{% if certificate.lease %} {% include "views/lease.html" %} {% endif %} Signed {% if certificate.signer %} by {{ certificate.signer }}{% endif %}, expires .
{% if session.tagging %} {% include "views/attributes.html" %}
{% endif %}To launch shell for this device, click here
To fetch certificate:
wget http://{{ authority.namespace }}/api/signed/{{ certificate.common_name }}
curl -L http://{{ authority.namespace }}/api/signed/{{ certificate.common_name }}/ \
| openssl x509 -text -noout
To perform online certificate status request{% if "0.0.0.0/0" not in session.authorization.ocsp_subnets %} from whitelisted {{ session.authorization.ocsp_subnets }} subnets{% endif %}:
curl http://{{ authority.namespace }}/api/certificate > session.pem
openssl ocsp -issuer session.pem -CAfile session.pem \
-url {{ certificate.responder_url }} \
-serial 0x{{ certificate.serial }}
{% else %}
Querying OCSP responder disabled for this certificate, see /etc/certidude/profile.conf how to enable if that's desired
{% endif %} {% endif %}To fetch script:
curl -L --cert-status https://{{ authority.namespace }}:8443/api/signed/{{ certificate.common_name }}/script/ \
--cacert /etc/certidude/authority/{{ authority.namespace }}/ca_cert.pem \
--key /etc/certidude/authority/{{ authority.namespace }}/host_key.pem \
--cert /etc/certidude/authority/{{ authority.namespace }}/host_cert.pem
Common name | {{ certificate.common_name }} |
---|---|
Organizational unit | {% if certificate.organizational_unit %}{{ certificate.organizational_unit }}{% else %}-{% endif %} |
Serial number | {{ certificate.serial | serial }} |
Signed | {{ certificate.signed | datetime }}{% if certificate.signer %} by {{ certificate.signer }}{% endif %} |
Expires | {{ certificate.expires | datetime }} |
Lease | {{ certificate.lease.inner_address }} at {{ certificate.lease.last_seen | datetime }} from {{ certificate.lease.outer_address }} |
SHA256 | {{ certificate.sha256sum }} |
Key usage | {{ certificate.key_usage | join(", ") | replace("_", " ") }} |
Extended key usage | {{ certificate.extended_key_usage | join(", ") | replace("_", " ") }} |