% @header [("title", ["SSL certificate permission requests"])];
val admin = Group.inGroupName "server";
if $"new" <> "" then
if $"kind" = "cert" then
if $"req" <> "" then
%>
You filled data in next to a textbox but didn't check the radio button next to it.
<%
else
val cert = $"cert";
val msg = $"msg";
%>Are you sure you want to ask for permissions on an SSL certificate at <% cert %>?
You filled data in next to a textbox but didn't check the radio button next to it.
<%
else
val req = $"req";
val msg = $"msg";
%>Are you sure you want to ask for permissions on an SSL certificate to be created from an OpenSSL request at <% req %>?
Yes, I want to request that.<%
end
end
elseif $"cmd" = "request" then
val id = Cert.add (Init.getUserId (), $"req", $"msg");
if not (Cert.notifyNew id) then
%>
<% if admin then %>
[Modify][Delete]
<% end %>
<% end
elseif $"mod" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"mod");
val req = Cert.lookup id;
val user = Init.lookupUser (#usr req) %>
Handle request
<% elseif $"save" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"save");
val req = Cert.lookup id;
val oldStatus = #status req;
val newStatus = Cert.statusFromInt (Web.stoi ($"status"));
Cert.modify {req with data = $"req", msg = $"msg", status = newStatus};
if oldStatus <> newStatus then
if not (Cert.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then
%>
Error sending e-mail notification
<%
end
end
%>
Request modified
Back to: open requests, all requests
<% elseif $"del" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del");
val req = Cert.lookup id;
val user = Init.lookupUser (#usr req)
%>
Are you sure you want to delete request by <% #name user %> for <% #data req %>?
Yes, I'm sure!
<% elseif $"del2" <> "" then
Group.requireGroupName "server";
val id = Web.stoi ($"del2");
Cert.delete id
%>
Use this form to request use Domtool permissions to use an SSL certificate. Give the location of your certificate request or certificate within /afs/hcoop.net. If you have your own certificate signed by an outside provider like Verisign, then choose the second option and give the path to that certificate. If you want your certificate authenticated by chaining through HCoop's root certificate, then choose the first option and give the path to an OpenSSL certificate request.