pfSenseHeader("system_certmanager.php");
79
		exit;
80
	}
81

    
82
	$name = $a_cert[$id]['name'];
83
	unset($a_cert[$id]);
84
	write_config();
85
	$savemsg = gettext("Certificate")." {$name} ".
86
				gettext("successfully deleted")."<br/>";
87
}
88

    
89
if ($act == "new") {
90
	$pconfig['method'] = $_GET['method'];
91
	$pconfig['keylen'] = "2048";
92
	$pconfig['lifetime'] = "3650";
93
}
94

    
95
if ($act == "exp") {
96

    
97
	if (!$a_cert[$id]) {
98
		pfSenseHeader("system_certmanager.php");
99
		exit;
100
	}
101

    
102
	$exp_name = urlencode("{$a_cert[$id]['name']}.crt");
103
	$exp_data = base64_decode($a_cert[$id]['crt']);
104
	$exp_size = strlen($exp_data);
105

    
106
	header("Content-Type: application/octet-stream");
107
	header("Content-Disposition: attachment; filename={$exp_name}");
108
	header("Content-Length: $exp_size");
109
	echo $exp_data;
110
	exit;
111
}
112

    
113
if ($act == "key") {
114

    
115
	if (!$a_cert[$id]) {
116
		pfSenseHeader("system_certmanager.php");
117
		exit;
118
	}
119

    
120
	$exp_name = urlencode("{$a_cert[$id]['name']}.key");
121
	$exp_data = base64_decode($a_cert[$id]['prv']);
122
	$exp_size = strlen($exp_data);
123

    
124
	header("Content-Type: application/octet-stream");
125
	header("Content-Disposition: attachment; filename={$exp_name}");
126
	header("Content-Length: $exp_size");
127
	echo $exp_data;
128
	exit;
129
}
130

    
131
if ($act == "csr") {
132

    
133
	if (!$a_cert[$id]) {
134
		pfSenseHeader("system_certmanager.php");
135
		exit;
136
	}
137

    
138
	$pconfig['name'] = $a_cert[$id]['name'];
139
	$pconfig['csr'] = base64_decode($a_cert[$id]['csr']);
140
}
141

    
142
if ($_POST) {
143

    
144
	if ($_POST['save'] == gettext("Save")) {
145

    
146
		unset($input_errors);
147
		$pconfig = $_POST;
148

    
149
		/* input validation */
150
		if ($pconfig['method'] == "existing") {
151
			$reqdfields = explode(" ",
152
					"name cert key");
153
			$reqdfieldsn = array(
154
					gettext("Descriptive name"),
155
					gettext("Certificate data"),
156
					gettext("Key data"));
157
		}
158

    
159
		if ($pconfig['method'] == "internal") {
160
			$reqdfields = explode(" ",
161
					"name caref keylen lifetime dn_country dn_state dn_city ".
162
					"dn_organization dn_email dn_commonname");
163
			$reqdfieldsn = array(
164
					gettext("Descriptive name"),
165
					gettext("Certificate authority"),
166
					gettext("Key length"),
167
					gettext("Lifetime"),
168
					gettext("Distinguished name Country Code"),
169
					gettext("Distinguished name State or Province"),
170
					gettext("Distinguished name City"),
171
					gettext("Distinguished name Organization"),
172
					gettext("Distinguished name Email Address"),
173
					gettext("Distinguished name Common Name"));
174
		}
175

    
176
		if ($pconfig['method'] == "external") {
177
			$reqdfields = explode(" ",
178
					"name csr_keylen csr_dn_country csr_dn_state csr_dn_city ".
179
					"csr_dn_organization csr_dn_email csr_dn_commonname");
180
			$reqdfieldsn = array(
181
					gettext("Descriptive name"),
182
					gettext("Key length"),
183
					gettext("Distinguished name Country Code"),
184
					gettext("Distinguished name State or Province"),
185
					gettext("Distinguished name City"),
186
					gettext("Distinguished name Organization"),
187
					gettext("Distinguished name Email Address"),
188
					gettext("Distinguished name Common Name"));
189
		}
190

    
191
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
192

    
193
		/* if this is an AJAX caller then handle via JSON */
194
		if (isAjax() && is_array($input_errors)) {
195
			input_errors2Ajax($input_errors);
196
			exit;
197
		}
198

    
199
		/* save modifications */
200
		if (!$input_errors) {
201

    
202
			$cert = array();
203
			$cert['refid'] = uniqid();
204
			if (isset($id) && $a_cert[$id])
205
				$cert = $a_cert[$id];
206

    
207
		    $cert['name'] = $pconfig['name'];
208

    
209
			if ($pconfig['method'] == "existing")
210
				cert_import($cert, $pconfig['cert'], $pconfig['key']);
211

    
212
			if ($pconfig['method'] == "internal") {
213
				$dn = array(
214
					'countryName' => $pconfig['dn_country'],
215
					'stateOrProvinceName' => $pconfig['dn_state'],
216
					'localityName' => $pconfig['dn_city'],
217
					'organizationName' => $pconfig['dn_organization'],
218
					'emailAddress' => $pconfig['dn_email'],
219
					'commonName' => $pconfig['dn_commonname']);
220

    
221
				cert_create($cert, $pconfig['caref'], $pconfig['keylen'],
222
					$pconfig['lifetime'], $dn);
223
			}
224

    
225
			if ($pconfig['method'] == "external") {
226
				$dn = array(
227
					'countryName' => $pconfig['csr_dn_country'],
228
					'stateOrProvinceName' => $pconfig['csr_dn_state'],
229
					'localityName' => $pconfig['csr_dn_city'],
230
					'organizationName' => $pconfig['csr_dn_organization'],
231
					'emailAddress' => $pconfig['csr_dn_email'],
232
					'commonName' => $pconfig['csr_dn_commonname']);
233

    
234
				csr_generate($cert, $pconfig['csr_keylen'], $dn);
235
			}
236

    
237
			if (isset($id) && $a_cert[$id])
238
				$a_cert[$id] = $cert;
239
			else
240
				$a_cert[] = $cert;
241

    
242
			write_config();
243

    
244
//			pfSenseHeader("system_certmanager.php");
245
		}
246
	}
247

    
248
	if ($_POST['save'] == gettext("Update")) {
249
		unset($input_errors);
250
		$pconfig = $_POST;
251

    
252
		/* input validation */
253
		$reqdfields = explode(" ", "name cert");
254
		$reqdfieldsn = array(
255
			gettext("Descriptive name"),
256
			gettext("Final Certificate data"));
257

    
258
		do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
259

    
260
		/* make sure this csr and certificate subjects match */
261
		$subj_csr = csr_get_subject($pconfig['csr'], false);
262
		$subj_cert = cert_get_subject($pconfig['cert'], false);
263

    
264
		if (strcmp($subj_csr,$subj_cert))
265
			$input_errors[] = sprintf(gettext("The certificate subject '%s' does not match the signing request subject."),$subj_cert);
266

    
267
		/* if this is an AJAX caller then handle via JSON */
268
		if (isAjax() && is_array($input_errors)) {
269
			input_errors2Ajax($input_errors);
270
			exit;
271
		}
272

    
273
		/* save modifications */
274
		if (!$input_errors) {
275

    
276
			$cert = $a_cert[$id];
277

    
278
			$cert['name'] = $pconfig['name'];
279

    
280
			csr_complete($cert, $pconfig['cert']);
281

    
282
			$a_cert[$id] = $cert;
283

    
284
			write_config();
285

    
286
			pfSenseHeader("system_certmanager.php");
287
		}
288
	}
289
}
290

    
291
include("head.inc");
292
?>
293

    
294
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
295
<?php include("fbegin.inc"); ?>
296
<script type="text/javascript">
297
<!--
298

    
299
function method_change() {
300

    
301
<?php
302
	if ($internal_ca_count)
303
		$submit_style = "";
304
	else
305
		$submit_style = "none";
306
?>
307

    
308
	method = document.iform.method.selectedIndex;
309

    
310
	switch (method) {
311
		case 0:
312
			document.getElementById("existing").style.display="";
313
			document.getElementById("internal").style.display="none";
314
			document.getElementById("external").style.display="none";
315
			document.getElementById("submit").style.display="";
316
			break;
317
		case 1:
318
			document.getElementById("existing").style.display="none";
319
			document.getElementById("internal").style.display="";
320
			document.getElementById("external").style.display="none";
321
			document.getElementById("submit").style.display="<?=$submit_style;?>";
322
			break;
323
		case 2:
324
			document.getElementById("existing").style.display="none";
325
			document.getElementById("internal").style.display="none";
326
			document.getElementById("external").style.display="";
327
			document.getElementById("submit").style.display="";
328
			break;
329
	}
330
}
331

    
332
<?php if ($internal_ca_count): ?>
333
function internalca_change() {
334

    
335
	index = document.iform.caref.selectedIndex;
336
	caref = document.iform.caref[index].value;
337

    
338
	switch (caref) {
339
<?php
340
		foreach ($a_ca as $ca):
341
			if (!$ca['prv'])
342
				continue;
343
			$subject = cert_get_subject_array($ca['crt']);
344
?>
345
		case "<?=$ca['refid'];?>":
346
			document.iform.dn_country.value = "<?=$subject[0]['v'];?>";
347
			document.iform.dn_state.value = "<?=$subject[1]['v'];?>";
348
			document.iform.dn_city.value = "<?=$subject[2]['v'];?>";
349
			document.iform.dn_organization.value = "<?=$subject[3]['v'];?>";
350
			break;
351
<?php	endforeach; ?>
352
	}
353
}
354
<?php endif; ?>
355

    
356
//-->
357
</script>
358
<?php
359
	if ($input_errors)
360
		print_input_errors($input_errors);
361
	if ($savemsg)
362
		print_info_box($savemsg);
363
?>
364
<table width="100%" border="0" cellpadding="0" cellspacing="0">
365
	<tr>
366
		<td class="tabnavtbl">
367
		<?php
368
			$tab_array = array();
369
			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
370
			$tab_array[] = array(gettext("Certificates"), true, "system_certmanager.php");
371
			display_top_tabs($tab_array);
372
		?>
373
		</td>
374
	</tr>
375
	<tr>
376
		<td id="mainarea">
377
			<div class="tabcont">
378

    
379
				<?php if ($act == "new" || (($_POST['save'] == gettext("Save")) && $input_errors)): ?>
380

    
381
				<form action="system_certmanager.php" method="post" name="iform" id="iform">
382
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
383
						<tr>
384
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
385
							<td width="78%" class="vtable">
386
								<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
387
							</td>
388
						</tr>
389
						<?php if (!isset($id)): ?>
390
						<tr>
391
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
392
							<td width="78%" class="vtable">
393
								<select name='method' id='method' class="formselect" onchange='method_change()'>
394
								<?php
395
									foreach($cert_methods as $method => $desc):
396
									$selected = "";
397
									if ($pconfig['method'] == $method)
398
										$selected = "selected";
399
								?>
400
									<option value="<?=$method;?>"<?=$selected;?>><?=$desc;?></option>
401
								<?php endforeach; ?>
402
								</select>
403
							</td>
404
						</tr>
405
						<?php endif; ?>
406
					</table>
407

    
408
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing">
409
						<tr>
410
							<td colspan="2" class="list" height="12"></td>
411
						</tr>
412
						<tr>
413
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate");?></td>
414
						</tr>
415

    
416
						<tr>
417
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td>
418
							<td width="78%" class="vtable">
419
								<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea>
420
								<br>
421
									<?=gettext("Paste a certificate in X.509 PEM format here.");?></td>
422
							</td>
423
						</tr>
424
						<tr>
425
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Private key data");?></td>
426
							<td width="78%" class="vtable">
427
								<textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea>
428
								<br>
429
								<?=gettext("Paste a private key in X.509 PEM format here.");?></td>
430
							</td>
431
						</tr>
432
					</table>
433

    
434
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal">
435
						<tr>
436
							<td colspan="2" class="list" height="12"></td>
437
						</tr>
438
						<tr>
439
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate");?></td>
440
						</tr>
441

    
442
						<?php if (!$internal_ca_count): ?>
443

    
444
						<tr>
445
							<td colspan="2" align="center" class="vtable">
446
								<?=gettext("No internal Certificate Authorities have been defined. You must");?>
447
								<a href="system_camanager.php?act=new&method=internal"><?=gettext("create");?></a>
448
								<?=gettext("an internal CA before creating an internal certificate.");?>
449
							</td>
450
						</tr>
451

    
452
						<?php else: ?>
453

    
454
						<tr>
455
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate authority");?></td>
456
							<td width="78%" class="vtable">
457
								<select name='caref' id='caref' class="formselect" onChange='internalca_change()'>
458
								<?php
459
									foreach( $a_ca as $ca):
460
									if (!$ca['prv'])
461
										continue;
462
									$selected = "";
463
									if ($pconfig['caref'] == $ca['refid'])
464
										$selected = "selected";
465
								?>
466
									<option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['name'];?></option>
467
								<?php endforeach; ?>
468
								</select>
469
							</td>
470
						</tr>
471
						<tr>
472
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
473
							<td width="78%" class="vtable">
474
								<select name='keylen' class="formselect">
475
								<?php
476
									foreach( $cert_keylens as $len):
477
									$selected = "";
478
									if ($pconfig['keylen'] == $len)
479
										$selected = "selected";
480
								?>
481
									<option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option>
482
								<?php endforeach; ?>
483
								</select>
484
								<?=gettext("bits");?>
485
							</td>
486
						</tr>
487
						<tr>
488
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
489
							<td width="78%" class="vtable">
490
								<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
491
								<?=gettext("days");?>
492
							</td>
493
						</tr>
494
						<tr>
495
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
496
							<td width="78%" class="vtable">
497
								<table border="0" cellspacing="0" cellpadding="2">
498
									<tr>
499
										<td align="right"><?=gettext("Country Code");?> : &nbsp;</td>
500
										<td align="left">
501
											<input name="dn_country" type="text" class="formfld unknown" maxlength="2" size="2" value="<?=htmlspecialchars($pconfig['dn_country']);?>" readonly/>
502
										</td>
503
									</tr>
504
									<tr>
505
										<td align="right"><?=gettext("State or Province");?> : &nbsp;</td>
506
										<td align="left">
507
											<input name="dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_state']);?>" readonly/>
508
										</td>
509
									</tr>
510
									<tr>
511
										<td align="right"><?=gettext("City");?> : &nbsp;</td>
512
										<td align="left">
513
											<input name="dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_city']);?>" readonly/>
514
										</td>
515
									</tr>
516
									<tr>
517
										<td align="right"><?=gettext("Organization");?> : &nbsp;</td>
518
										<td align="left">
519
											<input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['dn_organization']);?>" readonly/>
520
										</td>
521
									</tr>
522
									<tr>
523
										<td align="right"><?=gettext("Email Address");?> : &nbsp;</td>
524
										<td align="left">
525
											<input name="dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_email']);?>"/>
526
											&nbsp;
527
											<em>ex:</em>
528
											&nbsp;
529
											<?=gettext("webadmin@mycompany.com");?>
530
										</td>
531
									</tr>
532
									<tr>
533
										<td align="right"><?=gettext("Common Name");?> : &nbsp;</td>
534
										<td align="left">
535
											<input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['dn_commonname']);?>"/>
536
											&nbsp;
537
											<em>ex:</em>
538
											&nbsp;
539
											<?=gettext("www.example.com");?>
540
										</td>
541
									</tr>
542
								</table>
543
							</td>
544
						</tr>
545

    
546
					<?php endif; ?>
547

    
548
					</table>
549

    
550
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="external">
551
						<tr>
552
							<td colspan="2" class="list" height="12"></td>
553
						</tr>
554
						<tr>
555
							<td colspan="2" valign="top" class="listtopic"><?=gettext("External Signing Request");?></td>
556
						</tr>
557
						<tr>
558
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
559
							<td width="78%" class="vtable">
560
								<select name='csr_keylen' class="formselect">
561
								<?php
562
									foreach( $cert_keylens as $len):
563
									$selected = "";
564
									if ($pconfig['keylen'] == $len)
565
										$selected = "selected";
566
								?>
567
									<option value="<?=$len;?>"<?=$selected;?>><?=$len;?></option>
568
								<?php endforeach; ?>
569
								</select>
570
								bits
571
							</td>
572
						</tr>
573
						<tr>
574
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
575
							<td width="78%" class="vtable">
576
								<table border="0" cellspacing="0" cellpadding="2">
577
									<tr>
578
										<td align="right"><?=gettext("Country Code");?> : &nbsp;</td>
579
										<td align="left">
580
											<input name="csr_dn_country" type="text" class="formfld unknown" size="2" value="<?=htmlspecialchars($pconfig['csr_dn_country']);?>" />
581
											&nbsp;
582
											<em>ex:</em>
583
											&nbsp;
584
											US
585
											&nbsp;
586
											<em><?=gettext("( two letters )");?></em>
587
										</td>
588
									</tr>
589
									<tr>
590
										<td align="right"><?=gettext("State or Province");?> : &nbsp;</td>
591
										<td align="left">
592
											<input name="csr_dn_state" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_state']);?>" />
593
											&nbsp;
594
											<em>ex:</em>
595
											&nbsp;
596
											<?=gettext("Texas");?>
597
										</td>
598
									</tr>
599
									<tr>
600
										<td align="right"><?=gettext("City");?> : &nbsp;</td>
601
										<td align="left">
602
											<input name="csr_dn_city" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_city']);?>" />
603
											&nbsp;
604
											<em>ex:</em>
605
											&nbsp;
606
											<?=gettext("Austin");?>
607
										</td>
608
									</tr>
609
									<tr>
610
										<td align="right"><?=gettext("Organization");?> : &nbsp;</td>
611
										<td align="left">
612
											<input name="csr_dn_organization" type="text" class="formfld unknown" size="40" value="<?=htmlspecialchars($pconfig['csr_dn_organization']);?>" />
613
											&nbsp;
614
											<em>ex:</em>
615
											&nbsp;
616
											<?=gettext("My Company Inc.");?>
617
										</td>
618
									</tr>
619
									<tr>
620
										<td align="right"><?=gettext("Email Address");?> : &nbsp;</td>
621
										<td align="left">
622
											<input name="csr_dn_email" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_email']);?>"/>
623
											&nbsp;
624
											<em>ex:</em>
625
											&nbsp;
626
											<?=gettext("webadmin@mycompany.com");?>
627
										</td>
628
									</tr>
629
									<tr>
630
										<td align="right"><?=gettext("Common Name");?> : &nbsp;</td>
631
										<td align="left">
632
											<input name="csr_dn_commonname" type="text" class="formfld unknown" size="25" value="<?=htmlspecialchars($pconfig['csr_dn_commonname']);?>"/>
633
											&nbsp;
634
											<em>ex:</em>
635
											&nbsp;
636
											<?=gettext("www.example.com");?>
637
										</td>
638
									</tr>
639
								</table>
640
							</td>
641
						</tr>
642
					</table>
643

    
644
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
645
						<tr>
646
							<td width="22%" valign="top">&nbsp;</td>
647
							<td width="78%">
648
								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save");?>" />
649
								<?php if (isset($id) && $a_cert[$id]): ?>
650
								<input name="id" type="hidden" value="<?=$id;?>" />
651
								<?php endif;?>
652
							</td>
653
						</tr>
654
					</table>
655
				</form>
656

    
657
				<?php elseif ($act == "csr" || (($_POST['save'] == gettext("Update")) && $input_errors)):?>
658

    
659
				<form action="system_certmanager.php" method="post" name="iform" id="iform">
660
					<table width="100%" border="0" cellpadding="6" cellspacing="0">
661
						<tr>
662
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
663
							<td width="78%" class="vtable">
664
								<input name="name" type="text" class="formfld unknown" id="name" size="20" value="<?=htmlspecialchars($pconfig['name']);?>"/>
665
							</td>
666
						</tr>
667
						<tr>
668
							<td colspan="2" class="list" height="12"></td>
669
						</tr>
670
						<tr>
671
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Complete Signing Request");?></td>
672
						</tr>
673

    
674
						<tr>
675
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Request data");?></td>
676
							<td width="78%" class="vtable">
677
								<textarea name="csr" id="csr" cols="65" rows="7" class="formfld_cert" readonly><?=$pconfig['csr'];?></textarea>
678
								<br>
679
								<?=gettext("Copy the certificate signing data from here and forward it to your certificate authority for signing.");?></td>
680
							</td>
681
						</tr>
682
						<tr>
683
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Final Certificate data");?></td>
684
							<td width="78%" class="vtable">
685
								<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?=$pconfig['cert'];?></textarea>
686
								<br>
687
								<?=gettext("Paste the certificate received from your cerificate authority here.");?></td>
688
							</td>
689
						</tr>
690
						<tr>
691
							<td width="22%" valign="top">&nbsp;</td>
692
							<td width="78%">
693
								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Update");?>" />
694
								<?php if (isset($id) && $a_cert[$id]): ?>
695
								<input name="id" type="hidden" value="<?=$id;?>" />
696
								<input name="act" type="hidden" value="csr" />
697
								<?php endif;?>
698
							</td>
699
						</tr>
700
					</table>
701
				</form>
702

    
703
				<?php else:?>
704

    
705
				<table width="100%" border="0" cellpadding="0" cellspacing="0">
706
					<tr>
707
						<td width="20%" class="listhdrr"><?=gettext("Name");?></td>
708
						<td width="20%" class="listhdrr"><?=gettext("Issuer");?></td>
709
						<td width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></td>
710
						<td width="10%" class="list"></td>
711
					</tr>
712
					<?php
713
						$i = 0;
714
						foreach($a_cert as $cert):
715
							$name = htmlspecialchars($cert['name']);
716

    
717
							if ($cert['crt']) {
718
								$subj = cert_get_subject($cert['crt']);
719
								$issuer = cert_get_issuer($cert['crt']);
720
								if($subj==$issuer)
721
								  $caname = "<em>" . gettext("self-signed") . "</em>";
722
								else
723
							    $caname = "<em>" . gettext("external"). "</em>";
724
							  $subj = htmlspecialchars($subj);
725
							}
726

    
727
							if ($cert['csr']) {
728
								$subj = htmlspecialchars(csr_get_subject($cert['csr']));
729
								$caname = "<em>" . gettext("external - signature pending") . "</em>";
730
							}
731

    
732
							$ca = lookup_ca($cert['caref']);
733
							if ($ca)
734
								$caname = $ca['name'];
735

    
736
							if($cert['prv'])
737
								$certimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
738
							else
739
								$certimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
740
					?>
741
					<tr>
742
						<td class="listlr">
743
							<table border="0" cellpadding="0" cellspacing="0">
744
								<tr>
745
									<td align="left" valign="center">
746
										<img src="<?=$certimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
747
									</td>
748
									<td align="left" valign="middle">
749
										<?=$name;?>
750
									</td>
751
								</tr>
752
							</table>
753
						</td>
754
						<td class="listr"><?=$caname;?>&nbsp;</td>
755
						<td class="listr"><?=$subj;?>&nbsp;</td>
756
						<td valign="middle" nowrap class="list">
757
							<a href="system_certmanager.php?act=exp&id=<?=$i;?>")">
758
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export cert");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" />
759
							</a>
760
							<a href="system_certmanager.php?act=key&id=<?=$i;?>")">
761
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export key");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" />
762
							</a>
763
							<a href="system_certmanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate?");?>')">
764
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete cert");?>" alt="<?=gettext("delete cert");?>" width="17" height="17" border="0" />
765
							</a>
766
							<?php	if ($cert['csr']): ?>
767
							&nbsp;
768
								<a href="system_certmanager.php?act=csr&id=<?=$i;?>">
769
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("update csr");?>" alt="<?=gettext("update csr");?>" width="17" height="17" border="0" />
770
							</a>
771
							<?php	endif; ?>
772
						</td>
773
					</tr>
774
					<?php
775
							$i++;
776
						endforeach;
777
					?>
778
					<tr>
779
						<td class="list" colspan="3"></td>
780
						<td class="list">
781
							<a href="system_certmanager.php?act=new">
782
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?=gettext("add or import ca");?>" alt="<?=gettext("add ca");?>" width="17" height="17" border="0" />
783
							</a>
784
						</td>
785
					</tr>
786
				</table>
787

    
788
				<?php endif; ?>
789

    
790
			</div>
791
		</td>
792
	</tr>
793
</table>
794
<?php include("fend.inc");?>
795
<script type="text/javascript">
796
<!--
797

    
798
method_change();
799
internalca_change();
800

    
801
//-->
802
</script>
803

    
804
</body>
(180-180/221)