<fmt:message key="ssl.certificates.truststore.title"/>

<%-- - - Copyright (C) 2018-2025 Ignite Realtime Foundation. All rights reserved. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. --%> <%@ page contentType="text/html; charset=UTF-8" %> <%@ page errorPage="error.jsp"%> <%@ page import="org.jivesoftware.openfire.keystore.TrustStore"%> <%@ page import="org.jivesoftware.openfire.spi.ConnectionType"%> <%@ page import="org.jivesoftware.util.CookieUtils" %> <%@ page import="org.jivesoftware.util.ParamUtils" %> <%@ page import="org.jivesoftware.util.StringUtils" %> <%@ page import="java.util.Collections" %> <%@ page import="java.util.HashMap" %> <%@ page import="java.util.Map" %> <%@ page import="java.util.Set" %> <%@ page import="java.security.cert.X509Certificate" %> <%@ page import="org.jivesoftware.openfire.XMPPServer" %> <%@ page import="org.jivesoftware.openfire.container.AdminConsolePlugin" %> <%@ page import="java.time.Duration" %> <%@ taglib uri="admin" prefix="admin" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %> <%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %> <% webManager.init(request, response, session, application, out ); boolean delete = ParamUtils.getBooleanParameter( request, "delete" ); final String alias = ParamUtils.getParameter( request, "alias" ); final String connectionTypeText = ParamUtils.getParameter( request, "connectionType" ); final Map errors = new HashMap<>(); Cookie csrfCookie = CookieUtils.getCookie(request, "csrf"); String csrfParam = ParamUtils.getParameter(request, "csrf"); if (delete) { if (csrfCookie == null || csrfParam == null || !csrfCookie.getValue().equals(csrfParam)) { delete = false; errors.put("csrf", "CSRF Failure!"); } } csrfParam = StringUtils.randomString(15); CookieUtils.setCookie(request, response, "csrf", csrfParam, -1); pageContext.setAttribute("csrf", csrfParam); ConnectionType connectionType = null; TrustStore trustStore = null; try { connectionType = ConnectionType.valueOf( connectionTypeText ); trustStore = XMPPServer.getInstance().getCertificateStoreManager().getTrustStore( connectionType ); if ( trustStore == null ) { errors.put( "trustStore", "Unable to get an instance." ); } } catch ( RuntimeException ex ) { errors.put( "connectionType", ex.getMessage() ); } if ( errors.isEmpty() ) { pageContext.setAttribute( "connectionType", connectionType ); pageContext.setAttribute( "trustStore", trustStore ); final Set sameStoreConnectionTypes = Collections.emptySet(); // TODO FIXME: SSLConfig.getInstance().getOtherPurposesForSameStore( connectionType ); pageContext.setAttribute( "sameStoreConnectionTypes", sameStoreConnectionTypes ); final Map certificates = trustStore.getAllCertificates(); pageContext.setAttribute( "certificates", certificates ); if ( delete ) { if ( alias == null ) { errors.put( "alias", "The alias has not been specified." ); } else { try { // When updating certificates through the admin console, do not cause changes to restart the website, as // that is very likely to log out the administrator that is performing the changes. As the keystore change // event is async, this line disables restarting the plugin for a few minutes. XMPPServer.getInstance().getPluginManager().getPluginByCanonicalName("admin") .ifPresent(plugin -> ((AdminConsolePlugin) plugin).pauseAutoRestartEnabled(Duration.ofMinutes(5))); trustStore.delete( alias ); // Log the event webManager.logEvent( "deleted SSL cert from " + connectionType + " with alias " + alias, null ); response.sendRedirect( "security-truststore.jsp?connectionType=" + connectionType+ "&deletesuccess=true" ); return; } catch ( Exception e ) { errors.put( "delete", e.getMessage() ); } } } } pageContext.setAttribute( "errors", errors ); %> <fmt:message key="ssl.certificates.truststore.title"/> : :

()
()
" title=""> ()	- -		" title="" onclick="return confirm('');" >