3 # Signs CSRs with a cert
5 require './certmgr-lib.pl';
6 $access{'signcsr'} || &error($text{'ecannot'});
8 &header($text{'signcsr_title'}, "");
10 if ($in{'submitted'} eq "sign") {
11 if (!$in{'days'}) { $error.=$text{'gencert_e_nodays'}."<br>\n"; }
12 if (!$in{'csrfile'}) {
13 $error.=$text{'signcsr_e_nocsrfile'}."<br>\n";
15 if (!$in{'signfile'}) {
16 $error.=$text{'signcsr_e_nosignfile'}."<br>\n";
18 if (!$in{'keyfile'} || !$in{'keycertfile'}) {
19 $error.=$text{'signcsr_e_nokeyfile'}."<br>\n";
26 if (!$in{'csrfile'}) { $in{'csrfile'}=$config{'ssl_csr_dir'}."/".
27 $config{'incsr_filename'}; }
28 if (!$in{'signfile'}) { $in{'signfile'}=$config{'ssl_cert_dir'}."/".
29 $config{'sign_filename'}; }
30 if (!$in{'keyfile'}) { $in{'keyfile'}=$config{'cakey_path'}; }
31 if (!$in{'keycertfile'}) { $in{'keycertfile'}=$config{'cacert_path'};}
32 if (!$in{'days'}) { $in{'days'}=$config{'default_days'}; }
36 print "<hr> <b>$text{'signcsr_error'}</b>\n<ul>\n";
37 print "$error</ul>\n$text{'gencert_pleasefix'}\n";
41 &print_sign_form("signcsr");
43 &footer("", $text{'index_return'});
46 &foreign_require("webmin", "webmin-lib.pl");
48 &get_miniserv_config(\%miniserv);
49 if (!$miniserv{'ca'}) {
52 if ((-e $in{'signfile'})&&($in{'overwrite'} ne "yes")) {
55 &footer("", $text{'index_return'});
58 $tempdir = &tempname();
59 mkdir($tempdir, 0700);
60 if ($in{'password'}){ $des="-passin pass:".quotemeta($in{'password'}); }
61 $out = `yes | $config{'openssl_cmd'} ca -in $in{'csrfile'} -out $in{'signfile'} -cert $in{'keycertfile'} -keyfile $in{'keyfile'} -outdir $tempdir -days $in{'days'} -config $config_directory/acl/openssl.cnf $des 2>&1`;
63 system("rm -rf $tempdir");
64 if (!-e $in{'csrfile'}) {
68 chmod(0400,$in{'signfile'});
71 if ($error){ print "<b>$text{'signcsr_e_signfailed'}</b>\n<pre>$error</pre>\n<hr>\n";}
73 print "<b>$text{'signcsr_worked'}</b>\n<pre>$out</pre>\n";
74 $url="\"view.cgi?certfile=".&my_urlize($in{'signfile'}).'"';
75 print "<b>$text{'signcsr_saved_cert'} <a href=$url>$in{'signfile'}</a></b><br>\n";
78 &footer("", $text{'index_return'});
82 my($buffer1,$buffer2,$buffer,$key,$temp_pem,$url);
84 print "<table>\n<tr valign=top>";
85 if (-e $in{'signfile'}) {
86 open(OPENSSL,"$config{'openssl_cmd'} x509 -in $in{'signfile'} -text -fingerprint -noout|");
87 while(<OPENSSL>){ $buffer1.=$_; }
89 $url="\"view.cgi?certfile=".&my_urlize($in{'signfile'}).'"';
90 print "<td><table border><tr $tb><td align=center><b><a href=$url>$in{'signfile'}</a></b></td> </tr>\n<tr $cb> <td>\n";
91 if (!$buffer1) { print $text{'e_file'};}
92 else { &print_cert_info(0,$buffer1); }
93 print "</td></tr></table></td>\n";
95 print "</tr></table>\n";
96 print "$text{'gencert_moreinfo'}";
97 print "<hr>\n$text{'gencert_overwrite'}\n<p>\n";
99 print "<form action=signcsr.cgi method=post>\n";
100 foreach $key (keys %in) {
101 print "<input name=\"$key\" type=hidden value=\"$in{$key}\">\n";
103 print "<input name=overwrite value=\"yes\" type=hidden>\n";
104 print "<input type=submit value=\"$text{'continue'}\"></form>\n";