<% @header [("title", ["SSL certificate signing requests"])];
val admin = Group.inGroupName "server";
if $"new" <> "" then
val req = $"req";
val key = $"key";
val days = Web.stoi ($"days");
val domain = $"domain";
val msg = $"msg";
if req = "" then
%>Please fill in a path to a certificate request.
<%
elseif key = "" then
%>Please fill in a path to a key.
<%
elseif days <= 0 then
%>Please give a positive number of days for the certificate to live.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>You don't have permissions on domain <% Web.html domain %>.
<%
else
%>Are you sure you want to ask for permissions on an SSL certificate
with request <% Web.html req %>,
with key <% Web.html key %>,
for domain <% domain %>,
lasting <% days %> days?
Yes, I want to request that.<%
end
elseif $"cmd" = "request" then
val req = $"req";
val key = $"key";
val days = Web.stoi ($"days");
val domain = $"domain";
val msg = $"msg";
if req = "" then
%>Please fill in a path to a certificate request.
<%
elseif key = "" then
%>Please fill in a path to a key.
<%
elseif days <= 0 then
%>Please give a positive number of days for the certificate to live.
<%
elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then
%>You don't have permissions on domain <% Web.html domain %>.
<%
else
val gen = req;
val text = "/afs/hcoop.net/common/etc/scripts/ca-sign "
^ Int.toString days ^ " "
^ req ^ " "
^ key ^ " "
^ gen ^ " "
^ domain;
val id = Sign.add (Init.getUserId (), text, msg);
if not (Sign.notifyNew id) then
%>Error sending e-mail notification
<%
end
%>Request added
<%
end
elseif $"cmd" = "open" then
%>Open requests
List all requests<%
foreach (name, req) in Sign.listOpen () do %>
| By: | <% name %> |
| Time: | <% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago) |
| Request: | <% #data req %> |
| Reason: | <% Web.html (#msg req) %> |
<% if admin then %>
[Modify]
[Delete]
<% end %>
<% end
elseif $"cmd" = "list" then
%>All requests
<%
foreach (name, req) in Sign.list () do %>
| By: | <% name %> |
| Time: | <% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago) |
| Request: | <% #data req %> |
| Reason: | <% Web.html (#msg req) %> |
<% if admin then %>
[Modify]
[Delete]
<% end %>
<% end
elseif $"mod" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"mod");
val req = Sign.lookup id;
val user = Init.lookupUser (#usr req) %>
Handle request
<% elseif $"save" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"save");
val req = Sign.lookup id;
val oldStatus = #status req;
val newStatus = Sign.statusFromInt (Web.stoi ($"status"));
Sign.modify {req with data = $"req", msg = $"msg", status = newStatus};
if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
%>Error sending e-mail notification
<%
end
%>Request modified
Back to: open requests, all requests
<% elseif $"del" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del");
val req = Sign.lookup id;
val user = Init.lookupUser (#usr req)
%>Are you sure you want to delete request by <% #name user %> for <% #data req %>?
Yes, I'm sure!
<% elseif $"del2" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del2");
Sign.delete id
%>Request deleted
Back to: open requests, all requests
<% else %>
Request SSL certificate signing
Use this form to request that we sign an an SSL certificate with our certificate authority. Give the location of your certificate request (.csr file) and key (.key file) within /afs/hcoop.net.
The instructions on our wiki for creating SSL certificates may be helpful.
<% end %>
<% @footer[] %>