generated from smedev/Template-for-SMEServer-Contribs-Package
Jean-Philippe Pialasse
245e1bcd0b
phpki-0.82.bz10622.fixphpwarnings.patch phpki-0.82-empty_pass_php_5.2.patch phpki-0.82-remove_email_from_upload_file_name.patch phpki-0.82-ca_admin_users.patch phpki-0.82-expirey.patch phpki-0.82-remove_security_warning.patch phpki-0.82-ca_help.patch phpki-0.82-fix-dates-2.patch phpki-0.82-sme_admin_user.patch phpki-0.82-disable_download_after_create.patch phpki-0.82-fix-dates-3.patch phpki-0.82-sme_openvpn_bridge_compat.patch phpki-0.82-display_root_pem.patch phpki-0.82-fix-dates.patch phpki-0.82-update_crl_via_cron.patch phpki-0.82-dl_crl_in_pem.patch phpki-0.82-fix-preg_match.patch phpki-0.82-use_sha1.patch phpki-0.82-dl_display_ta_dh.patch phpki-0.82-openvpn_static_key.patch phpki-0.82-email_signing.patch phpki-0.82-potential_xss_php_self.patch
163 lines
6.1 KiB
PHP
163 lines
6.1 KiB
PHP
<?php
|
|
|
|
include("../config.php");
|
|
include(STORE_DIR.'/config/config.php');
|
|
include("../include/my_functions.php");
|
|
include("../include/common.php") ;
|
|
include("../include/openssl_functions.php");
|
|
|
|
$stage = gpvar('stage');
|
|
|
|
switch($stage) {
|
|
|
|
case 'dl_takey':
|
|
upload("$config[private_dir]/takey.pem", "$config[ca_prefix]takey.pem", 'application/octet-stream');
|
|
break;
|
|
|
|
case 'dl_dhparam':
|
|
upload("$config[private_dir]/dhparam1024.pem", "$config[ca_prefix]dhparam1024.pem", 'application/octet-stream');
|
|
break;
|
|
|
|
case 'dl_root':
|
|
upload("$config[cacert_pem]", "$config[ca_prefix]cacert.crt", 'application/x-x509-ca-cert');
|
|
break;
|
|
|
|
case 'dl_crl':
|
|
upload("$config[cacrl_der]", "$config[ca_prefix]cacrl.crl", 'application/pkix-crl');
|
|
break;
|
|
|
|
case 'dl_crl_pem':
|
|
upload("$config[cacrl_pem]", "$config[ca_prefix]cacrl.crl", 'application/octet-stream');
|
|
break;
|
|
|
|
case 'gen_crl':
|
|
list($ret,$errtxt) = CA_generate_crl();
|
|
|
|
printHeader(false);
|
|
|
|
if ($ret) {
|
|
?>
|
|
<center><h2>Certificate Revocation List Updated</h2></center>
|
|
<p>
|
|
<form action=<?=$PHP_SELF?> method=post>
|
|
<input type=submit name=submit value="Back to Menu">
|
|
</form>
|
|
<?
|
|
print '<pre>'.CA_crl_text().'</pre>';
|
|
}
|
|
else {
|
|
?>
|
|
<font color=#ff0000>
|
|
<h2>There was an error updating the Certificate Revocation List.</h2></font><br>
|
|
<blockquote>
|
|
<h3>Debug Info:</h3>
|
|
<pre><?=$errtxt?></pre>
|
|
</blockquote>
|
|
<form action=<?=$PHP_SELF?> method=post>
|
|
<p>
|
|
<input type=submit name=submit value="Back to Menu">
|
|
<p>
|
|
</form>
|
|
<?
|
|
}
|
|
break;
|
|
|
|
case 'display_takey':
|
|
printHeader(false);
|
|
|
|
?>
|
|
<center><h2>OpenVPN pre-shared Key</h2></center>
|
|
<p>
|
|
<form action=<?=$PHP_SELF?> method=post>
|
|
<input type=submit name=submit value="Back to Menu">
|
|
</form>
|
|
<?
|
|
print '<pre>'.ta_key_text().'</pre>';
|
|
break;
|
|
|
|
case 'display_dhparam':
|
|
printHeader(false);
|
|
|
|
?>
|
|
<center><h2>OpenVPN Diffie-Helman parameters</h2></center>
|
|
<p>
|
|
<form action=<?=$PHP_SELF?> method=post>
|
|
<input type=submit name=submit value="Back to Menu">
|
|
</form>
|
|
<?
|
|
print '<pre>'.dhparam_text().'</pre>';
|
|
break;
|
|
|
|
case 'display_root_pem':
|
|
printHeader(false);
|
|
|
|
?>
|
|
<center><h2>Root certificate file (PEM Encoded)</h2></center>
|
|
<p>
|
|
<form action=<?=$PHP_SELF?> method=post>
|
|
<input type=submit name=submit value="Back to Menu">
|
|
</form>
|
|
<?
|
|
print '<pre>'.root_pem_text().'</pre>';
|
|
break;
|
|
|
|
|
|
default:
|
|
printHeader('ca');
|
|
?>
|
|
<br>
|
|
<br>
|
|
<center>
|
|
<table class=menu width=600><th class=menu colspan=2><big>CERTIFICATE MANAGEMENT MENU</big></th>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;" width=33%>
|
|
<a href=request_cert.php>Create a New Certificate</a></td>
|
|
<td>Use the <strong><cite>Certificate Request Form</cite></strong> to create and download new digital certificates.
|
|
You may create certificates in succession without re-entering the entire form
|
|
by clicking the "<strong>Go Back</strong>" button after each certificate is created.</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=manage_certs.php>Manage Certificates</a></td>
|
|
<td>Conveniently view, download, revoke, and renew your existing certificates using the
|
|
<strong><cite>Certificate Management Control Panel</cite></strong>.</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=<?=$PHP_SELF?>?stage=gen_crl>Update & View the Certificate Revocation List</a></td>
|
|
<td>Some applications automagically reference the Certificate Revocation List to determine
|
|
certificate validity. It is not necessary to perform this update function, as the CRL is
|
|
updated when certificates are revoked. However, doing so is harmless.
|
|
<a href=../ca/help.php target=_help>Read the online help</a> to learn more about this.</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=<?=$PHP_SELF?>?stage=dl_root>Download the Root Certificate</a><br><br>
|
|
<a href=<?=$PHP_SELF?>?stage=display_root_pem>Display the Root Certificate (PEM Encoded)</a></td>
|
|
<td>The "Root" certificate must be installed before using any of the
|
|
certificates issued here. <a href=../ca/help.php target=_help>Read the online help</a>
|
|
to learn more about this.</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=<?=$PHP_SELF?>?stage=dl_crl>Download the Certificate Revocation List</a></td>
|
|
<td>This is the official list of revoked certificates. Using this list with your e-mail or
|
|
browser application is optional. Some applications will automagically reference this list.
|
|
(<a href="<?=$PHP_SELF?>?stage=dl_crl_pem">Some will need it in PEM format.</a>)</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=<?=$PHP_SELF?>?stage=dl_takey>Download the static pre-shared key</a><br><br>
|
|
<a href=<?=$PHP_SELF?>?stage=display_takey>Display the static pre-shared key</a></td>
|
|
<td>This key can be used with OpenVPN as a standalone auth mecanism, or as an additionnal TLS authentication.</td></tr>
|
|
|
|
<tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
|
|
<a href=<?=$PHP_SELF?>?stage=dl_dhparam>Download the Diffie-Hellman parameters</a><br><br>
|
|
<a href=<?=$PHP_SELF?>?stage=display_dhparam>Display the Diffie-Hellman parameters</a></td>
|
|
<td>This file is used by OpenVPN for the hand-shake. The Diffie-Hellman key agreement
|
|
protocol enables two communication partners to exchange a secret key safely.</td></tr>
|
|
|
|
</table>
|
|
</center>
|
|
<br><br>
|
|
<?
|
|
printFooter();
|
|
}
|
|
|
|
?>
|