54 $this->last_certificate_id=variable_get(
'last_certificate_id',0,
'Latest certificate ID parsed by update_domains. Do not change this unless you know what you are doing');
55 $this->default_certificate_fqdn=variable_get(
'default_certificate_fqdn',$L_FQDN,
'FQDN of the certificate we will use as a default one before getting a proper one through any provider. If unsure, keep the default');
68 $specials=array($L_FQDN);
69 $variables=array(
"fqdn_dovecot",
"fqdn_postfix",
"fqdn_proftpd",
"fqdn_mailman");
70 foreach($variables as $var) {
71 $value = variable_get($var,
null);
72 if ($value && !in_array($value,$specials)) {
86 $db->query(
"UPDATE certificates SET status=".self::STATUS_EXPIRED.
" WHERE status=".self::STATUS_OK.
" AND validend<NOW();");
97 $db->query(
"SELECT max(id) AS maxid FROM certificates;");
98 if (!$db->next_record()) {
99 $msg->raise(
"ERROR",
"ssl",_(
"FATAL: no certificates in certificates table, even the SnakeOil one??"));
102 $maxid=$db->Record[
"maxid"];
103 if ($maxid>$this->last_certificate_id) {
104 $db->query(
"SELECT id,fqdn,altnames,sslcrt FROM certificates WHERE id>?",array($this->last_certificate_id));
107 while ($db->next_record()) {
108 if (!$db->Record[
"sslcrt"])
continue;
110 $certs[]=array(
"id"=>$db->Record[
"id"],
"fqdn"=>$db->Record[
"fqdn"]);
111 $altnames=explode(
"\n",$db->Record[
"altnames"]);
112 foreach($altnames as $altname) {
113 $certs[]=array(
"id"=>$db->Record[
"id"],
"fqdn"=>$altname);
119 foreach($certs as $cert) {
121 foreach($subids as $subid) {
122 $updateids[$subid]=$cert[
"id"];
130 foreach($updateids as $id => $certid) {
131 $db->query(
"UPDATE sub_domaines SET web_action=? WHERE id=?;",array(
"UPDATE",$id));
132 $msg->raise(
"INFO",
"ssl",sprintf(_(
"Reloading domain %s as we have new certificate %s"),$id,$certid));
135 $this->last_certificate_id=$maxid;
136 variable_set(
'last_certificate_id',$this->last_certificate_id);
144 if (substr($cert,0,2)==
"*." &&
145 substr($cert,2)==substr($fqdn,strpos($fqdn,
".")+1) )
159 $this->
copycert(
"alternc-panel",$id);
160 exec(
"service apache2 reload");
162 $variables=array(
"fqdn_dovecot",
"fqdn_postfix",
"fqdn_proftpd",
"fqdn_mailman");
163 foreach($variables as $var) {
164 $value = variable_get($var,
null);
167 $this->
copycert(
"alternc-".substr($var,5),$id);
168 exec(
"service ".substr($var,5).
" reload");
183 $msg->raise(
"INFO",
"ssl",_(
"Copying system certificate $id on $target"));
184 $db->query(
"SELECT * FROM certificates WHERE id=?",array($id));
185 if (!$db->next_record())
return false;
186 if (!file_put_contents(
"/etc/ssl/certs/".$target.
".pem.tmp",trim($db->Record[
"sslcrt"]).
"\n".trim($db->Record[
"sslchain"]))) {
187 $msg->raise(
"ERROR",
"ssl",_(
"Can't put file into /etc/ssl/certs/".$target.
".pem.tmp, failing properly"));
190 chown(
"/etc/ssl/certs/".$target.
".pem.tmp",
"root");
191 chgrp(
"/etc/ssl/certs/".$target.
".pem.tmp",
"ssl-cert");
192 chmod(
"/etc/ssl/certs/".$target.
".pem.tmp",0755);
193 if (!file_put_contents(
"/etc/ssl/private/".$target.
".key.tmp",$db->Record[
"sslkey"])) {
194 $msg->raise(
"ERROR",
"ssl",_(
"Can't put file into /etc/ssl/private/".$target.
".key.tmp, failing properly"));
195 @unlink(
"/etc/ssl/certs/".$target.
".pem.tmp");
198 chown(
"/etc/ssl/private/".$target.
".key.tmp",
"root");
199 chgrp(
"/etc/ssl/private/".$target.
".key.tmp",
"ssl-cert");
200 chmod(
"/etc/ssl/private/".$target.
".key.tmp",0750);
202 rename(
"/etc/ssl/certs/".$target.
".pem.tmp",
"/etc/ssl/certs/".$target.
".pem");
203 rename(
"/etc/ssl/private/".$target.
".key.tmp",
"/etc/ssl/private/".$target.
".key");
215 $db->query(
"SELECT sd.id FROM sub_domaines sd, domaines_type dt WHERE dt.name=sd.type AND dt.only_dns=0 AND
216 (CONCAT(sd.sub,IF(sd.sub!='','.',''),sd.domaine)=?
217 OR CONCAT('*.',SUBSTRING(CONCAT(sd.sub,IF(sd.sub!='','.',''),sd.domaine),
218 INSTR(CONCAT(sd.sub,IF(sd.sub!='','.',''),sd.domaine),'.')+1))=?
222 while ($db->next_record()) {
223 $ids[]=$db->Record[
"id"];
235 $db->query(
"SELECT c.id,sd.id AS used FROM certificates c LEFT JOIN sub_domaines sd ON sd.certificate_id=c.id WHERE c.status=".self::STATUS_EXPIRED.
" AND c.validend<DATE_SUB(NOW(), INTERVAL 12 MONTH) AND c.validend!='0000-00-00 00:00:00';");
236 while ($db->next_record()) {
237 if ($db->Record[
"used"]) {
240 $CRTDIR = self::KEY_REPOSITORY .
"/" . floor($db->Record[
"id"]/1000);
241 @unlink($CRTDIR.
"/".$db->Record[
"id"].
".pem");
242 @unlink($CRTDIR.
"/".$db->Record[
"id"].
".key");
243 @unlink($CRTDIR.
"/".$db->Record[
"id"].
".chain");
246 while ((
$c=readdir($d))!==
false) {
247 if (is_file($CRTDIR.
"/".
$c)) {
269 global $db, $msg, $cuid;
270 $msg->log(
"ssl",
"get_list");
274 if (is_null($filter)) {
281 $sql =
" uid='$cuid' ";
282 $sql.=
" AND status IN (-1";
283 if ($filter & self::FILTER_PENDING) {
286 if ($filter & self::FILTER_OK) {
289 if ($filter & self::FILTER_EXPIRED) {
293 $db->query(
"SELECT *, UNIX_TIMESTAMP(validstart) AS validstartts, UNIX_TIMESTAMP(validend) AS validendts FROM certificates WHERE $sql ORDER BY validstart DESC;");
294 if ($db->num_rows()) {
295 while ($db->next_record()) {
300 $msg->raise(
"INFO",
"ssl", _(
"No SSL certificates available"));
316 global $db, $msg, $cuid;
317 $msg->log(
"ssl",
"new_csr");
318 if (substr($fqdn, 0, 2) ==
"*.") {
319 $f = substr($fqdn, 2);
324 $msg->raise(
"ERROR",
"ssl", _(
"Bad FQDN domain name"));
327 putenv(
"OPENSSL_CONF=/etc/alternc/openssl.cnf");
328 $pkey = openssl_pkey_new();
330 $msg->raise(
"ERROR",
"ssl", _(
"Can't generate a private key (1)"));
334 if (!openssl_pkey_export($pkey, $privKey)) {
335 $msg->raise(
"ERROR",
"ssl", _(
"Can't generate a private key (2)"));
338 $dn = array(
"commonName" => $fqdn);
340 $config = array(
"digest_alg" =>
"sha256");
341 $csr = openssl_csr_new($dn, $pkey, $config);
343 openssl_csr_export($csr, $csrout);
344 $db->query(
"INSERT INTO certificates SET uid=?, status=?, fqdn=?, altnames='', validstart=NOW(), sslcsr=?, sslkey=?, provider=?;",array($cuid, self::STATUS_PENDING, $fqdn, $csrout, $privKey, $provider));
345 if (!($id = $db->lastid())) {
346 $msg->raise(
"ERROR",
"ssl", _(
"Can't generate a CSR"));
360 global $db, $msg, $cuid;
361 $msg->log(
"ssl",
"get_certificate");
365 $sql=
" AND uid='".intval($cuid).
"' ";
367 $db->query(
"SELECT *, UNIX_TIMESTAMP(validstart) AS validstartts, UNIX_TIMESTAMP(validend) AS validendts FROM certificates WHERE id=? $sql;",array($id));
368 if (!$db->next_record()) {
369 $msg->raise(
"ERROR",
"ssl", _(
"Can't find this Certificate"));
383 global $db, $msg, $cuid;
384 $msg->log(
"ssl",
"get_certificate_path",$id);
386 $db->query(
"SELECT id FROM certificates WHERE id=?;",array($id));
387 if (!$db->next_record()) {
388 $msg->raise(
"ERROR",
"ssl", _(
"Can't find this Certificate"));
392 $chain=self::KEY_REPOSITORY.
"/".floor($id/1000).
"/".$id.
".chain";
393 if (!file_exists($chain))
397 "cert" => self::KEY_REPOSITORY.
"/".floor($id/1000).
"/".$id.
".pem",
398 "key" => self::KEY_REPOSITORY.
"/".floor($id/1000).
"/".$id.
".key",
410 global $db, $msg, $cuid;
413 $db->query(
"SELECT *, UNIX_TIMESTAMP(validstart) AS validstartts, UNIX_TIMESTAMP(validend) AS validendts FROM certificates WHERE status=".self::STATUS_OK.
" ORDER BY validstart DESC;");
419 $wildcard=
"*".substr($fqdn,strpos($fqdn,
"."));
420 $defaultwild=
"*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,
"."));
422 while($db->next_record()) {
424 if ($db->Record[
"fqdn"]==$fqdn || $db->Record[
"fqdn"]==$wildcard) {
428 $alts=explode(
"\n",$db->Record[
"altnames"]);
429 foreach($alts as $alt) {
430 if ($alt==$fqdn || $alt==$wildcard) {
437 if ($provider==
"" || $provider==$db->Record[
"provider"]) {
446 if ($db->Record[
"fqdn"]==$this->default_certificate_fqdn || $db->Record[
"fqdn"]==$defaultwild) {
449 $alts=explode(
"\n",$db->Record[
"altnames"]);
450 foreach($alts as $alt) {
451 if ($alt==$this->default_certificate_fqdn || $alt==$defaultwild) {
464 $good=array_merge($good,$ugly);
471 $db->query(
"SELECT * FROM certificates WHERE id=0;");
472 if ($db->next_record()) {
491 global $cuid, $msg, $db;
492 $msg->log(
"ssl",
"import_cert");
495 $db->query(
"SELECT id FROM certificates WHERE sslcrt=?;",array($crt));
496 if ($db->next_record()) {
497 $msg->raise(
"ERROR",
"ssl", _(
"Certificate already exists in database"));
501 $result = $this->
check_cert($crt, $chain, $key);
502 if ($result ===
false) {
503 $msg->raise(
"ERROR",
"ssl", $this->error);
506 list($crt, $chain, $key, $crtdata) = $result;
508 $validstart = $crtdata[
'validFrom_time_t'];
509 $validend = $crtdata[
'validTo_time_t'];
510 $fqdn = $crtdata[
"subject"][
"CN"];
511 $altnames = $this->
parseAltNames($crtdata[
"extensions"][
"subjectAltName"]);
516 "INSERT INTO certificates SET uid=?, status=?, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?, provider=?, sslcsr = '';",
517 array($cuid, self::STATUS_OK, $fqdn, $altnames, intval($validstart), intval($validend), $key, $crt, $chain, $provider)
519 if (!($id = $db->lastid())) {
520 $msg->log(
'ssl',
'impoert_cert',
'insert query failed (' . print_r($db->last_error(), TRUE) .
')');
521 $msg->raise(
"ERROR",
"ssl", _(
"Can't save the Key/Crt/Chain now. Please try later."));
539 global $cuid, $msg, $db;
540 $msg->log(
"ssl",
"finalize");
542 $certid = intval($certid);
543 $result = $this->
check_cert($crt, $chain,
"", $certid);
544 if ($result ===
false) {
545 $msg->raise(
"ERROR",
"ssl", $this->error);
548 list($crt, $chain, $key, $crtdata) = $result;
550 $validstart = $crtdata[
'validFrom_time_t'];
551 $validend = $crtdata[
'validTo_time_t'];
552 $fqdn = $crtdata[
"subject"][
"CN"];
553 $altnames = $this->
parseAltNames($crtdata[
"extensions"][
"subjectAltName"]);
557 "INSERT INTO certificates (status,fqdn,altnames,validstart,validend,sslcrt,sslchain,sslcsr)
558 SELECT ?,?,?, FROM_UNIXTIME(?), FROM_UNIXTIME(?), ?, ?, sslcsr FROM certificate WHERE id=?;",
559 array(self::STATUS_OK, $fqdn, $altnames, $validstart, $validend, $crt, $chain, $certid)
561 $msg->raise(
"ERROR",
"ssl", _(
"Can't save the Crt/Chain now. Please try later."));
564 $newid=$db->lastid();
565 $db->query(
"DELETE FROM certificates WHERE id=?;",array($certid));
576 global $db, $msg, $cuid;
577 $msg->log(
"ssl",
"alternc_del_member");
578 $db->query(
"UPDATE certificates SET uid=2000 WHERE uid=?;",array($cuid));
590 public function updateDomain($action, $type, $fqdn, $mail = 0, $value =
"") {
591 global $db, $msg, $dom;
592 $msg->log(
"ssl",
"update_domain($action,$type,$fqdn)");
595 if (!($domtype=$dom->domains_type_get($type)) || $domtype[
"only_dns"]==
true) {
604 if (substr($type, 0, 5) ==
'vhost') {
605 $type_match =
'vhost%';
607 if ($action ==
"postinst") {
608 $msg->log(
"ssl",
"update_domain:CREATE($action,$type,$fqdn)");
613 "SELECT * FROM sub_domaines WHERE sub=? AND domaine=? AND web_action NOT IN ('','OK') AND type LIKE ?",
614 array(substr($fqdn, 0, $offset), substr($fqdn, $offset + ($offset != 0)), $type_match)
616 if ($db->next_record()) {
620 $offset = strpos($fqdn,
".", $offset+1);
627 echo
"FATAL: didn't found fqdn $fqdn in sub_domaines table !\n";
631 $subdom = $db->Record;
632 $TARGET_FILE =
"/var/lib/alternc/apache-vhost/" . substr($subdom[
"compte"], -1) .
"/" . $subdom[
"compte"] .
"/" . $fqdn .
".conf";
637 $s = file_get_contents($TARGET_FILE);
638 $s = str_replace(
"%%CRT%%", $cert[
"crt"], $s);
639 $s = str_replace(
"%%KEY%%", $cert[
"key"], $s);
640 if (isset($cert[
"chain"]) && $cert[
"chain"]) {
641 $s = str_replace(
"%%CHAINLINE%%",
"SSLCertificateChainFile " . $cert[
"chain"], $s);
643 $s = str_replace(
"%%CHAINLINE%%",
"", $s);
645 file_put_contents($TARGET_FILE, $s);
647 $db->query(
"UPDATE sub_domaines SET certificate_id=? WHERE id=?;",array($cert[
"id"], $subdom[
"id"]));
661 global $db, $msg, $dom;
662 $msg->log(
"ssl",
"hook_updatedomains_web_before($subdomid)");
664 $db->query(
"SELECT sd.*, dt.only_dns, dt.has_https_option, m.login FROM domaines_type dt, sub_domaines sd LEFT JOIN membres m ON m.uid=sd.compte WHERE dt.name=sd.type AND sd.web_action!='OK' AND id=?;",array($subdomid));
667 $domtype=$dom->domains_type_get($subdom[
"type"]);
669 if ($domtype[
"only_dns"]==
true) {
672 $subdom[
"fqdn"]=$subdom[
"sub"].(($subdom[
"sub"])?
".":
"").$subdom[
"domaine"];
674 list($cert) = $this->
get_valid_certs($subdom[
"fqdn"], $subdom[
"provider"]);
677 $db->query(
"UPDATE sub_domaines SET certificate_id=? WHERE id=?;",array($cert[
"id"], $subdom[
"id"]));
699 "crt" => $CRTDIR .
"/" . $cert[
"id"].
".pem",
700 "key" => $CRTDIR .
"/" . $cert[
"id"].
".key",
702 if (file_exists($CRTDIR .
"/" . $cert[
"id"].
".chain")) {
703 $output[
"chain"] = $CRTDIR .
"/" . $cert[
"id"].
".chain";
715 $CRTDIR = self::KEY_REPOSITORY .
"/" . floor($cert[
"id"]/1000);
716 @mkdir($CRTDIR,0750,
true);
718 chown(self::KEY_REPOSITORY,
"root");
719 chgrp(self::KEY_REPOSITORY,
"ssl-cert");
720 chmod(self::KEY_REPOSITORY,0750);
721 chown($CRTDIR,
"root");
722 chgrp($CRTDIR,
"ssl-cert");
726 !file_exists($CRTDIR .
"/" . $cert[
"id"].
".pem") ||
727 !file_exists($CRTDIR .
"/" . $cert[
"id"].
".key")) {
729 file_put_contents($CRTDIR .
"/" . $cert[
"id"].
".pem", $cert[
"sslcrt"]);
730 file_put_contents($CRTDIR .
"/" . $cert[
"id"].
".key", $cert[
"sslkey"]);
732 chown($CRTDIR .
"/" . $cert[
"id"].
".pem",
"root");
733 chgrp($CRTDIR .
"/" . $cert[
"id"].
".pem",
"ssl-cert");
734 chmod($CRTDIR .
"/" . $cert[
"id"].
".pem",0640);
735 chown($CRTDIR .
"/" . $cert[
"id"].
".key",
"root");
736 chgrp($CRTDIR .
"/" . $cert[
"id"].
".key",
"ssl-cert");
737 chmod($CRTDIR .
"/" . $cert[
"id"].
".key",0640);
738 if (isset($cert[
"sslchain"]) && $cert[
"sslchain"]) {
739 file_put_contents($CRTDIR .
"/" . $cert[
"id"] .
".chain", $cert[
"sslchain"]);
740 chown($CRTDIR .
"/" . $cert[
"id"].
".chain",
"root");
741 chgrp($CRTDIR .
"/" . $cert[
"id"].
".chain",
"ssl-cert");
742 chmod($CRTDIR .
"/" . $cert[
"id"].
".chain",0640);
754 global $db, $msg, $cuid;
755 $msg->log(
"ssl",
"export");
757 $db->query(
"SELECT COUNT(*) AS cnt FROM certificates WHERE uid='$cuid' AND status!=" . self::STATUS_EXPIRED);
758 while ($db->next_record()) {
759 $str.=
" <id>" . ($db->Record[
"id"]) .
"</id>\n";
760 $str.=
" <csr>" . ($db->Record[
"sslcsr"]) .
"</key>\n";
761 $str.=
" <key>" . ($db->Record[
"sslkey"]) .
"<key>\n";
762 $str.=
" <crt>" . ($db->Record[
"sslcrt"]) .
"</crt>\n";
763 $str.=
" <chain>" . ($db->Record[
"sslchain"]) .
"<chain>\n";
778 if (preg_match_all(
"#DNS:([^,]*)#", $str, $mat, PREG_PATTERN_ORDER)) {
779 return implode(
"\n", $mat[1]);
794 function check_cert($crt, $chain, $key =
"", $certid =
null) {
797 $crt = trim(str_replace(
"\r\n",
"\n", $crt)) .
"\n";
798 $key = trim(str_replace(
"\r\n",
"\n", $key)) .
"\n";
799 $chain = trim(str_replace(
"\r\n",
"\n", $chain)) .
"\n";
802 if (trim($key) ==
"" && !is_null($certid)) {
804 $db->query(
"SELECT sslkey FROM certificates WHERE id=?;",array(intval($certid)));
805 if (!$db->next_record()) {
806 $this->error.=_(
"Can't find the private key in the certificate table, please check your form.");
809 $key = $db->f(
"sslkey");
810 $key = trim(str_replace(
"\r\n",
"\n", $key)) .
"\n";
813 if (substr($crt, 0, 28) !=
"-----BEGIN CERTIFICATE-----\n" ||
814 substr($crt, -26, 26) !=
"-----END CERTIFICATE-----\n") {
815 $this->error.=_(
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE lines. Please check you pasted it in PEM form.") .
"<br>\n";
818 (substr($chain, 0, 28) !=
"-----BEGIN CERTIFICATE-----\n" ||
819 substr($chain, -26, 26) !=
"-----END CERTIFICATE-----\n")) {
820 $this->error.=_(
"The chained certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE lines. Please check you pasted it in PEM form.") .
"<br>\n";
822 if ((substr($key, 0, 32) !=
"-----BEGIN RSA PRIVATE KEY-----\n" ||
823 substr($key, -30, 30) !=
"-----END RSA PRIVATE KEY-----\n") &&
824 (substr($key, 0, 28) !=
"-----BEGIN PRIVATE KEY-----\n" ||
825 substr($key, -26, 26) !=
"-----END PRIVATE KEY-----\n")) {
826 $this->error.=_(
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )PRIVATE KEY lines. Please check you pasted it in PEM form.") .
"<br>\n";
836 $lines = explode(
"\n", $chain);
837 foreach ($lines as $line) {
838 if ($line ==
"-----BEGIN CERTIFICATE-----" && $status == 0) {
843 if ($line ==
"-----END CERTIFICATE-----" && $status == 1) {
858 foreach ($chains as $tmpcert) {
860 $tmpr = openssl_x509_read($tmpcert);
861 if ($tmpr ===
false) {
862 $this->error.=sprintf(_(
"The %d-th certificate in the chain is invalid"), $i) .
"<br>\n";
867 $rcrt = openssl_x509_read($crt);
868 $crtdata = openssl_x509_parse($crt);
869 if ($rcrt ===
false || $crtdata ===
false) {
870 $this->error.=_(
"The certificate is invalid.") .
"<br>\n";
873 $rkey = openssl_pkey_get_private($key);
874 if ($rkey ===
false) {
875 $this->error.=_(
"The private key is invalid.") .
"<br>\n";
879 if (!openssl_x509_check_private_key($rcrt, $rkey)) {
880 $this->error.=_(
"The private key is not the one signed inside the certificate.") .
"<br>\n";
885 if (!openssl_x509_export($rcrt, $crt)) {
886 $this->error.=_(
"Can't export your certificate as a string, please check its syntax.") .
"<br>\n";
889 foreach ($rchains as $r) {
890 if (!openssl_x509_export($r, $tmp)) {
891 $this->error.=_(
"Can't export one of your chained certificates as a string, please check its syntax.") .
"<br>\n";
896 if (!openssl_pkey_export($rkey, $key)) {
897 $this->error.=_(
"Can't export your private key as a string, please check its syntax.") .
"<br>\n";
900 return array($crt, $chain, $key, $crtdata);
SSL Certificates management class.
finalize($certid, $crt, $chain)
Import an ssl certificate into an existing certificate entry in the DB.
hook_updatedomains_web_before($subdomid)
Launched by hosting_functions.sh launched by update_domaines.sh Action may be create/postinst/delete/...
get_certificate_path($id)
Return paths to certificate, key, and chain for a certificate given it's ID.
get_valid_certs($fqdn, $provider="")
Return all the valid certificates that can be used for a specific FQDN return the list of certificate...
const SPECIAL_CERTIFICATE_ID_PATH
get_fqdn_specials()
Return the list of special FQDN for which we'd like to obtain a certificate too.
check_cert($crt, $chain, $key="", $certid=null)
Check that a crt is a proper certificate.
parseAltNames($str)
Returns the list of alternate names of an X.509 SSL Certificate from the attribute list.
cron_new_certs()
Crontab launched every minute to search for new certificates and launch web_action="UPDATE".
expire_certificates()
set expired certificates as such :
get_list(&$filter=null)
Return all the SSL certificates for an account (or the searched one)
searchBestCert($subdom, $fqdn)
Search for the best certificate for a user and a fqdn Return a hash with crt, key and maybe chain.
write_cert_file($cert)
Write certificate file into KEY_REPOSITORY.
update_specials_match($id, $fqdn)
update special system certificate that matches the cert fqdn:
copycert($target, $id)
copy a certificate (by its ID) to the system files set the correct permissions try to minimize zero-f...
searchSubDomain($fqdn)
search for a FQDN as a fqdn or a wildcard in all subdomains currently hosted return a list of subdoma...
alternc_export_conf()
Export every information for an AlternC's account @access private EXPERIMENTAL 'sid' function ;)
get_certificate($id, $anyuser=false)
Return all informations of a given certificate for the current user.
import_cert($key, $crt, $chain="", $provider="")
Import an existing ssl Key, Certificate and (maybe) a Chained Cert.
updateDomain($action, $type, $fqdn, $mail=0, $value="")
Launched by hosting_functions.sh launched by update_domaines.sh Action may be create/postinst/delete/...
new_csr($fqdn, $provider="manual")
Generate a new CSR, a new Private RSA Key, for FQDN.
delete_old_certificates()
delete old certificates (expired for more than a year)
alternc_del_member()
Function called by a hook when an AlternC member is deleted.