{% if certificate.organizational_unit %} {{ certificate.organizational_unit }} / {% endif %} {% if certificate.extensions.extended_key_usage and "server_auth" in certificate.extensions.extended_key_usage %} {% else %} {% endif %} {{ certificate.common_name }}

{% if certificate.lease %} {% include "views/lease.html" %} {% endif %} Approved {% if certificate.signer %} by {{ certificate.signer }}{% endif %}, expires .

{% if session.tagging %} {% include "views/tags.html" %} {% endif %} {% include "views/attributes.html" %}

{% if certificate.disabled %} {% else %} {% endif %}
{% if session.tagging %} {% endif %}

To launch shell for this device, click here

To fetch certificate:

wget http://{{ authority.namespace }}/api/signed/{{ certificate.common_name }}
curl -L http://{{ authority.namespace }}/api/signed/{{ certificate.common_name }}/ \
  | openssl x509 -text -noout
{% if session.authorization.ocsp_subnets %} {% if certificate.responder_url %}

To perform online certificate status request{% if "0.0.0.0/0" not in session.authorization.ocsp_subnets %} from whitelisted {{ session.authorization.ocsp_subnets }} subnets{% endif %}:

curl http://{{ authority.namespace }}/api/certificate > session.pem
openssl ocsp -issuer session.pem -CAfile session.pem \
  -url {{ certificate.responder_url }} \
  -serial 0x{{ certificate.serial }}
{% else %}

Querying OCSP responder disabled for this certificate, see /etc/certidude/profile.conf how to enable if that's desired

{% endif %} {% endif %}

To fetch script:

curl -L --cert-status https://{{ authority.namespace }}:8443/api/signed/{{ certificate.common_name }}/script/ \
    --cacert /etc/certidude/authority/{{ authority.namespace }}/ca_cert.pem \
    --key /etc/certidude/authority/{{ authority.namespace }}/host_key.pem \
    --cert /etc/certidude/authority/{{ authority.namespace }}/host_cert.pem
{% if certificate.lease %} {% endif %} {% if certificate.key_usage %} {% endif %} {% if certificate.extended_key_usage %} {% endif %}
Common name{{ certificate.common_name }}
Organizational unit{% if certificate.organizational_unit %}{{ certificate.organizational_unit }}{% else %}-{% endif %}
Serial number{{ certificate.serial | serial }}
Signed{{ certificate.signed | datetime }}{% if certificate.signer %} by {{ certificate.signer }}{% endif %}
Expires{{ certificate.expires | datetime }}
Lease{{ certificate.lease.inner_address }} at {{ certificate.lease.last_seen | datetime }} from {{ certificate.lease.outer_address }}
SHA256{{ certificate.sha256sum }}
Key usage{{ certificate.key_usage | join(", ") | replace("_", " ") }}
Extended key usage{{ certificate.extended_key_usage | join(", ") | replace("_", " ") }}