/CHANGELOG |
---|
10,6 → 10,7 |
ACC |
- sysinfo genrated by "phpsysinfo 3.3.2" |
- global flow statistics generated by "vnstat-dashboard" (instead of "vnstat-frontend") |
- choice between certificates (default / official / Let's encrypt) |
CHANGES |
- German translations have been updated. Thanks to Sven RATH |
- Improve RPMs controls at the installation stage |
/alcasar.sh |
---|
857,8 → 857,6 |
[ -e /var/log/lighttpd/error.log ] || touch /var/log/lighttpd/error.log |
chown -R apache:apache /var/log/lighttpd |
# /usr/bin/systemctl start lighttpd |
# /usr/bin/systemctl start php-fpm |
# Creation of the first account (in 'admin' profile) |
if [ "$mode" = "install" ] |
/conf/letsencrypt-client/acme.sh-2.8.3.tar.gz |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Deleted: svn:mime-type |
-application/octet-stream |
\ No newline at end of property |
/conf/letsencrypt-client/acme.sh-2.8.5.tar.gz |
---|
Cannot display: file marked as a binary type. |
svn:mime-type = application/octet-stream |
Property changes: |
Added: svn:mime-type |
+application/octet-stream |
\ No newline at end of property |
/scripts/alcasar-CA.sh |
---|
18,7 → 18,7 |
SRVKEY=$DIR_CERT/private/alcasar.key |
SRVCERT=$DIR_CERT/certs/alcasar.crt |
SRVPEM=$DIR_CERT/private/alcasar.pem |
SRVCHAIN=$DIR_CERT/certs/server-chain.crt |
SRVCHAIN=$DIR_CERT/certs/server-chain.pem |
CACERT_LIFETIME="1460" |
SRVCERT_LIFETIME="1460" |
/scripts/alcasar-certificates.sh |
---|
41,7 → 41,7 |
tar cvf $FILE.tar $DIR_PKI/CA/{alcasar-ca.crt,private/alcasar-ca.key} |
# Export of server Certificate |
tar rvf $FILE.tar $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,certs/server-chain.crt} |
tar rvf $FILE.tar $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,certs/server-chain.pem} |
gzip $FILE.tar |
echo "Le fichier des certificats exportés est : $FILE.tar.gz" |
} # end function export |
60,7 → 60,7 |
cd $DIR_PKI/tls |
cp certs/alcasar.crt $DIR_SAVE/. |
cp private/alcasar.key $DIR_SAVE/. |
cp certs/server-chain.crt $DIR_SAVE/. |
cp certs/server-chain.pem $DIR_SAVE/. |
} # end function archive |
function import() { |
79,10 → 79,10 |
echo "Import new certificates in ALCASAR !!!" |
cp -r $DIR_IMPORT/* /. |
chown root:apache $DIR_PKI/CA/{alcasar-ca.crt,private/alcasar-ca.key} |
chown root:apache $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,private/alcasar.pem,certs/server-chain.crt} |
chown root:apache $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,private/alcasar.pem,certs/server-chain.pem} |
chmod 750 $DIR_PKI/CA/{alcasar-ca.crt,private/alcasar-ca.key} |
chmod 750 $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,private/alcasar.pem,certs/server-chain.crt} |
chmod 750 $DIR_PKI/tls/{certs/alcasar.crt,private/alcasar.key,private/alcasar.pem,certs/server-chain.pem} |
service lighttpd restart |
else |
/scripts/alcasar-conf.sh |
---|
91,10 → 91,10 |
[ -e /etc/pki/tls/private/alcasar.pem ] && cp -f /etc/pki/tls/private/alcasar.pem $DIR_UPDATE # since V3.3 |
cp -f /etc/pki/CA/alcasar-ca.crt $DIR_UPDATE |
cp -f /etc/pki/CA/private/alcasar-ca.key $DIR_UPDATE |
if [ -e /etc/pki/tls/certs/server-chain.crt ]; then |
cp -f /etc/pki/tls/certs/server-chain.crt* $DIR_UPDATE # autosigned and official if exist |
if [ -e /etc/pki/tls/certs/server-chain.pem ]; then |
cp -f /etc/pki/tls/certs/server-chain.pem $DIR_UPDATE # autosigned and official if exist |
else |
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.crt |
cp -f /etc/pki/tls/certs/alcasar.crt $DIR_UPDATE/server-chain.pem |
fi |
# pureip & safesearch status |
[ -d /etc/dansguardian ] && dg_path=/etc/dansguardian || dg_path=/etc/e2guardian |
194,7 → 194,7 |
cp -f $DIR_UPDATE/alcasar.crt /etc/pki/tls/certs/ |
cp -f $DIR_UPDATE/alcasar.key /etc/pki/tls/private/ |
cp -f $DIR_UPDATE/alcasar.pem /etc/pki/tls/private/ |
[ -e $DIR_UPDATE/server-chain.crt ] && cp -f $DIR_UPDATE/server-chain.crt* /etc/pki/tls/certs/ # autosigned and official if exist |
[ -e $DIR_UPDATE/server-chain.pem ] && cp -f $DIR_UPDATE/server-chain.pem /etc/pki/tls/certs/ # autosigned and official if exist |
chown root:apache /etc/pki/CA; chmod 750 /etc/pki/CA |
chmod 640 /etc/pki/CA/* |
chown root:root /etc/pki/CA/private; chmod 700 /etc/pki/CA/private |
439,7 → 439,14 |
local-zone: "$HOSTNAME" static |
local-data: "$HOSTNAME A $PRIVATE_IP" |
EOF |
# Configuration file for lo of forward unbound |
if [ "$HOSTNAME" != 'alcasar' ] |
then |
echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf |
echo -e "\tlocal-zone: \"alcasar A $PRIVATE_IP\"" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf |
echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/forward/iface.lo.conf |
echo -e "\tlocal-zone: \"alcasar A 127.0.0.1\"" >> /etc/unbound/conf.d/forward/iface.lo.conf |
fi |
# Configuration file for lo of forward |
cat << EOF > /etc/unbound/conf.d/forward/iface.lo.conf |
server: |
interface: 127.0.0.1@53 |
454,14 → 461,7 |
local-zone: "$DOMAIN." static |
local-data: "$DOMAIN. A" |
EOF |
if [ "$HOSTNAME" != 'alcasar' ] |
then |
echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf |
echo -e "\tlocal-zone: \"alcasar A $PRIVATE_IP\"" >> /etc/unbound/conf.d/common/local-dns/${INTIF}.conf |
echo -e "\tlocal-zone: \"alcasar\" static" >> /etc/unbound/conf.d/forward/iface.lo.conf |
echo -e "\tlocal-zone: \"alcasar A 127.0.0.1\"" >> /etc/unbound/conf.d/forward/iface.lo.conf |
fi |
# Configuration file for $INTIF of forward unbound |
# Configuration file for $INTIF of forward |
cat << EOF > /etc/unbound/conf.d/forward/iface.${INTIF}.conf |
server: |
interface: ${PRIVATE_IP}@53 |
471,7 → 471,7 |
name: "$INTIF" |
view-first: yes |
EOF |
# Configuration file for $INTIF of blacklist unbound |
# Configuration file for $INTIF of blacklist |
cat << EOF > /etc/unbound/conf.d/blacklist/iface.${INTIF}.conf |
server: |
interface: ${PRIVATE_IP}@54 |
480,7 → 480,7 |
access-control-tag-action: $PRIVATE_IP_MASK "blacklist" redirect |
access-control-tag-data: $PRIVATE_IP_MASK "blacklist" "A $PRIVATE_IP" |
EOF |
# Configuration file for $INTIF of whitelist unbound |
# Configuration file for $INTIF of whitelist |
cat << EOF > /etc/unbound/conf.d/whitelist/iface.${INTIF}.conf |
server: |
interface: ${PRIVATE_IP}@55 |
489,7 → 489,7 |
access-control-tag-action: $PRIVATE_IP_MASK "whitelist" redirect |
access-control-tag-data: $PRIVATE_IP_MASK "whitelist" "A $PRIVATE_IP" |
EOF |
# Configuration file for $INTIF of blackhole unbound |
# Configuration file for $INTIF of blackhole |
cat << EOF > /etc/unbound/conf.d/blackhole/iface.${INTIF}.conf |
server: |
interface: ${PRIVATE_IP}@56 |
/scripts/alcasar-importcert.sh |
---|
25,24 → 25,15 |
nb_args=$# |
arg1=$1 |
function defaultNdd() |
{ |
$SED "s/^HOSTNAME=.*/HOSTNAME=alcasar/g" /usr/local/etc/alcasar.conf |
$SED "s/^DOMAIN=.*/DOMAIN=localdomain/g" /usr/local/etc/alcasar.conf |
/usr/local/bin/alcasar-conf.sh --apply |
} |
function defaultCert() |
{ |
mv -f $DIR_CERT/certs/alcasar.crt.old $DIR_CERT/certs/alcasar.crt |
mv -f $DIR_CERT/private/alcasar.key.old $DIR_CERT/private/alcasar.key |
if [ -f $DIR_CERT/certs/server-chain.crt.old ] |
if [ -f $DIR_CERT/certs/server-chain.pem.old ] |
then |
mv $DIR_CERT/certs/server-chain.crt.old $DIR_CERT/certs/server-chain.crt |
mv $DIR_CERT/certs/server-chain.pem.old $DIR_CERT/certs/server-chain.pem |
fi |
(cat $DIR_CERT/private/alcasar.key; echo; cat $DIR_CERT/certs/alcasar.crt) > $DIR_CERT/private/alcasar.pem |
chown root:apache $DIR_CERT/private/alcasar.pem |
chmod 750 $DIR_CERT/private/alcasar.pem |
} |
49,8 → 40,7 |
function domainName() # change the domain name in the conf files |
{ |
fqdn=$(openssl x509 -noout -subject -in $cert | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1) |
fqdn=$(openssl x509 -noout -subject -nameopt multiline -in $DIR_CERT/certs/alcasar.crt | grep commonName|cut -d"=" -f2|tr -d ' ') |
#check if there is a wildcard in $fqdn |
if [[ $fqdn == *"*"* ]]; |
then |
61,12 → 51,11 |
fi |
domain=$(echo $fqdn | cut -d'.' -f2-) |
echo "fqdn=$fqdn hostname=$hostname domain=$domain" |
#check fqdn format |
if [[ "$fqdn" != "" && "$domain" != "" ]]; then |
$SED "s/^HOSTNAME=.*/HOSTNAME=$hostname/g" /usr/local/etc/alcasar.conf |
$SED "s/^DOMAIN=.*/DOMAIN=$domain/g" /usr/local/etc/alcasar.conf |
/usr/local/bin/alcasar-conf.sh --apply |
# /usr/local/bin/alcasar-conf.sh --apply |
fi |
} |
82,31 → 71,26 |
echo "Backup of old private key (alcasar.key)" |
mv $DIR_CERT/private/alcasar.key $DIR_CERT/private/alcasar.key.old |
fi |
cp $cert $DIR_CERT/certs/alcasar.crt |
cp $key $DIR_CERT/private/alcasar.key |
(cat $DIR_CERT/private/alcasar.key; echo; cat $DIR_CERT/certs/alcasar.crt) > $DIR_CERT/private/alcasar.pem |
chown root:apache $DIR_CERT/certs/alcasar.crt |
chown root:apache $DIR_CERT/private/alcasar.key |
chown root:apache $DIR_CERT/private/alcasar.pem |
chmod 750 $DIR_CERT/certs/alcasar.crt |
chmod 750 $DIR_CERT/private/alcasar.key |
chmod 750 $DIR_CERT/private/alcasar.pem |
if [ "$sc" != "" ] |
then |
echo "cert-chain exists" |
if [ ! -f "$DIR_CERT/certs/server-chain.crt.old" ] |
if [ ! -f "$DIR_CERT/certs/server-chain.pem.old" ] |
then |
echo "Backup of old cert-chain (server-chain.crt)" |
mv $DIR_CERT/certs/server-chain.crt $DIR_CERT/certs/server-chain.crt.old |
echo "Backup of old cert-chain (server-chain.pem)" |
mv $DIR_CERT/certs/server-chain.pem $DIR_CERT/certs/server-chain.pem.old |
fi |
cp $sc $DIR_CERT/certs/server-chain.crt |
chown root:apache $DIR_CERT/certs/server-chain.crt |
chmod 750 $DIR_CERT/certs/server-chain.crt |
cp $sc $DIR_CERT/certs/server-chain.pem |
chown root:apache $DIR_CERT/certs/server-chain.pem |
chmod 750 $DIR_CERT/certs/server-chain.pem |
fi |
} |
164,7 → 148,7 |
echo "Server-chain certificate not found" |
exit 1 |
fi |
if [ ${sc: -4} != ".crt" ] && [ ${sc: -4} != ".cer" ] |
if [ ${sc: -4} != ".crt" ] && [ ${sc: -4} != ".cer" ] && [ ${sc: -4} != ".pem" ] |
then |
echo "Invalid server-chain certificate file" |
exit 1 |
171,12 → 155,8 |
fi |
echo "Importing certificate $cert with private key $key and server-chain $sc" |
fi |
domainName $cert |
certImport $cert $key $sc |
for services in chilli unbound unbound-blackhole unbound-blacklist unbound-whitelist dnsmasq-whitelist lighttpd |
do |
echo "restarting $services"; systemctl restart $services; sleep 1 |
done |
certImport |
domainName |
;; |
-d) |
if [ -f "/etc/pki/tls/certs/alcasar.crt.old" -a -f "/etc/pki/tls/private/alcasar.key.old" ] |
183,11 → 163,8 |
then |
echo "Restoring default certificate" |
defaultCert |
defaultNdd |
for services in chilli unbound unbound-blackhole unbound-blacklist unbound-whitelist dnsmasq-whitelist lighttpd |
do |
echo "restarting $services"; systemctl restart $services; sleep 1 |
done |
domainName |
else echo "No default cert found" |
fi |
;; |
*) |
/web/acc/admin/network.php |
---|
66,9 → 66,9 |
$l_local_dns = "Résolution local de nom (DNS)"; |
$l_import_cert = "Import de certificat"; |
$l_private_key = "Clé privée (.key) :"; |
$l_certificate = "Certificat (.crt) :"; |
$l_server_chain = "Chaîne de certification (si nécéssaire : .crt) :"; |
$l_default_cert = "Revenir au certificat d'origine"; |
$l_certificate = "Certificat (.crt ou .cer) :"; |
$l_server_chain = "Chaîne de certification (.crt, .cer ou .pem) :"; |
$l_default_cert = "Revenir au certificat d'origine :"; |
$l_import = "Importer"; |
$l_current_certificate = "Certificat actuel"; |
$l_validated = "Validé par :"; |
79,8 → 79,8 |
$l_cert_expiration = "Date d'expiration :"; |
$l_cert_commonname = "Nom commun :"; |
$l_cert_organization = "Organisation :"; |
$l_upload_certificate = "Importer un certificat"; |
$l_le_integration = "Intégration Let's Encrypt"; |
$l_upload_certificate = "Importer un certificat officiel"; |
$l_le_integration = "Intégrer un certificat Let's Encrypt"; |
$l_le_status = "Status :"; |
$l_disabled = "Inactif"; |
$l_pending_validation = "En attente de validation"; |
97,6 → 97,7 |
$l_le_next_renewal = "Prochain renouvellement :"; |
$l_renew = "Renouveller"; |
$l_renew_force = "Renouveller (forcer)"; |
$l_previous_LE_cert = "Revenir au certificat Let's Encrypt :"; |
} else { // English |
$l_network_title = "Network configuration"; |
$l_internet_legend = "INTERNET"; |
121,9 → 122,9 |
$l_local_dns = "Local name resolution (DNS"; |
$l_import_cert = "Certificate import"; |
$l_private_key = "Private key (.key) :"; |
$l_certificate = "Certificate (.crt) :"; |
$l_server_chain = "Server-chain (if necessary : .crt) :"; |
$l_default_cert = "Back to default certificate"; |
$l_certificate = "Certificate (.crt or .cer) :"; |
$l_server_chain = "Server-chain (.crt, .cer or .pem) :"; |
$l_default_cert = "Back to default certificate :"; |
$l_import = "Import"; |
$l_current_certificate = "Current certificate"; |
$l_validated = "Validated by :"; |
134,8 → 135,8 |
$l_cert_expiration = "Expiration date:"; |
$l_cert_commonname = "Common name:"; |
$l_cert_organization = "Organization:"; |
$l_upload_certificate = "Importer un certificat"; |
$l_le_integration = "Let's Encrypt integration"; |
$l_upload_certificate = "Import an officlal certificate"; |
$l_le_integration = "Integrate a Let's Encrypt certificate"; |
$l_le_status = "Status:"; |
$l_disabled = "Disabled"; |
$l_pending_validation = "Pending validation"; |
152,6 → 153,7 |
$l_le_next_renewal = "Next renewal:"; |
$l_renew = "Renew"; |
$l_renew_force = "Renew (force)"; |
$l_previous_LE_cert = "Back to the Let's Encrypt certificate :"; |
} |
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/'; |
255,10 → 257,12 |
header('Location: '.$_SERVER['PHP_SELF']); |
exit(); |
case 'default_cert': // Restore default certificate |
case 'set_default_cert': |
exec('sudo alcasar-importcert.sh -d'); |
break; |
case 'set_last_LE_cert': |
exec('sudo alcasar-letsencrypt.sh --install-cert'); |
break; |
case 'import_cert': // Import certificate |
$maxsize = 100000; |
if (isset($_FILES['key']) && isset($_FILES['crt']) && ($_FILES['key']['error'] == 0) && ($_FILES['crt']['error'] == 0)) { |
266,8 → 270,8 |
if (pathinfo($_FILES['key']['name'])['extension'] == 'key' && ((pathinfo($_FILES['crt']['name'])['extension'] == 'crt') || (pathinfo($_FILES['crt']['name'])['extension'] == 'cer'))) { |
$dest = '/tmp/'; |
$scpath = ''; |
if (isset($_FILES['sc']) && ((pathinfo($_FILES['sc']['name'])['extension'] == 'crt') || (pathinfo($_FILES['sc']['name'])['extension'] == 'cer'))) { |
$scpath = $dest.'server-chain.crt'; |
if (isset($_FILES['sc']) && ((pathinfo($_FILES['sc']['name'])['extension'] == 'crt') || (pathinfo($_FILES['sc']['name'])['extension'] == 'cer') || (pathinfo($_FILES['sc']['name']['extension'] == 'pem')))){ |
$scpath = $dest.'server-chain.pem'; |
move_uploaded_file($_FILES['sc']['tmp_name'], $scpath); |
} |
$keypath = $dest.'alcasar.key'; |
340,12 → 344,9 |
// Let's Encrypt actions |
if ($choix === 'le_issueCert') { |
// TODO: check ndd & mail format |
$email = $_POST['email']; |
$domainName = $_POST['domainname']; |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode); |
$cmdResponse = implode("<br>\n", $output); |
} |
if ($choix === 'le_renewCert') { |
361,7 → 362,6 |
} |
} |
// Read Let's Encrypt configuration file |
$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r'); |
if (!$file_conf_LE) { |
376,7 → 376,6 |
} |
fclose($file_conf_LE); |
// Fonction de test de connectivité internet |
function internetTest() { |
$host = 'www.google.fr'; # Google Test |
400,7 → 399,6 |
$internet_publicIP = '-.-.-.-'; |
} |
// Network interfaces |
$interfacesIgnored = ['lo', 'tun[0-9]*', $conf['EXTIF'], $conf['INTIF']]; |
exec("ip -o link show | awk -F': ' '{print $2}' | sed '/^" . implode('\\|', $interfacesIgnored) . "$/d'", $interfacesAvailable); |
421,7 → 419,7 |
]; |
?> |
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> |
<!DOCTYPE HTML> |
<html> |
<head> |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"> |
604,7 → 602,7 |
<body> |
<div class="panel"> |
<div class="panel-header"><?= $l_network_title ?></div> |
<div class="panel-body"> |
<div class="panel-row"> |
<form action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post"> |
<div class="network-configurator"> |
<div class="internet"> |
667,11 → 665,9 |
</div> |
</div> |
<br> |
<table width="100%" cellspacing="0" cellpadding="0" border="0"> |
<tr><th><?= $l_static_dhcp_title?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<div class="panel"> |
<div class="panel-header"><?= $l_static_dhcp_title ?></div> |
</div> |
<table width="100%" cellspacing="0" cellpadding="5" border="1"> |
<tr><td width="50%" align="center" valign="middle"> |
<form action="network.php" method="POST"> |
730,11 → 726,9 |
</td></tr> |
</table> |
<br> |
<table width="100%" cellspacing="0" cellpadding="0" border="0"> |
<tr><th><?= $l_local_dns ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<div class="panel"> |
<div class="panel-header"><?= $l_local_dns ?></div> |
</div> |
<table width="100%" cellspacing="0" cellpadding="5" border="1"> |
<tr> |
<td width="50%" align="center"> |
794,13 → 788,9 |
</tr> |
</table> |
<br> |
<table width="100%" cellspacing="0" cellpadding="0" border="0"> |
<tr><th><?= $l_ssl_title ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<table width="100%" cellspacing="0" cellpadding="5" border="1"> |
<tr><td valign="middle" align="left"> |
<div class="panel"> |
<div class="panel-header"><?= $l_ssl_title ?></div> |
<div class="panel-row"> |
<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>"> |
<input type="hidden" name="choix" value="https_login"> |
<select name="https_login"> |
809,21 → 799,15 |
</select> |
<input type="submit" value="<?= $l_apply ?>"><br> |
</form> |
</div> |
</div> |
<br> |
</td></tr> |
</table> |
<br> |
<table width="100%" cellspacing="0" cellpadding="0" border="0"> |
<tr><th><?= $l_import_cert ?></th></tr> |
<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr> |
</table> |
<table width="100%" cellspacing="0" cellpadding="5" border="1"> |
<tr> |
<td width="50%" valign="top"> |
<div class="panel"> |
<div class="panel-header"><?= $l_import_cert ?></div> |
<div class="panel-row"> |
<div class="panel-cell"> |
<?php |
$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt')); |
$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']); |
$domain = $certificateInfos['subject']['CN']; |
$organization = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : ''; |
831,22 → 815,28 |
$CAorganization = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : ''; |
?> |
<h3><?= $l_current_certificate ?></h3> |
<?= $l_cert_expiration ?> <?= $cert_expiration_date ?><br> |
<?= $l_cert_commonname ?> <?= $domain ?><br> |
<?= $l_cert_organization ?> <?= $organization ?><br/> |
<h4><?= $l_validated ?></h4> |
<?= $l_cert_commonname ?> <?= $CAdomain ?><br> |
<?= $l_cert_organization ?> <?= $CAorganization ?><br> |
</td> |
<td width="50%" valign="center"> |
<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>"> |
<input type="hidden" name="choix" value="default_cert"> |
<input type="submit" value="<?= $l_default_cert ?>" <?= (!file_exists('/etc/pki/tls/certs/alcasar.crt.old') || !file_exists('/etc/pki/tls/private/alcasar.key.old')) ? ' disabled' : '' ?>> |
</form> |
</td> |
</tr> |
<tr> |
<td width="50%" valign="top"> |
<b><?= $l_cert_commonname ?></b> <?= $domain ?><br> |
<b><?= $l_cert_expiration ?></b> <?= $cert_expiration_date ?><br> |
<b><?= $l_cert_organization ?></b> <?= $organization ?><br> |
<b><?= $l_validated ?></b> <?= $CAdomain ?> (<?= $CAorganization ?>)<br> |
</div> |
<div class="panel-cell"> |
<? |
if (file_exists('/etc/pki/tls/certs/alcasar.crt.old') && file_exists('/etc/pki/tls/private/alcasar.key.old')){ // An old default certificate exist ? |
echo "<form method=\"post\" action=\"".htmlspecialchars($_SERVER['PHP_SELF'])."\">\n"; |
echo "\t\t\t\t<input type=\"hidden\" name=\"choix\" value=\"set_default_cert\">\n"; |
echo "\t\t\t\t<input type=\"submit\" value=\"$l_default_cert\"> (alcasar.localdomain)<br>\n"; |
echo "\t\t\t</form>\n";} |
if (!empty($LE_conf['domainRequest']) && ($domain != $LE_conf['domainRequest'])) { // A Let's encrypt certificate exist & it's not the active one ? |
echo "\t\t\t<form method=\"post\" action=\"".htmlspecialchars($_SERVER['PHP_SELF'])."\">\n"; |
echo "\t\t\t\t<input type=\"hidden\" name=\"choix\" value=\"set_last_LE_cert\">\n"; |
echo "\t\t\t\t<input type=\"submit\" value=\"".$l_previous_LE_cert."\"> (".$LE_conf['domainRequest'].")\n"; |
echo "\t\t\t</form>\n";} |
?> |
</div> |
</div> |
<div class="panel-row"> |
<div class="panel-cell"> |
<h3><?= $l_upload_certificate ?></h3> |
<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" enctype="multipart/form-data"> |
<?= $l_private_key;?> <input type="file" name="key"><br> |
855,8 → 845,8 |
<input type="hidden" name="choix" value="import_cert"> |
<input type="submit" value="<?= $l_import ?>"> |
</form> |
</td> |
<td width="50%" valign="top"> |
</div> |
<div class="panel-cell"> |
<?php |
// Get step |
if (empty($LE_conf['domainRequest'])) { |
905,8 → 895,8 |
<?php if (isset($cmdResponse)): ?> |
<p><?= $cmdResponse ?></p> |
<?php endif; ?> |
</td> |
</tr> |
</table> |
</div> |
</div> |
</div> |
</body> |
</html> |
/web/acc/menu.php |
---|
160,7 → 160,7 |
<div class="panel-header"> |
<?= $l_menu ?> |
</div> |
<div class="panel-body"> |
<div class="panel-row"> |
<div class="menu"> |
<ul> |
<li><div class="caret"></div><a href="phpsysinfo/" target="REXY2"><?= $l_home ?></a></li> |
230,7 → 230,7 |
<div class="panel-header"> |
Documents |
</div> |
<div class="panel-body"> |
<div class="panel-row"> |
<div class="menu"> |
<ul> |
<li><div class="caret"></div><a href="<?= "alcasar-$installed_version-presentation-$Language.pdf" ?>" target="_blank">Presentation</a></li> |
246,7 → 246,7 |
<div class="panel-header"> |
<?= $l_access_nb ?> |
</div> |
<div class="panel-body" style="text-align: center;"> |
<div class="panel-row" style="text-align: center;"> |
<a href="admin_log.php" target="REXY2"><?= $accAccessCounter ?></a><br> |
<?= $l_since ?> <?= $accAccessFirstDate ?> |
</div> |
/web/css/style.css |
---|
1,6 → 1,6 |
h1 { |
font-family: "DejaVu Sans"; |
font-size: 15pt; |
font-size: 16pt; |
text-align: left; |
color: #666666; |
} |
12,6 → 12,13 |
color: #666666; |
} |
h3 { |
font-family: "DejaVu Sans"; |
font-size: 14pt; |
text-align: center; |
color: #666666; |
} |
:link, :visited, :link:hover, :visited:hover { |
font-family: "DejaVu Sans"; |
font-size: small; |
92,12 → 99,14 |
* Panel |
*/ |
.panel { |
display: table; |
width: 100%; |
border-spacing: 0; |
border-collapse: collapse; |
} |
.panel .panel-header { |
border-bottom: 2px solid #FFCC66; |
display: table-caption; |
border-bottom: 3px solid #FFCC66; |
padding: 0; |
font-family: "DejaVu Sans"; |
font-size: small; |
106,7 → 115,13 |
color: #EFEFEF; |
background-color: #666666; |
} |
.panel .panel-body { |
border: 2px ridge black; |
.panel .panel-row { |
display: table-row; |
border: 1px solid black; |
overflow: auto; |
} |
.panel .panel-cell { |
display: table-cell; |
border: 1px solid black; |
overflow: auto; |
} |