enhance customer set ssl-certificates and improve description, this should fix #1244
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -81,6 +81,13 @@ class DomainSSL {
|
||||
'ssl_cert_file' => makeCorrectFile($sslcertpath.'/'.$domain['domain'].'.crt'),
|
||||
'ssl_key_file' => makeCorrectFile($sslcertpath.'/'.$domain['domain'].'.key')
|
||||
);
|
||||
|
||||
if ($this->_settings['system']['webserver'] == 'lighttpd') {
|
||||
// put my.crt and my.key together for lighty.
|
||||
$dom_certs['ssl_cert_file'] .= $dom_certs['ssl_key_file'];
|
||||
$ssl_files['ssl_key_file'] = '';
|
||||
}
|
||||
|
||||
// initialize optional files
|
||||
$ssl_files['ssl_ca_file'] = '';
|
||||
$ssl_files['ssl_cert_chainfile'] = '';
|
||||
@@ -89,8 +96,13 @@ class DomainSSL {
|
||||
$ssl_files['ssl_ca_file'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_CA.pem');
|
||||
}
|
||||
if ($dom_certs['ssl_cert_chainfile'] != '') {
|
||||
if ($this->_settings['system']['webserver'] == 'nginx') {
|
||||
// put ca.crt in my.crt, as nginx does not support a separate chain file.
|
||||
$dom_certs['ssl_cert_file'] .= $dom_certs['ssl_cert_chainfile'];
|
||||
} else {
|
||||
$ssl_files['ssl_cert_chainfile'] = makeCorrectFile($sslcertpath.'/'.$domain['domain'].'_chain.pem');
|
||||
}
|
||||
}
|
||||
// create them on the filesystem
|
||||
foreach ($ssl_files as $type => $filename) {
|
||||
if ($filename != '') {
|
||||
|
||||
@@ -42,15 +42,6 @@ return array(
|
||||
'rows' => 12,
|
||||
'value' => $result['ssl_key_file']
|
||||
),
|
||||
'ssl_ca_file' => array(
|
||||
'style' => 'vertical-align:top;',
|
||||
'label' => $lng['admin']['ipsandports']['ssl_ca_file_content'],
|
||||
'desc' => $lng['admin']['ipsandports']['ssl_paste_description'],
|
||||
'type' => 'textarea',
|
||||
'cols' => 60,
|
||||
'rows' => 12,
|
||||
'value' => $result['ssl_ca_file']
|
||||
),
|
||||
'ssl_cert_chainfile' => array(
|
||||
'style' => 'vertical-align:top;',
|
||||
'label' => $lng['admin']['ipsandports']['ssl_cert_chainfile_content'],
|
||||
@@ -59,6 +50,15 @@ return array(
|
||||
'cols' => 60,
|
||||
'rows' => 12,
|
||||
'value' => $result['ssl_cert_chainfile']
|
||||
),
|
||||
'ssl_ca_file' => array(
|
||||
'style' => 'vertical-align:top;',
|
||||
'label' => $lng['admin']['ipsandports']['ssl_ca_file_content'],
|
||||
'desc' => $lng['admin']['ipsandports']['ssl_paste_description'],
|
||||
'type' => 'textarea',
|
||||
'cols' => 60,
|
||||
'rows' => 12,
|
||||
'value' => $result['ssl_ca_file']
|
||||
)
|
||||
)
|
||||
)
|
||||
|
||||
@@ -1948,8 +1948,8 @@ $lng['panel']['ssleditor'] = 'SSL settings for this domain';
|
||||
$lng['admin']['ipsandports']['ssl_paste_description'] = 'Paste your complete certificate content in the textbox';
|
||||
$lng['admin']['ipsandports']['ssl_cert_file_content'] = 'Content of the ssl certificate';
|
||||
$lng['admin']['ipsandports']['ssl_key_file_content'] = 'Content of the ssl (private-) key file';
|
||||
$lng['admin']['ipsandports']['ssl_ca_file_content'] = 'Content of the ssl CA file (optional)';
|
||||
$lng['admin']['ipsandports']['ssl_cert_chainfile_content'] = 'Content of the certificate chainfile (optional)';
|
||||
$lng['admin']['ipsandports']['ssl_ca_file_content'] = 'Content of the ssl CA file (optional, client authentification, set this only if you know what it is.)';
|
||||
$lng['admin']['ipsandports']['ssl_cert_chainfile_content'] = 'Content of the certificate chainfile (optional, mostly CA_Bundle, or similar, you probably want to set this if you bought a SSL certificate.)';
|
||||
$lng['error']['sslcertificateismissingprivatekey'] = 'You need to specify a private key for your certificate';
|
||||
$lng['error']['sslcertificatewrongdomain'] = 'The given certificate does not belong to this domain';
|
||||
$lng['error']['sslcertificateinvalidcert'] = 'The given certificate-content does not seem to be a valid certificate';
|
||||
|
||||
@@ -1669,8 +1669,8 @@ $lng['panel']['ssleditor'] = 'SSL-Einstellungen für diese Domain';
|
||||
$lng['admin']['ipsandports']['ssl_paste_description'] = 'Bitte den Inhalt der Zertifikatsdatei in das Textfeld kopieren';
|
||||
$lng['admin']['ipsandports']['ssl_cert_file_content'] = 'Inhalt des SSL-Zertifikats';
|
||||
$lng['admin']['ipsandports']['ssl_key_file_content'] = 'Inhalt der Key-Datei (private key)';
|
||||
$lng['admin']['ipsandports']['ssl_ca_file_content'] = 'Inhalt der SSL-CA-Datei (optional)';
|
||||
$lng['admin']['ipsandports']['ssl_cert_chainfile_content'] = 'Inhalt des Zertifikats-Chainfile (optional)';
|
||||
$lng['admin']['ipsandports']['ssl_ca_file_content'] = 'Inhalt der SSL-CA-Datei (optional, Client Authentifizierung, dieses Feld sollte nur gesetzt werden, wenn es wirklich gebraucht wird.)';
|
||||
$lng['admin']['ipsandports']['ssl_cert_chainfile_content'] = 'Inhalt des Zertifikats-Chainfile (optional, meist CA_Bundle, o.Ä., dies ist das Feld, dass gesetzt werden sollte, wenn ein gekauftes SSL-Zertifikat vorliegt.)';
|
||||
$lng['error']['sslcertificateismissingprivatekey'] = 'Für das Zertifikat muss eine Key-Datei (private key) angegeben werden';
|
||||
$lng['error']['sslcertificatewrongdomain'] = 'Das angegebene Zertifikat gilt nicht für die gewählte Domain';
|
||||
$lng['error']['sslcertificateinvalidcert'] = 'Der angegebene Zertifikatsinhalt scheint kein gültiges Zertifikat zu sein';
|
||||
|
||||
Reference in New Issue
Block a user