% @header [("title", ["SSL certificate signing requests"])];
val admin = Group.inGroupName "server";
if $"new" <> "" then
val req = $"req";
val key = $"key";
val days = Web.stoi ($"days");
val domain = $"domain";
val msg = $"msg";
if req = "" then
%>
Please fill in a path to a certificate request.
<%
elseif key = "" then
%>
Please fill in a path to a key.
<%
elseif days <= 0 then
%>
Please give a positive number of days for the certificate to live.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>
You don't have permissions on domain <% Web.html domain %>.
<%
else
%>Are you sure you want to ask for permissions on an SSL certificate
with request <% Web.html req %>,
with key <% Web.html key %>,
for domain <% domain %>,
lasting <% days %> days?
Yes, I want to request that.<%
end
elseif $"cmd" = "request" then
val req = $"req";
val key = $"key";
val days = Web.stoi ($"days");
val domain = $"domain";
val msg = $"msg";
if req = "" then
%>
Please fill in a path to a certificate request.
<%
elseif key = "" then
%>
Please fill in a path to a key.
<%
elseif days <= 0 then
%>
Please give a positive number of days for the certificate to live.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>
You don't have permissions on domain <% Web.html domain %>.
<%
else
val gen = req;
val text = "/afs/hcoop.net/common/etc/scripts/ca-sign "
^ Int.toString days ^ " "
^ req ^ " "
^ key ^ " "
^ gen ^ " "
^ domain;
val id = Sign.add (Init.getUserId (), text, msg);
if not (Sign.notifyNew id) then
%>
<% if admin then %>
[Modify][Delete]
<% end %>
<% end
elseif $"mod" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"mod");
val req = Sign.lookup id;
val user = Init.lookupUser (#usr req) %>
Handle request
<% elseif $"save" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"save");
val req = Sign.lookup id;
val oldStatus = #status req;
val newStatus = Sign.statusFromInt (Web.stoi ($"status"));
Sign.modify {req with data = $"req", msg = $"msg", status = newStatus};
if oldStatus <> newStatus then
if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
%>
Error sending e-mail notification
<%
end
end
%>
Request modified
Back to: open requests, all requests
<% elseif $"del" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del");
val req = Sign.lookup id;
val user = Init.lookupUser (#usr req)
%>
Are you sure you want to delete request by <% #name user %> for <% #data req %>?
Yes, I'm sure!
<% elseif $"del2" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del2");
Sign.delete id
%>
Use this form to request that we sign an an SSL certificate with our certificate authority. Give the location of your certificate request (.csr file) and key (.key file) within /afs/hcoop.net.