diff options
Diffstat (limited to 'mod/foafssl/cert_proxy.php')
| -rw-r--r-- | mod/foafssl/cert_proxy.php | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/mod/foafssl/cert_proxy.php b/mod/foafssl/cert_proxy.php new file mode 100644 index 000000000..5dc4f8b67 --- /dev/null +++ b/mod/foafssl/cert_proxy.php @@ -0,0 +1,64 @@ +<?php + +//----------------------------------------------------------------------------------------------------------------------------------- +// +// Filename : cert.php +// Version : 1.0 +// Date : 3rd Jan 2009 +// +// Decription : This script creates an PKCS12 encoded SSL Certificate which is file transfered to the script caller. +// +// Usage : cert.php?foaf=http://foaf.me/jsmith& +// commonName=J Smith& +// emailAddress=jsmith@example.com& +// organizationName=My Company Ltd& +// organizationalUnitName=Technology Division& +// localityName=Newbury& +// stateOrProvinceName=Berkshire& +// countryName=GB& +// password=secret +// +// All parameters except 'foaf' are optional. Some parameters if missing will default as per openssl.cnf +// +// See Also : Using PHP to create self-signed X.509 Client Certificates +// http://foaf.me/Using_PHP_to_create_X.509_Client_Certificates.php +// +//----------------------------------------------------------------------------------------------------------------------------------- + +// Check if the foaf loaction is specified in the script call + +function request_identity_p12($commonName, $webid, $pubkey, $hours=0.0, $days=0.0) { + $post_fields = array(); + $post_fields['webid'] = $webid; + $post_fields['spkac'] = $pubkey; + $post_fields['hours'] = $hours; + $post_fields['days'] = $days; + $post_fields['keygensubmit'] = "submit certificate request"; + $post_fields['cn'] = $commonName; + $ch = curl_init('http://webid.myxwiki.org/xwiki/bin/view/WebId/CreateCert'); + curl_setopt($ch, CURLOPT_POST ,1); + curl_setopt($ch, CURLOPT_POSTFIELDS ,$post_fields); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION ,1); + curl_setopt($ch, CURLOPT_HEADER ,0); // DO NOT RETURN HTTP HEADERS + curl_setopt($ch, CURLOPT_RETURNTRANSFER ,1); // RETURN THE CONTENTS OF THE CALL + // should check the error code and warn if something goes wrong + $Rec_Data = curl_exec($ch); + header('Last-Modified: '.date('r+b')); + header('Accept-Ranges: bytes'); + header('Content-Length: '.strlen($Rec_Data)); + header('Content-Type: application/x-x509-user-cert'); + echo $Rec_Data; + return $Rec_Data; + +} + +/*// Create a PKCS12 encoded SSL certificate +if ( $p12 = request_identity_p12( + $countryName, $stateOrProvinceName, $localityName, $organizationName, $organizationalUnitName, $commonName, $emailAddress, + $foafLocation, $pubkey ) ) +{ + // Send the PKCS12 encoded SSL certificate to the script caller as a file transfer + download_identity_p12($p12, $foafLocation); +}*/ + +?> |