<%args> $identifier => undef $revocation => undef

<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_API_CERT_INFO_TITLE', __SERIAL__ => $serial) %>

% if ($status eq 'REVOKED') {

<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_API_CERT_INFO_REVOKED_DESC') %>

% } % elsif ($status eq 'SUSPENDED') {

<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_API_CERT_INFO_SUSPENDED_DESC') %>

% } % elsif ($status eq 'CRL_ISSUANCE_PENDING') {

<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_API_CERT_INFO_CRL_ISSUANCE_PENDING_DESC') %>

% } % if (scalar @subject_alt_names) { % for (my $i = 1; $i < scalar @subject_alt_names; $i++) { % } % } % if ($extended_keyusage) { % } % % # get the workflow identifiers related to this certificate % my $message = $context->{client}->send_receive_command_msg ( "get_workflow_ids_for_cert", { 'CSR_SERIAL' => $csr_serial } ); % my $workflow_identifiers = $message->{'PARAMS'}; %
<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_TABLE_HEAD_NAME') %> <% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_TABLE_HEAD_VALUE') %>
<% i18nGettext('I18N_OPENXPKI_CERT_SUBJECT') %> <% $subject %>
% if (scalar @subject_alt_names > 1) { <% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_WORKFLOW_CSR_CERT_SUBJECT_ALT_NAMES') %> % } % else { <% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_WORKFLOW_CSR_CERT_SUBJECT_ALT_NAME') %> % } <% $subject_alt_names[0] %>
<% $subject_alt_names[$i] %>
<% i18nGettext('I18N_OPENXPKI_CERT_FINGERPRINT') %> <% $fingerprint %>
<% i18nGettext('I18N_OPENXPKI_CERT_VALIDITY') %> <% OpenXPKI::DateTime::convert_date({ DATE => DateTime->from_epoch(epoch => delete $params->{NOTBEFORE}), OUTFORMAT => 'printable' }) %> UTC - <% OpenXPKI::DateTime::convert_date({ DATE => DateTime->from_epoch(epoch => delete $params->{NOTAFTER}), OUTFORMAT => 'printable' }) %> UTC % if ($not_yet_valid) { (<% i18nGettext('I18N_OPENXPKI_CERT_NOT_YET_VALID') %>) % } % if ($expired) { (<% i18nGettext('I18N_OPENXPKI_CERT_EXPIRED') %>) % }
<% i18nGettext('I18N_OPENXPKI_CERT_ISSUER') %> <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/cert_info.html', label => $issuer, params => [ [ 'identifier', $issuer_identifier ], ], &>
<% i18nGettext('I18N_OPENXPKI_CERT_KEYUSAGE') %> <% $keyusage %>
<% i18nGettext('I18N_OPENXPKI_CERT_EXTENDED_KEYUSAGE') %> <% $extended_keyusage %>
<% i18nGettext('I18N_OPENXPKI_CERT_WORKFLOWS') %> % % if (ref $workflow_identifiers ne 'ARRAY') { % $workflow_identifiers = []; % } % my $workflow_count = scalar @{$workflow_identifiers}; % % foreach my $workflow_serial_info ( @{$workflow_identifiers} ) { % my $workflow_serial = $workflow_serial_info->{'WORKFLOW.WORKFLOW_SERIAL'}; % my $workflow_type = $workflow_serial_info->{'WORKFLOW.WORKFLOW_TYPE'}; % % # certificate issuance workflow % if ( $workflow_type eq 'I18N_OPENXPKI_WF_TYPE_CERTIFICATE_ISSUANCE' ) { % <& /lib/html/a.mhtml, target => '../workflow/show_instance.html', label => i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_CERT_ISSUANCE_WORKFLOW_LINK', '__SERIAL__' => $workflow_serial), params => [["id", $workflow_serial]] &> % % } % % # certificate signing request workflow % if ( $workflow_type eq 'I18N_OPENXPKI_WF_TYPE_CERTIFICATE_SIGNING_REQUEST' ) { % <& /lib/html/a.mhtml, target => '../workflow/show_instance.html', label => i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_CERT_SIGNING_REQUEST_WORKFLOW_LINK', '__SERIAL__' => $workflow_serial), params => [["id", $workflow_serial]] &> % % } % % $workflow_count--; % if ( $workflow_count > 0 ) { % print ", "; % } % } %

<& /lib/html/a.mhtml, target => 'cert_full_info.html', label => i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_FULL_CERT_INFO_LINK'), params => [["identifier", $identifier]] &>


% if ($private_key eq 'private_key_exists_for_cert' || % $private_key eq '') { % } % if ($private_key ne 'private_key_exists_for_cert' && % $private_key ne '') {
<% i18nGettext('I18N_OPENXPKI_CLIENT_HTML_MASON_CERT_INFO_INSTALL_IN_BROWSER') %> <& /lib/html/a.mhtml, target => '../../binary/get_certificate.html', label => i18nGettext('I18N_OPENXPKI_CERT_DOWNLOAD_FIREFOX_INSTALL'), params => [["identifier", $identifier], ["content_type", "X509_USER_CERT"], ["format", "PEM"]] &> | <& /lib/html/a.mhtml, target => 'cert_enroll_ie.html', label => i18nGettext('I18N_OPENXPKI_CERT_DOWNLOAD_IE_ENROLL'), params => [["identifier", $identifier]] &>
<% i18nGettext('I18N_OPENXPKI_CERT_DOWNLOAD') %> <& /lib/html/a.mhtml, target => '../../binary/get_certificate.html', label => 'PEM', params => [["identifier", $identifier], ["content_type", "PLAIN"], ["format", "PEM"]] &> | <& /lib/html/a.mhtml, target => '../../binary/get_certificate.crt', label => 'DER', params => [["identifier", $identifier], ["content_type", "DOWNLOAD"], ["format", "DER"]] &> | <& /lib/html/a.mhtml, target => '../../binary/get_certificate.html', label => 'TXT', params => [["identifier", $identifier], ["content_type", "PLAIN"], ["format", "TXT"]] &>

<% i18nGettext('I18N_OPENXPKI_CERT_DOWNLOAD_PRIV_KEY_EXISTS') %>

% }
<% i18nGettext('I18N_OPENXPKI_PRIVKEY_DOWNLOAD') %> <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/get_privkey_password.html', label => 'PKCS#8 (PEM)', params => [["identifier", $identifier], ["format", "PKCS8_PEM"]] &> | <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/get_privkey_password.html', label => 'PKCS#8 (DER)', params => [["identifier", $identifier], ["format", "PKCS8_DER"]] &> | <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/get_privkey_password.html', label => 'OpenSSL (PEM)', params => [["identifier", $identifier], ["format", "OPENSSL_PRIVKEY"]] &>
<% i18nGettext('I18N_OPENXPKI_PRIVKEY_AND_CERT_DOWNLOAD') %> <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/get_privkey_password.html', label => 'PKCS#12', params => [["identifier", $identifier], ["format", "PKCS12"]] &> | <& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/api/get_privkey_password.html', label => i18nGettext('I18N_OPENXPKI_KEY_DOWNLOAD_JAVA_KEYSTORE'), params => [["identifier", $identifier], ["format", "JAVA_KEYSTORE"]] &>
% if ($revocation) {
<& /lib/html/a.mhtml, target => $context->{menu}->get_root() . '/service/create_crr/form.html', label => i18nGettext('I18N_OPENXPKI_HTML_MASON_CERT_INFO_NEW_CRR'), params => [["cert_identifier", $identifier]], &> % } <%init> my $msg = $context->{client}->send_receive_command_msg ( "get_cert", {'IDENTIFIER' => $identifier}); #print Dumper($msg)."\n"; my $params = $msg->{PARAMS}->{BODY}; my $subject = $params->{SUBJECT}; $subject =~ s/,/, /g; my $notbefore = $params->{NOTBEFORE}; my $notafter = $params->{NOTAFTER}; my $issuer = $params->{ISSUER}; $issuer =~ s/,/, /g; my $issuer_identifier = $msg->{PARAMS}->{ISSUER_IDENTIFIER}; my $csr_serial = $msg->{PARAMS}->{CSR_SERIAL}; my $fingerprint = $params->{FINGERPRINT}; my $serial = $params->{SERIAL}; $serial .= ' (0x' . $params->{SERIAL_HEX} . ')'; my $serial_dec = $params->{SERIAL}; my $status = $msg->{PARAMS}->{STATUS}; my $keyusage; my $extended_keyusage; if (ref $params->{OPENSSL_EXTENSIONS}->{'X509v3 Key Usage'} eq 'ARRAY') { $keyusage = join q{,}, @{ $params->{OPENSSL_EXTENSIONS}->{'X509v3 Key Usage'} }; } if (ref $params->{OPENSSL_EXTENSIONS}->{'X509v3 Extended Key Usage'} eq 'ARRAY') { $extended_keyusage = join q{,}, @{ $params->{OPENSSL_EXTENSIONS}->{'X509v3 Extended Key Usage'} }; } my @subject_alt_names = (); if (ref $params->{OPENSSL_EXTENSIONS}->{'X509v3 Subject Alternative Name'} eq 'ARRAY') { @subject_alt_names = split q{, }, $params->{OPENSSL_EXTENSIONS}->{'X509v3 Subject Alternative Name'}->[0]; } foreach my $san (@subject_alt_names) { $san =~ s/:/: /; } my $now = time(); my $not_yet_valid; my $expired; if ($now < $notbefore) { $not_yet_valid = 1; } if ($now > $notafter) { $expired = 1; } # retrieve CSR workflow and look for a private_key field my $p_msg = $context->{client}->send_receive_command_msg( 'private_key_exists_for_cert', { IDENTIFIER => $identifier, } ); my $private_key = $p_msg->{PARAMS}; <%once> use Data::Dumper; use OpenXPKI::DateTime; use DateTime;