📄 importcerts
字号:
## OpenCA - RA Server Command## (c) 1998-2001 by Massimiliano Pala and OpenCA Group#### File Name: importCerts## Brief: Import Certificates exported by the CA## Description: Import Certificates exported by the CA on a removable## media and imports them into the VALID_CERTIFICATE dB.## Parameters: dataTypeif ( $cmd !~ /importCerts/i ) { configError( "Wrong Command Usage ($cmd/importReqs)!" ); exit 1;}## GNU Tar suggested for exporting Certification Request## to the CA. We use the GNU tar because of its availability## for all the platforms and its stability.## Get required parameters from the configuration filemy $command = getRequired( 'UnpackArchive' );my $dev = getRequired( 'ImportDev' );my $tmp = getRequired( 'TempDir' );my $serverDir = getRequired( 'ServerDir' );my $CACertsDir = getRequired( 'CACertsDir' );my $makeCmd = getRequired( 'MakePath' );my ( @lastImport );my ( $dir, $filter, $ret, $ca );my $dataType = $query->param( 'dataType' );if( $dataType eq "VALID_CERTIFICATE" ) { $filter = '[0-9A-F]+\.pem'; $dir = $tmp; $ca = 0;} elsif ( $dataType eq "VALID_CA_CERTIFICATE") { $dir = "$serverDir"; $filter = 'cacert\.(der|pem)'; $ca = 1;} else { configError( "Unsupported dataType ($dataType)" ); exit 1;}## Subtitute $orig and $dest$command = $query->subVar( $command, '$orig', $dev );$command = $query->subVar( $command, '$dest', $tmp );print startLogPage( "Certificate Importing Page");print addLogSection("Certificate Importing ... ");if( not chdir("$tmp")) { print addErrorLog("Can not change dir to $tmp."); closePage(); exit 1;}$ret = `$command 2>&1`;if( $? != 0 ) { print addErrorLog( "De-Archiving Failed from $dev!" ); closePage(); exit;} print addLogLine("Ok.");print addPreLogLine( $ret );print closeLogSection();## we copy to $dir if we have to import cacert.(der|pem)if( $dataType eq "VALID_CA_CERTIFICATE" ) { print addLogSection( "Copying certificates to ($dir) ... " ); if( $ret = copyCerts( "$tmp","$dir", $filter ) ) { print addLogLine("Ok."); print addPreLogLine( $ret ); print closeLogSection(); $filter = 'cacert.pem'; } else { print addErrorLog("Copying failed ($dir)!"); closePage(); exit; } # Now we copy the CA's certificate to the chain dir $tools->copyFiles( SRC => "${serverDir}/cacert.pem", DEST => "${serverDir}/chain/cacert.crt" ); # Let's make Chain verification print addLogSection("Re-Building CA Chain ... "); chdir( "${serverDir}/chain" ); $ret = `$makeCmd`; print addLogLine("Ok."); print addPreLogLine( $ret ); print closeLogSection();}print addLogSection( "Importing new Certificates to dB ... ");opendir( CERTS, "$tmp" ); my @certsList = grep( /$filter/i, readdir( CERTS ) );closedir( CERTS );$ret = "";foreach $tmpCert (@certsList) { my $tmpSerial, $tmpFormat; my $fileName = "$tmp/$tmpCert"; my $certFile = $query->getFile( $fileName ); if ( not $certFile ) { print addErrorLog( "Failed opening ($fileName)."); closePage(); exit; } if( $certFile =~ /BEGIN/gi ) { $tmpFormat = "PEM"; } else { $tmpFormat = "DER"; } my $data = new OpenCA::X509( SHELL =>$cryptoShell, INFILE=>$fileName, FORMAT=>$tmpFormat ); if ( (not $data) or ( not $tmpSerial = $data->getParsed()->{SERIAL})) { print addErrorLog("Failed adding cert to dB(1)!"); closePage(); exit; } if ( not $db->storeItem( DATATYPE=>$dataType, OBJECT=>$data)) { print addErrorLog("Failed adding cert to dB!"); closeLogPage(); exit; } else { my ($tmpLine, $line, $txt); $tmpLine = $data->getParsed()->{SERIAL} . "\n"; push ( @lastImport, $tmpLine ); $txt = ""; foreach $line (@lastImport) { $txt .= $line; }; unlink( "$serverDir/stuff/lastImport.txt" ); save( FILENAME=>"$serverDir/stuff/lastImport.txt", DATA=>$txt ); unlink( "$fileName" ); } $ret .= "Added <I>" . $data->getParsed()->{CN} . " (" . $data->getParsed->{SERIAL} . ")</I><BR>\n";}print addLogLine("Ok.");print addPreLogLine( $ret );print closeLogSection();closePage();1;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -