File:
[LON-CAPA] /
loncom /
cgi /
loncertstatus.pl
Revision
1.1:
download - view:
text,
annotated -
select for diffs
Mon Jul 25 19:50:01 2016 UTC (7 years, 9 months ago) by
raeburn
Branches:
MAIN
CVS tags:
version_2_12_X,
HEAD
- Use Server Name Indication (SNI) and SSL when replicating content from
/raw/.
- Domain status screen has link to show status of LON-CAPA SSL certificates.
- "SSL" domain config for (a) "internal" LON-CAPA SSL connection to servers/VMs
in other domain, (b) Replication of domain's resources to other domains.
- Replication can use name-based virtual hosts with SSL, with verification of
client certificate (cert: /home/httpd/lonCerts/lonhostnamecert.pem, signed
by LON-CAPA CA, with Common Name of internal-<server hostname>, same IP address
as server hostname).
#!/usr/bin/perl
$|=1;
# Displays status of LON-CAPA SSL certificates in /home/httpd/lonCerts
# on domain's servers.
#
# $Id: loncertstatus.pl,v 1.1 2016/07/25 19:50:01 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#
use strict;
use lib '/home/httpd/lib/perl/';
use Apache::lonlocal();
use Apache::lonhtmlcommon;
use LONCAPA::Configuration();
use LONCAPA::loncgi();
use LONCAPA::lonauthcgi();
use LONCAPA::SSL();
my $perlvar=&LONCAPA::Configuration::read_conf('loncapa.conf');
my $lonhost;
if (ref($perlvar) eq 'HASH') {
my @reqd = qw(lonnetPrivateKey lonnetCertificate lonnetHostnameCertificate
lonnetCertificateAuthority lonCertificateDirectory);
$lonhost = $perlvar->{'lonHostID'};
foreach my $key (keys(%{$perlvar})) {
unless (grep(/^\Q$key\E$/,@reqd)) {
delete($perlvar->{$key});
}
}
}
print &LONCAPA::loncgi::cgi_header('text/html',1);
&main($lonhost);
sub main {
my ($lonhost) = @_;
my $machine_dom = &Apache::lonnet::host_domain($lonhost);
if (&LONCAPA::lonauthcgi::check_ipbased_access('certstatus')) {
&LONCAPA::loncgi::check_cookie_and_load_env();
} else {
if (!&LONCAPA::loncgi::check_cookie_and_load_env()) {
&Apache::lonlocal::get_language_handle();
print(&LONCAPA::loncgi::missing_cookie_msg());
return;
}
if (!&LONCAPA::lonauthcgi::can_view('certstatus')) {
&Apache::lonlocal::get_language_handle();
print(&LONCAPA::lonauthcgi::unauthorized_msg('certstatus'));
return;
}
}
my %domservers = &Apache::lonnet::get_servers($machine_dom);
&Apache::lonlocal::get_language_handle();
&Apache::lonhtmlcommon::add_breadcrumb(
{href=>"/cgi-bin/loncertstatus.pl",
text=>"LON-CAPA Certificate Status"});
print &Apache::loncommon::start_page('LON-CAPA SSL Certificates Status').
&Apache::lonhtmlcommon::breadcrumbs('SSL Certificates');
print &LONCAPA::SSL::print_certstatus(\%domservers,'web','cgi');
print &Apache::loncommon::end_page();
return;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to loncertstatus.pl CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / cgi