IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Certificate management with self-signed CA

Browse Source 
The certificate_status_widget has been modified to check for the
environment variable ra_plugin to determine the CA used by IPA
server. If self-signed CA is used, some operations will not be
available (e.g. checking certificate status, revoking/restoring
certificate), so the corresponding interface will be hidden. Other
operations such as creating new certificate and viewing certificate
are still available.
This commit is contained in:
Endi S. Dewata
2010-12-01 21:46:38 -06:00
committed by Adam Young
parent 27b01cb628
commit 620c085ebf
1 changed files with 43 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
install/static/certificate.js
View File

@@ -404,6 +404,10 @@ function certificate_status_widget(spec) {
that.get_entity_principal = spec.get_entity_principal; that.get_entity_principal = spec.get_entity_principal;
that.get_entity_certificate = spec.get_entity_certificate; that.get_entity_certificate = spec.get_entity_certificate;
that.is_selfsign = function() {
return IPA.env.ra_plugin == 'selfsign';
};
that.create = function(container) { that.create = function(container) {
that.widget_create(container); that.widget_create(container);
@@ -428,11 +432,13 @@ function certificate_status_widget(spec) {
'value': 'Get' 'value': 'Get'
}).appendTo(td); }).appendTo(td);
$('<input/>', { if (!that.is_selfsign()) {
'type': 'button', $('<input/>', {
'name': 'revoke', 'type': 'button',
'value': 'Revoke' 'name': 'revoke',
}).appendTo(td); 'value': 'Revoke'
}).appendTo(td);
}
$('<input/>', { $('<input/>', {
'type': 'button', 'type': 'button',
@@ -440,27 +446,29 @@ function certificate_status_widget(spec) {
'value': 'View' 'value': 'View'
}).appendTo(td); }).appendTo(td);
tr = $('<tr/>').appendTo(table); if (!that.is_selfsign()) {
tr = $('<tr/>').appendTo(table);
td = $('<td/>').appendTo(tr); td = $('<td/>').appendTo(tr);
$('<li/>', { $('<li/>', {
'class': 'certificate-status-revoked' 'class': 'certificate-status-revoked'
}).appendTo(td); }).appendTo(td);
td = $('<td/>').appendTo(tr); td = $('<td/>').appendTo(tr);
td.append('Certificate Revoked:'); td.append('Certificate Revoked:');
td = $('<td/>').appendTo(tr); td = $('<td/>').appendTo(tr);
td.append($('<span/>', { td.append($('<span/>', {
'name': 'revocation_reason' 'name': 'revocation_reason'
})); }));
td.append(' '); td.append(' ');
$('<input/>', { $('<input/>', {
'type': 'button', 'type': 'button',
'name': 'restore', 'name': 'restore',
'value': 'Restore' 'value': 'Restore'
}).appendTo(td); }).appendTo(td);
}
tr = $('<tr/>').appendTo(table); tr = $('<tr/>').appendTo(table);
@@ -567,17 +575,26 @@ function certificate_status_widget(spec) {
function set_status(status, revocation_reason) { function set_status(status, revocation_reason) {
that.valid.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_VALID); that.valid.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_VALID);
that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED);
that.missing.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_MISSING); that.missing.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_MISSING);
that.get_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); that.get_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden');
that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden');
that.view_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); that.view_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden');
that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]);
that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden'); if (!that.is_selfsign()) {
that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED);
that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden');
that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]);
that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden');
}
} }
function check_status(serial_number) { function check_status(serial_number) {
if (that.is_selfsign()) {
set_status(CERTIFICATE_STATUS_VALID);
return;
}
ipa_cmd( ipa_cmd(
'cert_show', 'cert_show',
[serial_number], [serial_number],