2 # Actually generate the cert, and update the LDIF format config file
4 require './ldap-server-lib.pl';
5 &local_ldap_server() == 1 || &error($text{'slapd_elocal'});
6 $access{'slapd'} || &error($text{'slapd_ecannot'});
7 &foreign_require("webmin", "webmin-lib.pl");
9 &error_setup($text{'gencert_err'});
10 $conf = &get_ldif_config();
11 $confdb = &get_config_db();
14 if ($in{'dest_def'}) {
15 $keyfile = &find_ldif_value("olcTLSCertificateKeyFile", $conf, $confdb);
16 $certfile = &find_ldif_value("olcTLSCertificateFile", $conf, $confdb);
20 -d $in{'dest'} || &error($text{'gencert_edest'});
21 $keyfile = $in{'dest'}."/ldap.key";
22 $certfile = $in{'dest'}."/ldap.cert";
26 $err = &webmin::parse_ssl_key_form(\%in, $keyfile,
27 $certfile eq $keyfile ? undef : $certfile);
28 &error($err) if ($err);
30 # Make readable by LDAP user
31 &set_ownership_permissions($config{'ldap_user'}, undef, undef,
34 # Update config to use them
36 &save_ldif_directive($conf, "olcTLSCertificateFile", $confdb, $certfile);
37 &save_ldif_directive($conf, "olcTLSCertificateKeyFile", $confdb, $keyfile);
39 &unlock_slapd_files();
41 &webmin_log("gencert");