[% USE CPIcons; USE CPList; USE SSL; USE JSON; USE Geo; USE CPScalar; # CONSTANTS SET SHOW_HELPER_LINKS_RECORD_COUNT = 10; SET MINIMUM_MODULUS_LENGTH = SSL.DEFAULT_KEY_SIZE; SET CPANEL.CPVAR.dprefix = '../'; SET SYSTEM_DEFAULT_KEY_TYPE = SSL.key_types_and_labels().0; SET DEFAULT_NEW_KEY_TYPE = SSL.default_key_type() || SYSTEM_DEFAULT_KEY_TYPE.type; SET DEFAULT_NEW_KEY_LABEL = ""; FOREACH key_type = SSL.key_types_and_labels(); IF DEFAULT_NEW_KEY_TYPE == key_type.type; DEFAULT_NEW_KEY_LABEL = key_type.label; END; END; # Fetch the certificates for this user SET list_certs = execute('SSL', 'list_certs', { 'api.sort_column' => 'subject.commonName', } ); SET expiration_times = list_certs.data.ofeach('not_after'); IF expiration_times && expiration_times.size() > 0; FOR exp_time = expiration_times; expiration_times.${loop.index} = exp_time + 1; END; SET expiration_date = locale.get_lookup_hash_of_multi_epoch_datetime( expiration_times, 'date_format_short' ); SET expiration_datetime = locale.get_lookup_hash_of_multi_epoch_datetime( expiration_times, 'datetime_format_short' ); ELSE; SET expiration_date = 0; SET expiration_datetime = 0; END; # Fetch the keys for this user. SET list_keys = execute('SSL', 'list_keys', { 'api.sort_column' => 'friendly_name', } ); SET has_certs_error = !list_certs.status; SET has_certs_data = !has_certs_error && list_certs.data.size; SET list_count = list_certs.data ? list_certs.data.size() : 0; #Domains SET list_mail_domains = execute('WebVhosts','list_domains', { 'api.sort_column' => 'domain', }); %] [% js_code = PROCESS js_block %] [% WRAPPER '_assets/master.html.tt' app_key = 'ssl_tls' include_legacy_scripts = 1 include_cjt = 1 page_js = js_code embed_stylesheets = ["css/ssl.css"] page_stylesheets = ["css2-min/ssl/crts.css"] -%] [% PROCESS _assets/_ajaxapp_header.html.tt -%]
[% IF list_count > SHOW_HELPER_LINKS_RECORD_COUNT %] [% END %]

[% locale.maketext('SSL Certificates') %]

[% locale.maketext('You can use a self-signed certificate or a trusted certificate from an SSL Certificate Authority. If you plan to use a self-signed certificate for one of your sites, you can generate it below. To use a trusted certificate, upload or provide the certificate below, after you have received the SSL certificate from your trusted provider.') %]

[% locale.maketext("Certificates on Server") %]

[% IF list_certs.data.size %] [% SET warn_icon = CPIcons.get_common_icon_markup("warning", 16); -%] [% SET error_icon = CPIcons.get_common_icon_markup("error", 16); -%] [% FOREACH cert = list_certs.data; SET modulus_length = cert.modulus_length; SET modulus_class = ''; SET modulus_error = 0; IF key.key_algorithm == 'rsaEncryption' && modulus_length < MINIMUM_MODULUS_LENGTH; modulus_class = 'modulus-critical'; modulus_error = 1; END; IF cert.is_self_signed; SET issuer = locale.maketext('[comment]- Self Signed -[comment,The decorating dashes are meant to visually distinguish this label from a certificate authority name.]'); ELSE; SET issuer = cert.${'issuer.organizationName'}; END; SET inactive_reason = ''; IF !cert.domain_is_configured; inactive_reason = locale.maketext('This certificate does not match any of your account’s domains.'); END; SET cert_expiration = cert.not_after + 1; %] [% END %] [% ELSE %] [% END %]
[% locale.maketext('Domains') %] [% locale.maketext('Issuer') %] [% locale.maketext('Expiration ([_1])','UTC') %] [% locale.maketext('Key Type') %] [% locale.maketext('Description') %] [% locale.maketext("Actions") %]
[% cert.domains.join("\n").html().breakOn('\.').replace("\n",'
') %]
[% issuer.html().breakOn('\.') %]
[% expiration_date.${cert_expiration} %]
[% SSL.translate_key_parts_to_label(cert) %] [% IF modulus_error %] [% error_icon %] [% END %]
[% cert.friendly_name.html().breakOn('\.') %]
[% locale.maketext('Edit') %] [% locale.maketext("Delete") %] [% IF inactive_reason -%] [% locale.maketext("Install") -%] [% ELSE -%] [% locale.maketext("Install") %] [% END -%]
[% locale.maketext("There are no certificates on the server.") %]
[% IF list_count > SHOW_HELPER_LINKS_RECORD_COUNT %]   [% END %]

[% locale.maketext("Upload a New Certificate") %]

[% locale.maketext("Use this form to upload a certificate provided by a third-party Certificate Authority. You may either paste the body of the certificate or upload it from a “[_1]” file.", ".crt") %]

[% locale.maketext('or[comment,this is meant to be a horizontal separator of 2 things stacked vertically]') %]
[% IF list_count > SHOW_HELPER_LINKS_RECORD_COUNT %]   [% END %]

[% locale.maketext("Generate a New Certificate") %]

[% locale.maketext('Use this form to generate a new, self-signed certificate for your domain. Typically, self-signed certificates are temporarily used until you receive a trusted SSL certificate from your SSL certificate authority.') %]

[% IF list_keys.data.size -%] [% locale.maketext('View [output,amp] Edit') %] [% END -%]
[% locale.maketext('Provide the [output,acronym,FQDN,Fully Qualified Domain Name]s that you are trying to secure, one per line. You may also use wildcard domains by adding an asterisk in a domain name in the form: [output,em,_1].','*.example.com') %] ([% locale.maketext('Certificates with multiple domains are sometimes called “[output,acronym,UCC,Unified Communications Certificate]s” or “[output,acronym,SAN,subjectAltName] certificates”.') %])
[% locale.maketext('Provide the complete name for the city or locality. Do not use abbreviations.') %]
[% locale.maketext('Provide the complete name for the state or province. Do not use abbreviations.') %]
[% locale.maketext("Choose the country of origin for the certificate’s company.") %]
[% locale.maketext('Provide the legally-registered name for your business. If your company name includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.') %]
[% locale.maketext('Provide the name of the division or group within the above company. If the division includes symbols other than a period or comma, check with your certificate authority to confirm that they are acceptable.') %]
[% locale.maketext('Provide a valid email address where you can be contacted for verification of domain ownership.') %]
[% INCLUDE _assets/return_link.html.tt return_location='index.html' return_link_text=locale.maketext('Return to SSL Manager') %]
[% PROCESS 'ssl/ssl_certificate_parse.html.tt' -%] [% END #wrapper %] [% BLOCK js_block %] [% PROCESS _assets/_ajaxapp_footer.html.tt -%] [% END %]