1 |
brianr |
1.1 |
diff -urN smeserver-certificate-0.0.4.old/root/certificate.lex smeserver-certificate-0.0.4/root/certificate.lex |
2 |
|
|
--- smeserver-certificate-0.0.4.old/root/certificate.lex 1970-01-01 01:00:00.000000000 +0100 |
3 |
|
|
+++ smeserver-certificate-0.0.4/root/certificate.lex 2022-03-31 14:29:11.569660091 +0100 |
4 |
|
|
@@ -0,0 +1,56 @@ |
5 |
|
|
+'FORM_TITLE' => ' SSL certificates management', |
6 |
|
|
+Certificate' => |
7 |
|
|
+'Manage SSL certificates', |
8 |
|
|
+'DESC_SSL_CERTIFICAT_CONFIG_PAGE' => 'This panel is made to help the managing of SSL certificates if you need to use commercial Certificates by example.<br> |
9 |
|
|
+If you want to get back to the default SME Server certificates, simply blank all the contents and press save.<br> |
10 |
|
|
+In case of you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : <br><br> |
11 |
|
|
+<b>signal-event certificate-revert</b><br><br> |
12 |
|
|
+', |
13 |
|
|
+ERROR_OPEN_KEY' => |
14 |
|
|
+'Impossible to open the certificates', |
15 |
|
|
+'DESC_DOMAIN_CRT' => |
16 |
|
|
+'Paste Here the full certificate (server.crt)', |
17 |
|
|
+'LABEL_DOMAIN_CRT' => |
18 |
|
|
+'SSL certificate', |
19 |
|
|
+'DESC_DOMAIN_KEY' => |
20 |
|
|
+'Paste Here the full private key (server.key)', |
21 |
|
|
+ |
22 |
|
|
+'LABEL_DOMAIN_KEY' => |
23 |
|
|
+'SSL private Key', |
24 |
|
|
+'DESC_CERTIFICATE_CHAINFILE' => |
25 |
|
|
+'You may need the intermediate CA certificate as \'chain\' certificate in your clientssl profile. Paste here the full chain file', |
26 |
|
|
+'LABEL_CERTIFICATE_CHAINFILE' => |
27 |
|
|
+'SSL intermediate chain certificate', |
28 |
|
|
+ |
29 |
|
|
+'SUCCESS-CERT-WRITTEN' => |
30 |
|
|
+'Success - New Certificate details written', |
31 |
|
|
+'SUCCESS-CERT-DEFAULTED' => |
32 |
|
|
+'Success - Certificate reverted to self-signed', |
33 |
|
|
+'FORM_TITLE' => ' SSL certificates management', |
34 |
|
|
+Certificate' => |
35 |
|
|
+'Manage SSL certificates', |
36 |
|
|
+'DESC_SSL_CERTIFICAT_CONFIG_PAGE' => 'This panel is made to help the managing of SSL certificates if you need to use commercial Certificates by example.<br> |
37 |
|
|
+If you want to get back to the default SME Server certificates, simply blank all the contents and press save.<br> |
38 |
|
|
+In case of you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : <br><br> |
39 |
|
|
+<b>signal-event certificate-revert</b><br><br> |
40 |
|
|
+', |
41 |
|
|
+ERROR_OPEN_KEY' => |
42 |
|
|
+'Impossible to open the certificates', |
43 |
|
|
+'DESC_DOMAIN_CRT' => |
44 |
|
|
+'Paste Here the full certificate (server.crt)', |
45 |
|
|
+'LABEL_DOMAIN_CRT' => |
46 |
|
|
+'SSL certificate', |
47 |
|
|
+'DESC_DOMAIN_KEY' => |
48 |
|
|
+'Paste Here the full private key (server.key)', |
49 |
|
|
+ |
50 |
|
|
+'LABEL_DOMAIN_KEY' => |
51 |
|
|
+'SSL private Key', |
52 |
|
|
+'DESC_CERTIFICATE_CHAINFILE' => |
53 |
|
|
+'You may need the intermediate CA certificate as \'chain\' certificate in your clientssl profile. Paste here the full chain file', |
54 |
|
|
+'LABEL_CERTIFICATE_CHAINFILE' => |
55 |
|
|
+'SSL intermediate chain certificate', |
56 |
|
|
+ |
57 |
|
|
+'SUCCESS-CERT-WRITTEN' => |
58 |
|
|
+'Success - New Certificate details written', |
59 |
|
|
+'SUCCESS-CERT-DEFAULTED' => |
60 |
|
|
+'Success - Certificate reverted to self-signed', |
61 |
|
|
diff -urN smeserver-certificate-0.0.4.old/root/certificate.res smeserver-certificate-0.0.4/root/certificate.res |
62 |
|
|
--- smeserver-certificate-0.0.4.old/root/certificate.res 1970-01-01 01:00:00.000000000 +0100 |
63 |
|
|
+++ smeserver-certificate-0.0.4/root/certificate.res 2022-03-31 12:28:35.032909445 +0100 |
64 |
|
|
@@ -0,0 +1,69 @@ |
65 |
|
|
+<lexicon lang="en-us"> |
66 |
|
|
+ <entry> |
67 |
|
|
+ <base>FORM_TITLE</base> |
68 |
|
|
+ <trans> |
69 |
|
|
+ SSL certificates management |
70 |
|
|
+ </trans> |
71 |
|
|
+ </entry> |
72 |
|
|
+ <entry> |
73 |
|
|
+ <base>Certificate</base> |
74 |
|
|
+ <trans>Manage SSL certificates</trans> |
75 |
|
|
+ </entry> |
76 |
|
|
+ <entry> |
77 |
|
|
+ <base>DESC_SSL_CERTIFICAT_CONFIG_PAGE</base> |
78 |
|
|
+ <trans> |
79 |
|
|
+ <![CDATA[This panel is made to help the managing of SSL certificates if you need to use commercial Certificates by example.<br> |
80 |
|
|
+ If you want to get back to the default SME Server certificates, simply blank all the contents and press save.<br> |
81 |
|
|
+ In case of you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : <br><br> |
82 |
|
|
+ <b>signal-event certificate-revert</b><br><br>]]> |
83 |
|
|
+ |
84 |
|
|
+ </trans> |
85 |
|
|
+ </entry> |
86 |
|
|
+ |
87 |
|
|
+ <entry> |
88 |
|
|
+ <base>ERROR_OPEN_KEY</base> |
89 |
|
|
+ <trans>Impossible to open the certificates</trans> |
90 |
|
|
+ </entry> |
91 |
|
|
+ |
92 |
|
|
+ <entry> |
93 |
|
|
+ <base>DESC_DOMAIN_CRT</base> |
94 |
|
|
+ <trans>Paste Here the full certificate (server.crt)</trans> |
95 |
|
|
+ </entry> |
96 |
|
|
+ |
97 |
|
|
+ <entry> |
98 |
|
|
+ <base>LABEL_DOMAIN_CRT</base> |
99 |
|
|
+ <trans>SSL certificate</trans> |
100 |
|
|
+ </entry> |
101 |
|
|
+ |
102 |
|
|
+ <entry> |
103 |
|
|
+ <base>DESC_DOMAIN_KEY</base> |
104 |
|
|
+ <trans>Paste Here the full private key (server.key)</trans> |
105 |
|
|
+ </entry> |
106 |
|
|
+ |
107 |
|
|
+ <entry> |
108 |
|
|
+ <base>LABEL_DOMAIN_KEY</base> |
109 |
|
|
+ <trans>SSL private Key</trans> |
110 |
|
|
+ </entry> |
111 |
|
|
+ |
112 |
|
|
+ <entry> |
113 |
|
|
+ <base>DESC_CERTIFICATE_CHAINFILE</base> |
114 |
|
|
+ <trans>You may need the intermediate CA certificate as 'chain' certificate in your clientssl profile. Paste here the full chain file</trans> |
115 |
|
|
+ </entry> |
116 |
|
|
+ |
117 |
|
|
+ <entry> |
118 |
|
|
+ <base>LABEL_CERTIFICATE_CHAINFILE</base> |
119 |
|
|
+ <trans>SSL intermediate chain certificate</trans> |
120 |
|
|
+ </entry> |
121 |
|
|
+ |
122 |
|
|
+ <entry> |
123 |
|
|
+ <base>SUCCESS-CERT-WRITTEN</base> |
124 |
|
|
+ <trans>Success - New Certificate details written</trans> |
125 |
|
|
+ </entry> |
126 |
|
|
+ |
127 |
|
|
+ <entry> |
128 |
|
|
+ <base>SUCCESS-CERT-DEFAULTED</base> |
129 |
|
|
+ <trans>Success - Certificate reverted to self-signed</trans> |
130 |
|
|
+ </entry> |
131 |
|
|
+ |
132 |
|
|
+</lexicon> |
133 |
|
|
+ |
134 |
|
|
diff -urN smeserver-certificate-0.0.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Certificate.pm smeserver-certificate-0.0.4/root/usr/share/smanager/lib/SrvMngr/Controller/Certificate.pm |
135 |
|
|
--- smeserver-certificate-0.0.4.old/root/usr/share/smanager/lib/SrvMngr/Controller/Certificate.pm 1970-01-01 01:00:00.000000000 +0100 |
136 |
|
|
+++ smeserver-certificate-0.0.4/root/usr/share/smanager/lib/SrvMngr/Controller/Certificate.pm 2022-04-16 11:52:00.000000000 +0100 |
137 |
|
|
@@ -0,0 +1,222 @@ |
138 |
|
|
+package SrvMngr::Controller::Certificate; |
139 |
|
|
+ |
140 |
|
|
+#---------------------------------------------------------------------- |
141 |
|
|
+# heading : Configuration |
142 |
|
|
+# description : Certificate |
143 |
|
|
+# navigation : 6000 6750 |
144 |
|
|
+ |
145 |
|
|
+# name : Certificate, method : get, url : /certificate, ctlact : Certificate#main |
146 |
|
|
+# name : CertificateSave, method : post, url : /certificatesave, ctlact : Certificate#save |
147 |
|
|
+# |
148 |
|
|
+# routes : end |
149 |
|
|
+# |
150 |
|
|
+# |
151 |
|
|
+# Documentation: https://wiki.koozali.org/Certificatemanager |
152 |
|
|
+# |
153 |
|
|
+use strict; |
154 |
|
|
+use warnings; |
155 |
|
|
+use Mojo::Base 'Mojolicious::Controller'; |
156 |
|
|
+ |
157 |
|
|
+use constant FALSE => 0; |
158 |
|
|
+use constant TRUE => 1; |
159 |
|
|
+ |
160 |
|
|
+use Locale::gettext; |
161 |
|
|
+use SrvMngr::I18N; |
162 |
|
|
+use SrvMngr qw(theme_list init_session); |
163 |
|
|
+ |
164 |
|
|
+use Data::Dumper; |
165 |
|
|
+use esmith::util; |
166 |
|
|
+use esmith::HostsDB; |
167 |
|
|
+use esmith::AccountsDB; |
168 |
|
|
+use Net::Ping; |
169 |
|
|
+use esmith::util::network qw(:all); |
170 |
|
|
+use Socket qw( inet_aton ); |
171 |
|
|
+ |
172 |
|
|
+ |
173 |
|
|
+#our $adb = esmith::AccountsDB->open() or die("Unable to open accounts DB"); |
174 |
|
|
+ |
175 |
|
|
+my %certificate_data = (); |
176 |
|
|
+ |
177 |
|
|
+our $ssl_crt = '/home/e-smith/ssl.crt'; |
178 |
|
|
+our $ssl_key = '/home/e-smith/ssl.key'; |
179 |
|
|
+our $config_db = esmith::ConfigDB->open || die "Couldn't open ConfigDB\n"; |
180 |
|
|
+ |
181 |
|
|
+ |
182 |
|
|
+sub main { |
183 |
|
|
+ # |
184 |
|
|
+ # Initial page - full summary of parameters etc |
185 |
|
|
+ # Initial para from the Wiki. |
186 |
|
|
+ # |
187 |
|
|
+ my $c = shift; |
188 |
|
|
+ %certificate_data = (); |
189 |
|
|
+ read_pem($c); |
190 |
|
|
+ do_display($c); |
191 |
|
|
+} |
192 |
|
|
+ |
193 |
|
|
+sub do_display { |
194 |
|
|
+ # |
195 |
|
|
+ # Front parameters page |
196 |
|
|
+ # |
197 |
|
|
+ my $c = shift; |
198 |
|
|
+ $c->app->log->info( $c->log_req ); |
199 |
|
|
+ my $title = $c->l("FORM_TITLE"); |
200 |
|
|
+ my $modul = ''; |
201 |
|
|
+ my $trt = "SETTINGS"; |
202 |
|
|
+ our $db = esmith::ConfigDB->open() or die("Unable to open Configuration DB"); |
203 |
|
|
+ $certificate_data{trt} = $trt; |
204 |
|
|
+ $c->stash( title => $title, modul => $modul, certificate_data => \%certificate_data ); |
205 |
|
|
+ #die("here"); |
206 |
|
|
+ $c->render( template => 'certificate' ); |
207 |
|
|
+ |
208 |
|
|
+} |
209 |
|
|
+ |
210 |
|
|
+sub save{ |
211 |
|
|
+ # |
212 |
|
|
+ # Save Cert details or revert to default |
213 |
|
|
+ # |
214 |
|
|
+ my $c = shift; |
215 |
|
|
+ my $retmsg = write_pem($c); |
216 |
|
|
+ if (index($retmsg,"SUCCESS") != -1){$certificate_data{success} = $retmsg;} |
217 |
|
|
+ else {$certificate_data{error} = $retmsg;} |
218 |
|
|
+ read_pem($c); |
219 |
|
|
+ do_display($c); |
220 |
|
|
+} |
221 |
|
|
+ |
222 |
|
|
+ |
223 |
|
|
+sub read_pem{ |
224 |
|
|
+ # Read in cert stuff to shared data |
225 |
|
|
+ my $c = shift; |
226 |
|
|
+ my $dir = ''; |
227 |
|
|
+ my $ret; |
228 |
|
|
+ my $domain = $config_db->get_value('DomainName'); |
229 |
|
|
+ |
230 |
|
|
+ my $dir = $ssl_crt; |
231 |
|
|
+ my $pem = "$domain.crt"; |
232 |
|
|
+ $certificate_data{"domain.crt"} = get_pem_file($dir,$pem); |
233 |
|
|
+ |
234 |
|
|
+ $dir = $ssl_key; |
235 |
|
|
+ $pem = "$domain.crt"; |
236 |
|
|
+ $certificate_data{"domain.key"} = get_pem_file($dir,$pem); |
237 |
|
|
+ |
238 |
|
|
+ $dir = $ssl_crt; |
239 |
|
|
+ $pem = "chain.pem"; |
240 |
|
|
+ $certificate_data{"chain.pem"} = get_pem_file($dir,$pem); |
241 |
|
|
+ |
242 |
|
|
+ return "ok"; |
243 |
|
|
+} |
244 |
|
|
+ |
245 |
|
|
+sub get_pem_file{ |
246 |
|
|
+ my $dir = shift; |
247 |
|
|
+ my $pem = shift; |
248 |
|
|
+ my $ret; |
249 |
|
|
+ if (! open (PEM, "<$dir/$pem")){ |
250 |
|
|
+ #$fm->error('ERROR_OPEN_PEM','FIRST'); |
251 |
|
|
+ # Tell the user something bad has happened |
252 |
|
|
+ return ""; |
253 |
|
|
+ } |
254 |
|
|
+ while (<PEM>){ |
255 |
|
|
+ $ret .= $_; |
256 |
|
|
+ } |
257 |
|
|
+ close PEM; |
258 |
|
|
+ return $ret; |
259 |
|
|
+} |
260 |
|
|
+ |
261 |
|
|
+ |
262 |
|
|
+sub write_pem{ |
263 |
|
|
+ my $q = shift; |
264 |
|
|
+ my $domain = $config_db->get_value('DomainName')|| die "Couldn't open ConfigDB\n"; |
265 |
|
|
+ |
266 |
|
|
+ my $domain_crt = $q->param('ca_crt'); |
267 |
|
|
+ my $domain_key = $q->param('ca_key'); |
268 |
|
|
+ my $chain_crt = $q->param('chain_crt_file'); |
269 |
|
|
+ |
270 |
|
|
+ |
271 |
|
|
+if (($domain_crt eq '') && ($domain_key eq '')) |
272 |
|
|
+ { |
273 |
|
|
+ my $ssl_crt = '/home/e-smith/ssl.crt'; |
274 |
|
|
+ my $ssl_key = '/home/e-smith/ssl.key'; |
275 |
|
|
+ |
276 |
|
|
+ my $domain = $config_db->get_value('DomainName') || die "Couldn't open ConfigDB\n"; |
277 |
|
|
+ my $server = $config_db->get_value('SystemName') || die "Couldn't open ConfigDB\n"; |
278 |
|
|
+ |
279 |
|
|
+ my $crt_path = "$ssl_crt" . '/' . $domain . '.crt' || ''; |
280 |
|
|
+ my $key_path = "$ssl_key" . '/' . $domain . '.key' || ''; |
281 |
|
|
+ my $chain_path = "$ssl_crt" . '/chain.pem' || ''; |
282 |
|
|
+ |
283 |
|
|
+ #we return to the default certificate of sme and we remove the db entry CertificateChainFile |
284 |
|
|
+ system("/sbin/e-smith/db configuration delprop modSSL crt"); |
285 |
|
|
+ system("/sbin/e-smith/db configuration delprop modSSL key"); |
286 |
|
|
+ system("/sbin/e-smith/db configuration delprop modSSL CertificateChainFile"); |
287 |
|
|
+ |
288 |
|
|
+ system("/sbin/e-smith/expand-template /home/e-smith/ssl.pem/pem"); |
289 |
|
|
+ # system("/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf"); |
290 |
|
|
+ # system("/sbin/service httpd-e-smith restart"); |
291 |
|
|
+ # system("/sbin/e-smith/signal-event ldap-update"); |
292 |
|
|
+ # system("/sbin/e-smith/signal-event email-update"); |
293 |
|
|
+ |
294 |
|
|
+ system("/sbin/e-smith/signal-event ssl-update"); |
295 |
|
|
+ |
296 |
|
|
+ if (( -f $crt_path) && ( -f $key_path )) { |
297 |
|
|
+ system("/bin/rm $ssl_crt/$domain.crt"); |
298 |
|
|
+ system("/bin/rm $ssl_key/$domain.key"); |
299 |
|
|
+ system("/bin/rm $ssl_crt/chain.pem"); |
300 |
|
|
+ } |
301 |
|
|
+ return 'SUCCESS-CERT-DEFAULTED'; |
302 |
|
|
+ |
303 |
|
|
+ } |
304 |
|
|
+ |
305 |
|
|
+elsif (($domain_crt ne '') && ($domain_key ne '')) |
306 |
|
|
+ { |
307 |
|
|
+ if (! open (CRT, ">$ssl_crt/$domain.crt")){ |
308 |
|
|
+ #$fm->error('ERROR_OPEN_KEY','FIRST'); |
309 |
|
|
+ # Tell the user something bad has happened |
310 |
|
|
+ return 'ERROR_OPEN_KEY'; |
311 |
|
|
+ } |
312 |
|
|
+ print CRT $domain_crt; |
313 |
|
|
+ close CRT; |
314 |
|
|
+ |
315 |
|
|
+ if (! open (KEY, ">$ssl_key/$domain.key")){ |
316 |
|
|
+ #$fm->error('ERROR_OPEN_KEY','FIRST'); |
317 |
|
|
+ # Tell the user something bad has happened |
318 |
|
|
+ return 'ERROR_OPEN_KEY'; |
319 |
|
|
+ } |
320 |
|
|
+ print KEY $domain_key; |
321 |
|
|
+ close KEY; |
322 |
|
|
+ |
323 |
|
|
+ if (! open (CHAIN, ">$ssl_crt/chain.pem")){ |
324 |
|
|
+ #$fm->error('ERROR_OPEN_KEY','FIRST'); |
325 |
|
|
+ # Tell the user something bad has happened |
326 |
|
|
+ return 'ERROR_OPEN_KEY'; |
327 |
|
|
+ } |
328 |
|
|
+ print CHAIN $chain_crt; |
329 |
|
|
+ close CHAIN; |
330 |
|
|
+ |
331 |
|
|
+ # Restrict permissions on sensitive data |
332 |
|
|
+ esmith::util::chownFile("root", "root","$ssl_key/$domain.key"); |
333 |
|
|
+ esmith::util::chownFile("root", "root","$ssl_crt/$domain.crt"); |
334 |
|
|
+ chmod 0600, "$ssl_key/$domain.key"; |
335 |
|
|
+ chmod 0600, "$ssl_crt/$domain.crt"; |
336 |
|
|
+ |
337 |
|
|
+ #we load new certificates in db |
338 |
|
|
+ system("/sbin/e-smith/db configuration setprop modSSL crt $ssl_crt/$domain.crt"); |
339 |
|
|
+ system("/sbin/e-smith/db configuration setprop modSSL key $ssl_key/$domain.key"); |
340 |
|
|
+ |
341 |
|
|
+ #we look if the certificate chain file is not equal to nothing, if not we load in db |
342 |
|
|
+ if ($chain_crt ne '') { |
343 |
|
|
+ system("/sbin/e-smith/db configuration setprop modSSL CertificateChainFile /home/e-smith/ssl.crt/chain.pem"); |
344 |
|
|
+ } |
345 |
|
|
+ |
346 |
|
|
+ system("/sbin/e-smith/expand-template /home/e-smith/ssl.pem/pem"); |
347 |
|
|
+ # system("/sbin/e-smith/expand-template /etc/httpd/conf/httpd.conf"); |
348 |
|
|
+ # system("/sbin/service httpd-e-smith restart >/dev/null 2>&1"); |
349 |
|
|
+ # system("/sbin/service httpd-e-smith restart"); |
350 |
|
|
+ # system("/sbin/e-smith/signal-event ldap-update"); |
351 |
|
|
+ # system("/sbin/e-smith/signal-event email-update"); |
352 |
|
|
+ |
353 |
|
|
+ system("/sbin/e-smith/signal-event ssl-update"); |
354 |
|
|
+ |
355 |
|
|
+ return 'SUCCESS-CERT-WRITTEN'; |
356 |
|
|
+ } |
357 |
|
|
+} |
358 |
|
|
+ |
359 |
|
|
+1; |
360 |
|
|
diff -urN smeserver-certificate-0.0.4.old/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Certificate/certificate_en.lex smeserver-certificate-0.0.4/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Certificate/certificate_en.lex |
361 |
|
|
--- smeserver-certificate-0.0.4.old/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Certificate/certificate_en.lex 1970-01-01 01:00:00.000000000 +0100 |
362 |
|
|
+++ smeserver-certificate-0.0.4/root/usr/share/smanager/lib/SrvMngr/I18N/Modules/Certificate/certificate_en.lex 2022-03-31 14:29:11.000000000 +0100 |
363 |
|
|
@@ -0,0 +1,56 @@ |
364 |
|
|
+'FORM_TITLE' => ' SSL certificates management', |
365 |
|
|
+Certificate' => |
366 |
|
|
+'Manage SSL certificates', |
367 |
|
|
+'DESC_SSL_CERTIFICAT_CONFIG_PAGE' => 'This panel is made to help the managing of SSL certificates if you need to use commercial Certificates by example.<br> |
368 |
|
|
+If you want to get back to the default SME Server certificates, simply blank all the contents and press save.<br> |
369 |
|
|
+In case of you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : <br><br> |
370 |
|
|
+<b>signal-event certificate-revert</b><br><br> |
371 |
|
|
+', |
372 |
|
|
+ERROR_OPEN_KEY' => |
373 |
|
|
+'Impossible to open the certificates', |
374 |
|
|
+'DESC_DOMAIN_CRT' => |
375 |
|
|
+'Paste Here the full certificate (server.crt)', |
376 |
|
|
+'LABEL_DOMAIN_CRT' => |
377 |
|
|
+'SSL certificate', |
378 |
|
|
+'DESC_DOMAIN_KEY' => |
379 |
|
|
+'Paste Here the full private key (server.key)', |
380 |
|
|
+ |
381 |
|
|
+'LABEL_DOMAIN_KEY' => |
382 |
|
|
+'SSL private Key', |
383 |
|
|
+'DESC_CERTIFICATE_CHAINFILE' => |
384 |
|
|
+'You may need the intermediate CA certificate as \'chain\' certificate in your clientssl profile. Paste here the full chain file', |
385 |
|
|
+'LABEL_CERTIFICATE_CHAINFILE' => |
386 |
|
|
+'SSL intermediate chain certificate', |
387 |
|
|
+ |
388 |
|
|
+'SUCCESS-CERT-WRITTEN' => |
389 |
|
|
+'Success - New Certificate details written', |
390 |
|
|
+'SUCCESS-CERT-DEFAULTED' => |
391 |
|
|
+'Success - Certificate reverted to self-signed', |
392 |
|
|
+'FORM_TITLE' => ' SSL certificates management', |
393 |
|
|
+Certificate' => |
394 |
|
|
+'Manage SSL certificates', |
395 |
|
|
+'DESC_SSL_CERTIFICAT_CONFIG_PAGE' => 'This panel is made to help the managing of SSL certificates if you need to use commercial Certificates by example.<br> |
396 |
|
|
+If you want to get back to the default SME Server certificates, simply blank all the contents and press save.<br> |
397 |
|
|
+In case of you set wrong certificates, the server Web may crash. You will have to do a command line in a root Terminal to get back to the default certificate : <br><br> |
398 |
|
|
+<b>signal-event certificate-revert</b><br><br> |
399 |
|
|
+', |
400 |
|
|
+ERROR_OPEN_KEY' => |
401 |
|
|
+'Impossible to open the certificates', |
402 |
|
|
+'DESC_DOMAIN_CRT' => |
403 |
|
|
+'Paste Here the full certificate (server.crt)', |
404 |
|
|
+'LABEL_DOMAIN_CRT' => |
405 |
|
|
+'SSL certificate', |
406 |
|
|
+'DESC_DOMAIN_KEY' => |
407 |
|
|
+'Paste Here the full private key (server.key)', |
408 |
|
|
+ |
409 |
|
|
+'LABEL_DOMAIN_KEY' => |
410 |
|
|
+'SSL private Key', |
411 |
|
|
+'DESC_CERTIFICATE_CHAINFILE' => |
412 |
|
|
+'You may need the intermediate CA certificate as \'chain\' certificate in your clientssl profile. Paste here the full chain file', |
413 |
|
|
+'LABEL_CERTIFICATE_CHAINFILE' => |
414 |
|
|
+'SSL intermediate chain certificate', |
415 |
|
|
+ |
416 |
|
|
+'SUCCESS-CERT-WRITTEN' => |
417 |
|
|
+'Success - New Certificate details written', |
418 |
|
|
+'SUCCESS-CERT-DEFAULTED' => |
419 |
|
|
+'Success - Certificate reverted to self-signed', |
420 |
|
|
diff -urN smeserver-certificate-0.0.4.old/root/usr/share/smanager/themes/default/templates/certificate.html.ep smeserver-certificate-0.0.4/root/usr/share/smanager/themes/default/templates/certificate.html.ep |
421 |
|
|
--- smeserver-certificate-0.0.4.old/root/usr/share/smanager/themes/default/templates/certificate.html.ep 1970-01-01 01:00:00.000000000 +0100 |
422 |
|
|
+++ smeserver-certificate-0.0.4/root/usr/share/smanager/themes/default/templates/certificate.html.ep 2022-04-16 11:53:00.000000000 +0100 |
423 |
|
|
@@ -0,0 +1,101 @@ |
424 |
|
|
+% layout 'default', title => "Sme server 2 - Certificate Manager", share_dir => './'; |
425 |
|
|
+ |
426 |
|
|
+% content_for 'module' => begin |
427 |
|
|
+ |
428 |
|
|
+<div id="module" class="module certificate-panel"> |
429 |
|
|
+ |
430 |
|
|
+ % if ($config->{debug} == 1) { |
431 |
|
|
+ <p> |
432 |
|
|
+ %= dumper $c->current_route |
433 |
|
|
+ </p> |
434 |
|
|
+ % } |
435 |
|
|
+ |
436 |
|
|
+ <h1><%=$title%></h1> |
437 |
|
|
+ %= $modul |
438 |
|
|
+ |
439 |
|
|
+ %if ($certificate_data->{first}) { |
440 |
|
|
+ <br><p> |
441 |
|
|
+ %=$c->render_to_string(inline =>$c->l($certificate_data->{first})) |
442 |
|
|
+ </p> |
443 |
|
|
+ |
444 |
|
|
+ %} elsif ($certificate_data->{success}) { |
445 |
|
|
+ <div class='sme-border'> |
446 |
|
|
+ <h2> Operation Status Report - success</h2><p> |
447 |
|
|
+ <font color=green> |
448 |
|
|
+ %= $c->l($certificate_data->{success}); |
449 |
|
|
+ </font> |
450 |
|
|
+ </p> |
451 |
|
|
+ </div> |
452 |
|
|
+ |
453 |
|
|
+ %} elsif ($certificate_data->{error}) { |
454 |
|
|
+ <div class='sme-error'> |
455 |
|
|
+ <h2> Operation Status Report - error</h2><p> |
456 |
|
|
+ <font color=red> |
457 |
|
|
+ %= $c->l($certificate_data->{error}); |
458 |
|
|
+ </font> |
459 |
|
|
+ </p> |
460 |
|
|
+ </div> |
461 |
|
|
+ |
462 |
|
|
+ %} elsif ($certificate_data->{warning}) { |
463 |
|
|
+ <div class='sme-warning'> |
464 |
|
|
+ <h2> Operation Status Report - warning</h2><p> |
465 |
|
|
+ <font color=orange> |
466 |
|
|
+ %= $c->l($certificate_data->{warning}); |
467 |
|
|
+ </font> |
468 |
|
|
+ </p> |
469 |
|
|
+ </div> |
470 |
|
|
+ |
471 |
|
|
+ %} |
472 |
|
|
+ %= form_for '/certificatesave' => (method => 'POST') => begin |
473 |
|
|
+ % my $btn = l('SAVE'); |
474 |
|
|
+ %== l 'DESC_SSL_CERTIFICAT_CONFIG_PAGE' |
475 |
|
|
+ |
476 |
|
|
+ <span class=label> |
477 |
|
|
+ <strong> |
478 |
|
|
+ %=l 'LABEL_DOMAIN_CRT' |
479 |
|
|
+ </strong> |
480 |
|
|
+ %=l 'DESC_DOMAIN_CRT' |
481 |
|
|
+ <br /> |
482 |
|
|
+ </span><span class=data> |
483 |
|
|
+ % param 'ca_crt' => $certificate_data->{'domain.crt'} unless param 'ca_crt'; |
484 |
|
|
+ %= text_area 'ca_crt' , cols=>60, rows=>15 |
485 |
|
|
+ </span><br> |
486 |
|
|
+ <br /> |
487 |
|
|
+ |
488 |
|
|
+ <span class=label> |
489 |
|
|
+ <strong> |
490 |
|
|
+ %=l 'LABEL_DOMAIN_KEY' |
491 |
|
|
+ </strong> |
492 |
|
|
+ %=l 'DESC_DOMAIN_KEY' |
493 |
|
|
+ </span><span class=data> |
494 |
|
|
+ % param 'ca_key' => $certificate_data->{'domain.key'} unless param 'ca_key'; |
495 |
|
|
+ %= text_area 'ca_key' , cols=>60, rows=>15 |
496 |
|
|
+ </span><br> |
497 |
|
|
+ <br /> |
498 |
|
|
+ |
499 |
|
|
+ <span class=label> |
500 |
|
|
+ <strong> |
501 |
|
|
+ %=l 'LABEL_CERTIFICATE_CHAINFILE' |
502 |
|
|
+ </strong> |
503 |
|
|
+ %=l 'DESC_CERTIFICATE_CHAINFILE' |
504 |
|
|
+ </span><span class=data> |
505 |
|
|
+ % param 'chain_crt_file' => $certificate_data->{'chain.pem'} unless param 'chain_crt_file'; |
506 |
|
|
+ %= text_area 'chain_crt_file' , cols=>60, rows=>15 |
507 |
|
|
+ </span><br> |
508 |
|
|
+ <br /> |
509 |
|
|
+ %= submit_button "$btn", class => 'action' |
510 |
|
|
+ </div> |
511 |
|
|
+%end |
512 |
|
|
+ |
513 |
|
|
+%= stylesheet begin |
514 |
|
|
+span.label { |
515 |
|
|
+ width:46em; |
516 |
|
|
+ font-weight:normal; |
517 |
|
|
+} |
518 |
|
|
+ |
519 |
|
|
+span.label strong { |
520 |
|
|
+ text-align:left; |
521 |
|
|
+} |
522 |
|
|
+%end |
523 |
|
|
+ |
524 |
|
|
+%end |
525 |
|
|
\ No newline at end of file |