diff options
author | sullrich <sullrich@pfsense.org> | 2009-12-02 16:51:04 -0500 |
---|---|---|
committer | sullrich <sullrich@pfsense.org> | 2009-12-02 16:51:04 -0500 |
commit | 02b383fedd526e7015708f2df47905372fcd5437 (patch) | |
tree | 0e95e97699d2b17b1fe52b69a3f544f4ac293e63 /etc/inc/system.inc | |
parent | f1755af4c4e6b7b610996d8876bca63578f70941 (diff) | |
download | pfsense-02b383fedd526e7015708f2df47905372fcd5437.zip pfsense-02b383fedd526e7015708f2df47905372fcd5437.tar.gz |
Assign unique ref and commit certificate. Ticket #63
Diffstat (limited to 'etc/inc/system.inc')
-rw-r--r-- | etc/inc/system.inc | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 19466eb..9be9a3f 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -624,16 +624,31 @@ function system_webgui_start() { $portarg = "{$config['system']['webgui']['port']}"; if ($config['system']['webgui']['protocol'] == "https") { - + // Ensure that we have a webConfigurator CERT $cert =& lookup_cert($config['system']['webgui']['ssl-certref']); - if(is_array($cert) && $cert['crt'] && $cert['prv']) { + if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) { + echo "Importaing default SSL Certificate for webConfigurator..."; + $cert_file = "/etc/default_ssl_certs/pfSense_webConfigurator_HTTPS_Certificate.crt"; + $key_file = "/etc/default_ssl_certs/pfSense_webConfigurator_HTTPS_Certificate.key"; + if(file_exists($cert_file && $key_file)) { + $cert = array(); + $cert['refid'] = uniqid(); + $cert_txt = file_get_contents("/etc/default_ssl_certs/pfSense_webConfigurator_HTTPS_Certificate.crt"); + $key_txt = file_get_contents("/etc/default_ssl_certs/pfSense_webConfigurator_HTTPS_Certificate.key"); + cert_import($cert, $cert_txt, $key_txt); + $a_cert[] = $cert; + $config['system']['webgui']['ssl-certref'] = $cert['refid']; + write_config("Importing default HTTPS certificate from /etc/default_ssl_certs/"); + echo "Done.\n"; + } else { + log_error("ERROR: Could not locate a default certificate file in /etc/default_ssl/certs/ for import $cert_file - $key_file"); + } + } else $crt = base64_decode($cert['crt']); $key = base64_decode($cert['prv']); if(!$config['system']['webgui']['port']) $portarg = "443"; $ca = ca_chain($cert); - } else - log_error("Invalid webConfigurator https certificate, defaulting to http"); } /* generate lighttpd configuration */ |