From 657eb01736efe577afb40e1c48252d607bb9cc10 Mon Sep 17 00:00:00 2001 From: Jamie Cameron Date: Fri, 18 May 2007 19:12:10 +0000 Subject: [PATCH] Added PKCS12 download link --- webmin/CHANGELOG | 2 +- webmin/download_cert.cgi | 16 +++++++++++++--- webmin/edit_ssl.cgi | 8 ++++++-- webmin/lang/en | 3 ++- webmin/webmin-lib.pl | 23 +++++++++++++++++++++++ 5 files changed, 45 insertions(+), 7 deletions(-) diff --git a/webmin/CHANGELOG b/webmin/CHANGELOG index 44acb3af4..49e82bd05 100644 --- a/webmin/CHANGELOG +++ b/webmin/CHANGELOG @@ -59,4 +59,4 @@ Converted many pages to use new ui-lib.pl functions, and broke down long forms u When Webmin's detected OS is automatically updated, Usermin's will be too (if it is an equivalent version). ---- Changes since 1.340 ---- Added an option to the Proxy Servers form to fallback to a direct connection if the proxy is down. -Added a tab showing details of the current cert, with a link to download in PEM format. +Added a tab showing details of the current cert, with a link to download in PEM or PKCS12 format. diff --git a/webmin/download_cert.cgi b/webmin/download_cert.cgi index 13065eabd..ff97e3162 100644 --- a/webmin/download_cert.cgi +++ b/webmin/download_cert.cgi @@ -1,13 +1,23 @@ #!/usr/local/bin/perl -# Output the certificate in PEM format +# Output the certificate in PEM or PKCS12 format require './webmin-lib.pl'; &ReadParse(); &get_miniserv_config(\%miniserv); -$data = &cert_pem_data($miniserv{'certfile'} || $miniserv{'keyfile'}); + +if ($ENV{'PATH_INFO'} =~ /\.p12$/) { + # PKCS12 format + $data = &cert_pkcs12_data($miniserv{'keyfile'}, $miniserv{'certfile'}); + $type = "application/x-pkcs12"; + } +else { + # PEM format + $data = &cert_pem_data($miniserv{'certfile'} || $miniserv{'keyfile'}); + $type = "text/plain"; + } if ($data) { - print "Content-type: text/plain\n\n"; + print "Content-type: $type\n\n"; print $data; } else { diff --git a/webmin/edit_ssl.cgi b/webmin/edit_ssl.cgi index 560b452e7..ed0ae4a81 100755 --- a/webmin/edit_ssl.cgi +++ b/webmin/edit_ssl.cgi @@ -72,9 +72,13 @@ foreach $i ('cn', 'o', 'email', 'issuer_cn', 'issuer_o', 'issuer_email', print &ui_table_row($text{'ca_'.$i}, $info->{$i}); } } -print &ui_table_row($text{'ssl_download'}, +@clinks = ( "". - "$text{'ssl_pem'}"); + "$text{'ssl_pem'}", + "". + "$text{'ssl_pkcs12'}" + ); +print &ui_table_row($text{'ssl_download'}, &ui_links_row(\@clinks)); print &ui_table_end(); print &ui_tabs_end_tab(); diff --git a/webmin/lang/en b/webmin/lang/en index 338e677f8..770681395 100644 --- a/webmin/lang/en +++ b/webmin/lang/en @@ -342,7 +342,8 @@ ssl_cheader=Details of current certificate ssl_typeself=Self-signed ssl_typereal=Signed by CA ssl_download=Download certificate -ssl_pem=PEM format.. +ssl_pem=PEM format +ssl_pkcs12=PKCS12 format ssl_current=This section shows the details of the current Webmin SSL certificate, and allows it to be downloaded so that it can be accepted by your browser. ssl_edownload=Failed to extract PEM data from certificate diff --git a/webmin/webmin-lib.pl b/webmin/webmin-lib.pl index 93a363fb2..2ff62b218 100644 --- a/webmin/webmin-lib.pl +++ b/webmin/webmin-lib.pl @@ -1187,4 +1187,27 @@ if ($data =~ /(-----BEGIN\s+CERTIFICATE-----\n([A-Za-z0-9\+\/=\n\r]+)-----END\s+ return undef; } +# cert_pkcs12_data(keyfile, [certfile]) +# Returns a cert in PKCS12 format +sub cert_pkcs12_data +{ +local ($keyfile, $certfile) = @_; +if ($certfile) { + open(OUT, "openssl pkcs12 -in ".quotemeta($certfile). + " -inkey ".quotemeta($keyfile). + " -export -passout pass: -nokeys |"); + } +else { + open(OUT, "openssl pkcs12 -in ".quotemeta($keyfile). + " -export -passout pass: -nokeys |"); + } +while() { + $data .= $_; + } +close(OUT); +return $data; +} + + + 1;