Euricelia Viana Wanderley schrieb:
>
> hi,
>
> when I try the option "Get Requested Certificate" at the public cgi I
> get the following error message at error log:
>
> "General Error Trapped 700: Command getcert Not Supported ( yet ?!? ).
> at lib//misc-utils.lib line 32."
>
> does it really mean this feature is not implemented yet?
I don't know what's going wrong (I work on 0.9) but I attached the
missing script from the cvs. You must place it in cgi-public/cmds/ (if
you use the default-names).
Cheers,
Michael
-------------------------------------------------------------------
Michael Bell Email (private): [EMAIL PROTECTED]
Rechenzentrum - Datacenter Email: [EMAIL PROTECTED]
Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482
Unter den Linden 6 Fax: +49 (0)30-2093 2959
10099 Berlin
Germany [OpenCA Core Developer]
http://www.openca.org
#!/usr/bin/perl
## Get the User Certificate
## (c) 1998 by Massimiliano Pala - Ver 2.1
## All Rights Reserved
## Version Information
$VER = '2.1.01';
$PRG = 'Certificates Send over HTTP';
## Let's get parameters
my $key = ( $query->param('key') || $query->param('serial') );
my $dataType = ( $query->param('dataType') || "VALID_CERTIFICATE" );
## Certificates directory
my $errPage = getRequired( 'getIDErrForm' );
my $tmpdir = getRequired( 'tempdir' );
## Error if the certificate is not present in DBMS
if ( not ($cert = $db->getItem(DATATYPE=>$dataType,
KEY=>$key )) ) {
sendPage( $errPage );
}
## Get User Agent
my $agent = $query->user_agent();
if ( $agent =~ /MSIE/ ) {
sendCertIE( $key, $cert, $tmpdir );
} else {
sendCertMozilla( $key, $cert );
}
exit 0;
## Subroutines Section : expecially there is room for
## the erro page transmitting.
sub sendPage {
my @keys;
@keys = @_ ;
$filename = $keys[0];
print "Content-type: text/html\n\n";
print $query->getFile( "$filename" );
exit 0;
}
sub sendCertMozilla {
my $key = shift;
my $cert = shift;
my $mimetype = "Content-type: application/x-x509-user-cert\n\n";
my $bgcert = '-----BEGIN CERTIFICATE-----';
my $endcert = '-----END CERTIFICATE-----';
print $mimetype;
print $cert->getPEM();
exit 0;
}
sub sendCertIE {
my $key = shift;
my $cert = shift;
my $tmpdir = shift;
my $cacert = getRequired( "PEMcacert" );
my $iePage = getRequired( 'getID_IE_Page' );
my $page = $tools->getFile( $iePage );
my $tmpfile = "$tmpdir/${$}_cert.pem";
my $pkcs7data = "";
$cryptoShell->dataConvert( DATA=>$cert->getPEM(), DATATYPE=>"CERTIFICATE",
OUTFILE=>"$tmpfile" );
$pkcs7data = $cryptoShell->crl2pkcs7(CERTSLIST=>["$cacert","$tmpfile"]);
$pkcs7data =~ s/-----BEGIN PKCS7-----\n//;
$pkcs7data =~ s/\n-----END PKCS7-----\n*//;
unlink( "$tmpfile" );
$page =~ s/\@pkcs7cert\@/$pkcs7data/g;
print "Content-type: text/html\n\n";
print "$page";
exit 0;
}
