diff options
author | Endi S. Dewata <edewata@redhat.com> | 2010-12-01 21:46:38 -0600 |
---|---|---|
committer | Adam Young <ayoung@redhat.com> | 2010-12-02 11:54:58 -0500 |
commit | 620c085ebf96ba93a83c249e874060d669edbf28 (patch) | |
tree | 32a43b4d67a5387c49e3aa1b763378fc4e33ff6e | |
parent | 27b01cb628a94535fe3d1bdaa2f7e3899d631317 (diff) | |
download | freeipa-620c085ebf96ba93a83c249e874060d669edbf28.tar.gz freeipa-620c085ebf96ba93a83c249e874060d669edbf28.tar.xz freeipa-620c085ebf96ba93a83c249e874060d669edbf28.zip |
Certificate management with self-signed CA
The certificate_status_widget has been modified to check for the
environment variable ra_plugin to determine the CA used by IPA
server. If self-signed CA is used, some operations will not be
available (e.g. checking certificate status, revoking/restoring
certificate), so the corresponding interface will be hidden. Other
operations such as creating new certificate and viewing certificate
are still available.
-rwxr-xr-x | install/static/certificate.js | 69 |
1 files changed, 43 insertions, 26 deletions
diff --git a/install/static/certificate.js b/install/static/certificate.js index 449b8f17..67f9b1b3 100755 --- a/install/static/certificate.js +++ b/install/static/certificate.js @@ -404,6 +404,10 @@ function certificate_status_widget(spec) { that.get_entity_principal = spec.get_entity_principal; that.get_entity_certificate = spec.get_entity_certificate; + that.is_selfsign = function() { + return IPA.env.ra_plugin == 'selfsign'; + }; + that.create = function(container) { that.widget_create(container); @@ -428,11 +432,13 @@ function certificate_status_widget(spec) { 'value': 'Get' }).appendTo(td); - $('<input/>', { - 'type': 'button', - 'name': 'revoke', - 'value': 'Revoke' - }).appendTo(td); + if (!that.is_selfsign()) { + $('<input/>', { + 'type': 'button', + 'name': 'revoke', + 'value': 'Revoke' + }).appendTo(td); + } $('<input/>', { 'type': 'button', @@ -440,27 +446,29 @@ function certificate_status_widget(spec) { 'value': 'View' }).appendTo(td); - tr = $('<tr/>').appendTo(table); + if (!that.is_selfsign()) { + tr = $('<tr/>').appendTo(table); - td = $('<td/>').appendTo(tr); - $('<li/>', { - 'class': 'certificate-status-revoked' - }).appendTo(td); + td = $('<td/>').appendTo(tr); + $('<li/>', { + 'class': 'certificate-status-revoked' + }).appendTo(td); - td = $('<td/>').appendTo(tr); - td.append('Certificate Revoked:'); + td = $('<td/>').appendTo(tr); + td.append('Certificate Revoked:'); - td = $('<td/>').appendTo(tr); - td.append($('<span/>', { - 'name': 'revocation_reason' - })); - td.append(' '); + td = $('<td/>').appendTo(tr); + td.append($('<span/>', { + 'name': 'revocation_reason' + })); + td.append(' '); - $('<input/>', { - 'type': 'button', - 'name': 'restore', - 'value': 'Restore' - }).appendTo(td); + $('<input/>', { + 'type': 'button', + 'name': 'restore', + 'value': 'Restore' + }).appendTo(td); + } tr = $('<tr/>').appendTo(table); @@ -567,17 +575,26 @@ function certificate_status_widget(spec) { function set_status(status, revocation_reason) { that.valid.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_VALID); - that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED); that.missing.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_MISSING); that.get_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); - that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); that.view_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); - that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]); - that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden'); + + if (!that.is_selfsign()) { + that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED); + that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); + that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]); + that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden'); + } } function check_status(serial_number) { + + if (that.is_selfsign()) { + set_status(CERTIFICATE_STATUS_VALID); + return; + } + ipa_cmd( 'cert_show', [serial_number], |