<%--
-
- Copyright (C) 2007-2008 Jive Software, 2018-2022 Ignite Realtime Foundation. All rights reserved.
-
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--%>
<%@ page contentType="text/html; charset=UTF-8" %>
<%@ page errorPage="error.jsp" %>
<%@ page import="org.jivesoftware.openfire.XMPPServer" %>
<%@ page import="org.jivesoftware.openfire.keystore.IdentityStore" %>
<%@ page import="org.jivesoftware.openfire.spi.ConnectionType" %>
<%@ page import="org.jivesoftware.util.ParamUtils" %>
<%@ page import="org.jivesoftware.util.StringUtils" %>
<%@ page import="org.jivesoftware.util.CookieUtils" %>
<%@ page import="java.util.HashMap" %>
<%@ page import="java.util.Map" %>
<%@ page import="org.jivesoftware.openfire.container.AdminConsolePlugin" %>
<%@ page import="java.time.Duration" %>
<%@ taglib uri="admin" prefix="admin" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<% webManager.init(request, response, session, application, out ); %>
<% // Get parameters:
boolean save = ParamUtils.getParameter(request, "save") != null;
final String privateKey = ParamUtils.getParameter(request, "privateKey");
final String passPhrase = ParamUtils.getParameter(request, "passPhrase");
final String certificate = ParamUtils.getParameter(request, "certificate");
final String storePurposeText = ParamUtils.getParameter(request, "connectionType");
final Map errors = new HashMap<>();
ConnectionType connectionType;
try
{
connectionType = ConnectionType.valueOf( storePurposeText );
} catch (RuntimeException ex) {
errors.put( "connectionType", ex.getMessage() );
connectionType = null;
}
Cookie csrfCookie = CookieUtils.getCookie(request, "csrf");
String csrfParam = ParamUtils.getParameter(request, "csrf");
if (save) {
if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) {
save = false;
errors.put("csrf", "CSRF Failure!");
}
}
csrfParam = StringUtils.randomString(15);
CookieUtils.setCookie(request, response, "csrf", csrfParam, -1);
pageContext.setAttribute("csrf", csrfParam);
if (save) {
if (privateKey == null || privateKey.trim().isEmpty() ) {
errors.put("privateKey", "privateKey");
}
if (certificate == null || certificate.trim().isEmpty() ) {
errors.put("certificate", "certificate");
}
if (errors.isEmpty()) {
try {
// When updating certificates through the admin console, do not immediately restart the website, as that
// is very likely to lock out the administrator that is performing the changes.
XMPPServer.getInstance().getPluginManager().getPluginByCanonicalName("admin")
.ifPresent(plugin -> ((AdminConsolePlugin) plugin).pauseAutoRestartEnabled(Duration.ofMinutes(5)));
final IdentityStore identityStore = XMPPServer.getInstance().getCertificateStoreManager().getIdentityStore( connectionType );
// Import certificate
final String alias = identityStore.installCertificate( certificate, privateKey, passPhrase);
// Log the event
webManager.logEvent("imported SSL certificate in identity store "+ connectionType, "alias = "+alias);
response.sendRedirect("security-keystore.jsp?connectionType="+connectionType+"&addupdatesuccess=true");
return;
}
catch (Exception e) {
e.printStackTrace();
errors.put("import", e.getMessage());
}
}
}
pageContext.setAttribute( "connectionType", connectionType );
pageContext.setAttribute( "errors", errors );
%>
<fmt:message key="ssl.import.certificate.keystore.boxtitle"/>: :
()