add Crypt::createSelfSignedCertificate; bugfix display of no-ssl-ip in domain-add formfield

Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
2022-05-02 08:33:42 +02:00
parent 82ea54863d
commit 7b6d5f1642
2 changed files with 35 additions and 2 deletions
--- a/lib/Froxlor/System/Crypt.php
+++ b/lib/Froxlor/System/Crypt.php
@@ -227,4 +227,37 @@ class Crypt
 		$algo = Settings::Get('system.passwordcryptfunc') !== null ? Settings::Get('system.passwordcryptfunc') : PASSWORD_DEFAULT;
 		return password_hash($password, $algo);
 	}
+
+	/**
+	 * creates a self-signed ECC-certificate for the froxlor-vhost
+	 * and sets the content to the corresponding files set in the
+	 * settings for ssl-certificate-file and ssl-certificate-key
+	 *
+	 * @return void
+	 */
+	public static function createSelfSignedCertificate()
+	{
+		// certificate info
+		$dn = [
+			"countryName" => "DE",
+			"stateOrProvinceName" => "Hessen",
+			"localityName" => "Frankfurt am Main",
+			"organizationName" => "froxlor",
+			"organizationalUnitName" => "froxlor Server Management Panel",
+			"commonName" => Settings::Get('system.hostname'),
+			"emailAddress" => Settings::Get('panel.adminmail')
+		];
+		// create private key
+		$privkey = openssl_pkey_new([
+			"private_key_type" => OPENSSL_KEYTYPE_EC,
+			"curve_name" => 'prime256v1',
+		]);
+		// create signing request
+		$csr = openssl_csr_new($dn, $privkey, array('digest_alg' => 'sha384'));
+		// sign csr
+		$x509 = openssl_csr_sign($csr, null, $privkey, 365, array('digest_alg' => 'sha384'));
+		// export to files
+		openssl_x509_export_to_file($x509, Settings::Get('system.ssl_cert_file'));
+		openssl_pkey_export_to_file($private_key, Settings::Get('system.ssl_key_file'));
+	}
 }
--- a/lib/formfields/admin/domains/formfield.domains_add.php
+++ b/lib/formfields/admin/domains/formfield.domains_add.php
@@ -197,10 +197,10 @@ return [
 						'label' => lng('admin.domain_sslenabled'),
 						'type' => 'checkbox',
 						'value' => '1',
-						'checked' => true
+						'checked' => !empty($ssl_ipsandports)
 					],
 					'no_ssl_available_info' => [
-						'visible' => !empty($ssl_ipsandports),
+						'visible' => empty($ssl_ipsandports),
 						'label' => 'SSL',
 						'type' => 'label',
 						'value' => lng('panel.nosslipsavailable')