From 620c085ebf96ba93a83c249e874060d669edbf28 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Wed, 1 Dec 2010 21:46:38 -0600 Subject: Certificate management with self-signed CA The certificate_status_widget has been modified to check for the environment variable ra_plugin to determine the CA used by IPA server. If self-signed CA is used, some operations will not be available (e.g. checking certificate status, revoking/restoring certificate), so the corresponding interface will be hidden. Other operations such as creating new certificate and viewing certificate are still available. --- install/static/certificate.js | 69 +++++++++++++++++++++++++++---------------- 1 file changed, 43 insertions(+), 26 deletions(-) (limited to 'install') diff --git a/install/static/certificate.js b/install/static/certificate.js index 449b8f17..67f9b1b3 100755 --- a/install/static/certificate.js +++ b/install/static/certificate.js @@ -404,6 +404,10 @@ function certificate_status_widget(spec) { that.get_entity_principal = spec.get_entity_principal; that.get_entity_certificate = spec.get_entity_certificate; + that.is_selfsign = function() { + return IPA.env.ra_plugin == 'selfsign'; + }; + that.create = function(container) { that.widget_create(container); @@ -428,11 +432,13 @@ function certificate_status_widget(spec) { 'value': 'Get' }).appendTo(td); - $('', { - 'type': 'button', - 'name': 'revoke', - 'value': 'Revoke' - }).appendTo(td); + if (!that.is_selfsign()) { + $('', { + 'type': 'button', + 'name': 'revoke', + 'value': 'Revoke' + }).appendTo(td); + } $('', { 'type': 'button', @@ -440,27 +446,29 @@ function certificate_status_widget(spec) { 'value': 'View' }).appendTo(td); - tr = $('').appendTo(table); + if (!that.is_selfsign()) { + tr = $('').appendTo(table); - td = $('').appendTo(tr); - $('
  • ', { - 'class': 'certificate-status-revoked' - }).appendTo(td); + td = $('').appendTo(tr); + $('
  • ', { + 'class': 'certificate-status-revoked' + }).appendTo(td); - td = $('').appendTo(tr); - td.append('Certificate Revoked:'); + td = $('').appendTo(tr); + td.append('Certificate Revoked:'); - td = $('').appendTo(tr); - td.append($('', { - 'name': 'revocation_reason' - })); - td.append(' '); + td = $('').appendTo(tr); + td.append($('', { + 'name': 'revocation_reason' + })); + td.append(' '); - $('', { - 'type': 'button', - 'name': 'restore', - 'value': 'Restore' - }).appendTo(td); + $('', { + 'type': 'button', + 'name': 'restore', + 'value': 'Restore' + }).appendTo(td); + } tr = $('').appendTo(table); @@ -567,17 +575,26 @@ function certificate_status_widget(spec) { function set_status(status, revocation_reason) { that.valid.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_VALID); - that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED); that.missing.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_MISSING); that.get_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); - that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); that.view_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); - that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]); - that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden'); + + if (!that.is_selfsign()) { + that.revoked.toggleClass('certificate-status-active', status == CERTIFICATE_STATUS_REVOKED); + that.revoke_button.css('visibility', status == CERTIFICATE_STATUS_VALID ? 'visible' : 'hidden'); + that.revocation_reason.html(revocation_reason == undefined ? '' : CRL_REASON[revocation_reason]); + that.restore_button.css('visibility', revocation_reason == 6 ? 'visible' : 'hidden'); + } } function check_status(serial_number) { + + if (that.is_selfsign()) { + set_status(CERTIFICATE_STATUS_VALID); + return; + } + ipa_cmd( 'cert_show', [serial_number], -- cgit