2018-05-02 08:11:01 +00:00
< div id = "certificate-{{ certificate.common_name | replace('@', '--') | replace('.', '-') }}" class = "card filterable mt-3"
data-keywords="{{ certificate.common_name }}|{% if session.authority.tagging %}{% for tag in certificate.tags %}{{ tag.id }}|{% endfor %}{% endif %}{% for key, value in certificate.attributes %}{{ key }}={{ value }}|{% endfor %}">
2017-12-30 13:57:48 +00:00
< div class = "card-header" >
2018-01-23 13:13:49 +00:00
{% if certificate.organizational_unit %}
< i class = "fa fa-folder" aria-hidden = "true" > < / i >
{{ certificate.organizational_unit }} /
{% endif %}
2018-04-27 07:48:15 +00:00
{% if certificate.extensions.extended_key_usage and "server_auth" in certificate.extensions.extended_key_usage %}
2017-12-30 13:57:48 +00:00
< i class = "fa fa-server" > < / i >
2017-03-13 11:42:58 +00:00
{% else %}
2017-12-30 13:57:48 +00:00
< i class = "fa fa-laptop" > < / i >
2017-03-13 11:42:58 +00:00
{% endif %}
2017-12-30 13:57:48 +00:00
{{ certificate.common_name }}
< / div >
< div class = "card-block" >
< p >
< span class = "lease" >
{% if certificate.lease %}
{% include "views/lease.html" %}
{% endif %}
< / span >
2017-03-13 11:42:58 +00:00
2017-12-30 13:57:48 +00:00
Signed
2018-01-23 13:13:49 +00:00
< time class = "timeago" datetime = "{{ certificate.signed }}" > Certificate was signed {{ certificate.signed }}< / time > {% if certificate.signer %} by {{ certificate.signer }}{% endif %},
2017-12-30 13:57:48 +00:00
expires
< time class = "timeago" datetime = "{{ certificate.expires }}" > Certificate expires {{ certificate.expires }}< / time > .
< / p >
2018-01-03 22:12:02 +00:00
< p >
2017-12-30 13:57:48 +00:00
{% if session.authority.tagging %}
2018-01-03 22:12:02 +00:00
< span class = "tags" data-cn = "{{ certificate.common_name }}" >
2017-12-30 13:57:48 +00:00
{% include "views/tags.html" %}
2018-01-03 22:12:02 +00:00
< / span >
2015-11-15 14:55:26 +00:00
{% endif %}
2018-01-03 22:12:02 +00:00
< span class = "attributes" data-cn = "{{ certificate.common_name }}" >
{% include "views/attributes.html" %}
< / span >
< / p >
2017-12-30 13:57:48 +00:00
< div class = "btn-group" >
< button type = "button" class = "btn btn-secondary" data-toggle = "collapse" data-target = "#details-{{ certificate.sha256sum }}" > < i class = "fa fa-list" > < / i > Details< / button >
< button type = "button" class = "btn btn-danger"
onclick="javascript:$(this).button('loading');$.ajax({url:'/api/signed/{{certificate.common_name}}/?sha256sum={{ certificate.sha256sum }}',type:'delete'});">
< i class = "fa fa-ban" > < / i > Revoke< / button >
< button type = "button" class = "btn btn-danger dropdown-toggle dropdown-toggle-split" data-toggle = "dropdown" aria-haspopup = "true" aria-expanded = "false" >
< span class = "sr-only" > Toggle Dropdown< / span >
< / button >
< div class = "dropdown-menu" >
< a class = "dropdown-item" href = "#"
2018-04-27 07:48:15 +00:00
onclick="javascript:$(this).button('loading');$.ajax({url:'/api/signed/{{certificate.common_name}}/?sha256sum={{ certificate.sha256sum }}&reason=key_compromise',type:'delete'}); ">Revoke due to key compromise< / a >
2017-12-30 13:57:48 +00:00
< a class = "dropdown-item" href = "#"
2018-04-27 07:48:15 +00:00
onclick="javascript:$(this).button('loading');$.ajax({url:'/api/signed/{{certificate.common_name}}/?sha256sum={{ certificate.sha256sum }}&reason=cessation_of_operation',type:'delete'}); ">Revoke due to cessation of operation< / a >
2017-12-30 13:57:48 +00:00
< a class = "dropdown-item" href = "#"
2018-04-27 07:48:15 +00:00
onclick="javascript:$(this).button('loading');$.ajax({url:'/api/signed/{{certificate.common_name}}/?sha256sum={{ certificate.sha256sum }}&reason=privilege_withdrawn',type:'delete'}); ">Revoke due to withdrawn privilege< / a >
2017-12-30 13:57:48 +00:00
< / div >
2016-03-21 21:42:39 +00:00
< / div >
2018-01-03 22:12:02 +00:00
< div class = "btn-group" >
{% if session.authority.tagging %}
2018-05-15 07:45:29 +00:00
< button type = "button" class = "btn btn-default" onclick = "onNewTagClicked(event);" data-key = "other" data-cn = "{{ certificate.common_name }}" >
2018-01-03 22:12:02 +00:00
< i class = "fa fa-tag" > < / i > Tag< / button >
< button type = "button" class = "btn btn-default dropdown-toggle dropdown-toggle-split" data-toggle = "dropdown" aria-haspopup = "true" aria-expanded = "false" >
< span class = "sr-only" > Toggle Dropdown< / span >
< / button >
< div class = "dropdown-menu" >
{% for tag_category in session.authority.tagging %}
< a class = "dropdown-item" href = "#" data-key = "{{ tag_category.name }}" data-cn = "{{ certificate.common_name }}"
2018-05-15 07:45:29 +00:00
onclick="onNewTagClicked(event);">{{ tag_category.title }}< / a >
2018-01-03 22:12:02 +00:00
{% endfor %}
< / div >
{% endif %}
< / div >
< div class = "collapse" id = "details-{{ certificate.sha256sum }}" >
2017-12-30 13:57:48 +00:00
< p > To fetch certificate:< / p >
2015-11-15 14:55:26 +00:00
2017-12-30 13:57:48 +00:00
< div class = "bd-example" >
2018-05-15 07:45:29 +00:00
< pre > < code class = "language-sh" data-lang = "sh" > wget < a href = "/api/signed/{{ certificate.common_name }}/" > http://{{ session.authority.hostname }}/api/signed/{{ certificate.common_name }}/< / a >
2018-05-29 09:06:07 +00:00
curl http://{{ session.authority.hostname }}/api/signed/{{ certificate.common_name }}/ \
2017-12-30 13:57:48 +00:00
| openssl x509 -text -noout< / code > < / pre >
< / div >
2015-11-15 14:55:26 +00:00
2018-05-15 07:45:29 +00:00
{% if session.authorization.ocsp_subnets %}
{% if certificate.responder_url %}
< p > To perform online certificate status request{% if "0.0.0.0/0" not in session.authorization.ocsp_subnets %}
from whitelisted {{ session.authorization.ocsp_subnets }} subnets{% endif %}:< / p >
< pre > < code class = "language-bash" data-lang = "bash" > curl http://{{ session.authority.hostname }}/api/certificate > session.pem
2017-12-30 13:57:48 +00:00
openssl ocsp -issuer session.pem -CAfile session.pem \
2018-05-15 07:45:29 +00:00
-url {{ certificate.responder_url }} \
2018-01-03 22:12:02 +00:00
-serial 0x{{ certificate.serial }}< / code > < / pre >
2018-05-15 07:45:29 +00:00
{% else %}
< p > Querying OCSP responder disabled for this certificate, see /etc/certidude/profile.conf how to enable if that's desired< / p >
{% endif %}
2018-04-13 09:53:51 +00:00
{% endif %}
2016-01-10 17:51:54 +00:00
2017-12-30 13:57:48 +00:00
< p > To fetch script:< / p >
2018-05-15 07:45:29 +00:00
< pre > < code class = "language-bash" data-lang = "bash" > curl --cert-status https://{{ session.authority.hostname }}:8443/api/signed/{{ certificate.common_name }}/script/ \
--cacert /etc/certidude/authority/{{ session.authority.hostname }}/ca_cert.pem \
--key /etc/certidude/authority/{{ session.authority.hostname }}/host_key.pem \
--cert /etc/certidude/authority/{{ session.authority.hostname }}/host_cert.pem< / pre > < / code >
2017-01-26 22:14:30 +00:00
2017-12-30 13:57:48 +00:00
< div style = "overflow: auto; max-width: 100%;" >
< table class = "table" id = "signed_certificates" >
< tbody >
2018-01-23 13:13:49 +00:00
< tr > < th > Common name< / th > < td > {{ certificate.common_name }}< / td > < / tr >
< tr > < th > Organizational unit< / th > < td > {% if certificate.organizational_unit %}{{ certificate.organizational_unit }}{% else %}-{% endif %}< / td > < / tr >
2017-12-30 13:57:48 +00:00
< tr > < th > Serial number< / th > < td style = "word-wrap:break-word;" > {{ certificate.serial | serial }}< / td > < / tr >
2018-01-23 13:13:49 +00:00
< tr > < th > Signed< / th > < td > {{ certificate.signed | datetime }}{% if certificate.signer %} by {{ certificate.signer }}{% endif %}< / td > < / tr >
2017-12-30 13:57:48 +00:00
< tr > < th > Expires< / th > < td > {{ certificate.expires | datetime }}< / td > < / tr >
{% if certificate.lease %}
< tr > < th > Lease< / th > < td > < a href = "http://{{ certificate.lease.inner_address }}" > {{ certificate.lease.inner_address }}< / a > at {{ certificate.lease.last_seen | datetime }}
from < a href = "https://geoiptool.com/en/?ip={{ certificate.lease.outer_address }}" target = "_blank" > {{ certificate.lease.outer_address }}< / a >
< / td > < / tr >
{% endif %}
2017-07-05 15:22:03 +00:00
2017-12-30 13:57:48 +00:00
<!--
< tr > < th > MD5< / th > < td > {{ certificate.md5sum }}< / td > < / tr >
< tr > < th > SHA1< / th > < td > {{ certificate.sha1sum }}< / td > < / tr >
-->
< tr > < th > SHA256< / th > < td style = "word-wrap:break-word; overflow-wrap: break-word; " > {{ certificate.sha256sum }}< / td > < / tr >
2018-05-15 07:45:29 +00:00
{% if certificate.key_usage %}
< tr > < th > Key usage< / th > < td > {{ certificate.key_usage | join(", ") | replace("_", " ") }}< / td > < / tr >
{% endif %}
{% if certificate.extended_key_usage %}
< tr > < th > Extended key usage< / th > < td > {{ certificate.extended_key_usage | join(", ") | replace("_", " ") }}< / td > < / tr >
2018-04-27 07:48:15 +00:00
{% endif %}
2017-12-30 13:57:48 +00:00
< / tbody >
< / table >
< / div >
2017-07-05 15:22:03 +00:00
< / div >
2017-12-30 13:57:48 +00:00
< / div >
< / div >