From 44be2519fb50c21760ecc2c68cfe00efd2425b77 Mon Sep 17 00:00:00 2001 From: majestick Date: Sun, 21 Jul 2013 11:35:17 +0200 Subject: [PATCH] added alt_names added alt_names for ssl server certificates. --- ca/request_cert.php | 61 +++++++++++++++++++++++++++++++++------------ 1 file changed, 45 insertions(+), 16 deletions(-) diff --git a/ca/request_cert.php b/ca/request_cert.php index 5e2d1b5..03aeb5d 100644 --- a/ca/request_cert.php +++ b/ca/request_cert.php @@ -25,7 +25,8 @@ $passwdv = gpvar('passwdv'); $expiry = gpvar('expiry'); $keysize = gpvar('keysize'); $cert_type = gpvar('cert_type'); - +$dns_names = gpvar('dns_names'); +$ip_addr = gpvar('ip_addr'); # To repopulate form after error. $hidden_fields = ' @@ -41,6 +42,8 @@ $hidden_fields = ' + + '; @@ -72,10 +75,21 @@ case 'validate': if ( $email && ! is_email($email) ) $er .= 'E-mail address ('. htvar($email) . ') may be invalid.
'; + $ip_ar=explode("\n", $ip_addr); + foreach ($ip_ar as $value){ + if ( $value && ! is_ip($value) ) + $er .= 'IP address ('. htvar($value) . ') may be invalid.
'; + } + + $dns_n=explode("\n", $dns_names); + foreach ($dns_n as $value){ + if ( $value && ! is_fqdn(trim($value)) ) + $er .= 'DNS Name ('. htvar($value) . ') may be invalid.
'; + } + if ( $er ) $er = '

ERROR(S) IN FORM:

' . $er . '

'; - if ($email && ($serial = CAdb_in($email,$common_name))) { $er = ''; $certtext = CA_cert_text($serial); @@ -119,6 +133,8 @@ case 'confirm': Certificate Life
Key Size
Certificate Use
+ IP Addresses
+ DNS Alt Names
@@ -133,6 +149,8 @@ case 'confirm': print htvar($expiry). ' Year'.($expiry == 1 ? '' : 's').'
'; print htvar($keysize). ' bits
'; print htvar($cert_type). '
'; + print htvar($dns_names). '
'; + print htvar($ip_addr). '
'; ?> @@ -168,7 +186,7 @@ case 'confirm': case 'final': if ($submit == "Yes! Create and Download") { if (! $serial = CAdb_in($email,$common_name)) { - list($ret,$errtxt) = CA_create_cert($cert_type,$country, $province, $locality, $organization, $unit, $common_name, $email, $expiry, $passwd, $keysize); + list($ret,$errtxt) = CA_create_cert($cert_type,$country, $province, $locality, $organization, $unit, $common_name, $email, $expiry, $passwd, $keysize,$dns_names,$ip_addr); if (! $ret) { printHeader(); @@ -227,6 +245,8 @@ default: if (! $expiry) $expiry = 1; if (! $keysize) $keysize = 1024; if (! $cert_type) $cert_type = 'email'; + if (! $dns_names) $dns_names = ""; + if (! $ip_addr) $ip_addr = ""; printHeader(); ?> @@ -236,44 +256,44 @@ default:

Certificate Request Form

- Common Name
(i.e. User real name or computer hostname) + Common Name*
(i.e. User real name or computer hostname) - E-mail Address + E-mail Address * - Organization (Company/Agency) + Organization (Company/Agency)* - Department/Unit + Department/Unit* - Locality (City/County) + Locality (City/County)* - State/Province + State/Province* - Country + Country* - Certificate Password + Certificate Password*    Again - Certificate Life + Certificate Life* - Certificate Use: - E-mail, SSL Client'; print ''; @@ -317,8 +338,16 @@ default: + + Alternative DNS Names
(only one per Line) + + + + IP's
(only one per Line) + + -
* All fields are required +
* Fields are required