Browse code

Letsencrypt vorbereitet und Default-Bitlänge auf 2048 zurückgesetzt

Bernd Wurst authored on30/11/2015 11:31:44
Showing4 changed files
... ...
@@ -232,6 +232,9 @@ $extended = '';
232 232
     {
233 233
       $certselect[$c['id']] = $c['subject'];
234 234
     }
235
+    if ($vhost['certid'] == 0 && strstr($vhost['options'], 'letsencrypt')) {
236
+      $vhost['certid'] = -1;
237
+    }
235 238
     $extended .= "
236 239
       <h5>verwendetes SSL-Zertifikat</h5>
237 240
       <div style=\"margin-left: 2em;\">
... ...
@@ -174,7 +174,11 @@ validTo_time_t => 1267190790
174 174
   */
175 175
   DEBUG($certdata);
176 176
   //return array('subject' => $certdata['name'], 'cn' => $certdata['subject']['CN'], 'valid_from' => date('Y-m-d', $certdata['validFrom_time_t']), 'valid_until' => date('Y-m-d', $certdata['validTo_time_t']));
177
-  return array('subject' => $certdata['subject']['CN'].' / '.$certdata['issuer']['O'], 'cn' => $certdata['subject']['CN'], 'valid_from' => date('Y-m-d', $certdata['validFrom_time_t']), 'valid_until' => date('Y-m-d', $certdata['validTo_time_t']), 'issuer' => $certdata['issuer']['CN']);
177
+  $issuer = $certdata['issuer']['CN'];
178
+  if (isset($certdata['issuer']['O'])) {
179
+    $issuer = $certdata['issuer']['O'];
180
+  }
181
+  return array('subject' => $certdata['subject']['CN'].' / '.$issuer, 'cn' => $certdata['subject']['CN'], 'valid_from' => date('Y-m-d', $certdata['validFrom_time_t']), 'valid_until' => date('Y-m-d', $certdata['validTo_time_t']), 'issuer' => $certdata['issuer']['CN']);
178 182
 }
179 183
 
180 184
 
... ...
@@ -36,7 +36,7 @@ Einstellungen stehen Ihnen die OpenSSL-Programme in Ihrem Benutzeraccount zur Ve
36 36
 $bitselect = array(2048 => 2048, 4096 => 4096);
37 37
 
38 38
 $form = '<p><label for="commonname">Domain-/Hostname:</label> <input type="text" name="commonname" id="commonname" /> (Mehrere Hostnames ggf. mit Komma trennen.)</p>
39
-<p><label for="bitlength">Bitlänge:</label> '.html_select('bitlength', $bitselect, 4096).'</p>
39
+<p><label for="bitlength">Bitlänge:</label> '.html_select('bitlength', $bitselect, 2048).'</p>
40 40
 <p><input type="submit" value="Erzeugen" /></p>';
41 41
 
42 42
 output(html_form('vhosts_csr', 'savecert', 'action=newcsr', $form));
... ...
@@ -218,6 +218,11 @@ if ($_GET['action'] == 'edit')
218 218
   }
219 219
   if ($cert == -1) {
220 220
     array_push($new_options, 'letsencrypt');
221
+    if ($vhost['cert'] != 0) {
222
+      # FIXME: Wenn der User manuell von einem gültigen Cert auf "letsencrypt" umgestellt hat, 
223
+      # dann sollte das alte Cert noch so lange eingetragen bleiben bis das neue da ist.
224
+      $cert = $vhost['cert']
225
+    }
221 226
   }
222 227
 
223 228
   DEBUG($old_options);