Checkpoint: grpc auth fix, issuer list/detail, v2 protos, architecture docs

Co-authored-by: Junie <junie@jetbrains.com>
2026-03-15 11:39:13 -07:00
parent d0b1875dbb
commit ad167aed9b
41 changed files with 1080 additions and 219 deletions
--- a/web/templates/pki.html
+++ b/web/templates/pki.html
@@ -62,7 +62,7 @@
    <tbody>
    {{range .Issuers}}
    <tr>
-        <td>{{.}}</td>
+        <td><a href="/pki/issuer/{{.}}">{{.}}</a></td>
        <td><a href="/pki/{{.}}" download="{{.}}.pem">Download Cert (PEM)</a></td>
    </tr>
    {{end}}
@@ -72,6 +72,72 @@
 <p>No issuers configured.</p>
 {{end}}

+{{if and .HasRoot .Issuers}}
+<h3>Issue Certificate</h3>
+{{if .IssuedCert}}
+<div class="success">
+    <p>Certificate issued successfully.</p>
+    <div class="form-group">
+        <label>Certificate PEM</label>
+        <textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "cert_pem"}}</textarea>
+    </div>
+    <div class="form-group">
+        <label>Private Key PEM</label>
+        <textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "key_pem"}}</textarea>
+    </div>
+    <div class="form-group">
+        <label>Chain PEM</label>
+        <textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "chain_pem"}}</textarea>
+    </div>
+    <p><small>Serial: {{index .IssuedCert "serial"}} &mdash; Expires: {{index .IssuedCert "expires_at"}}</small></p>
+</div>
+{{else}}
+<form method="post" action="/pki/issue">
+    <div class="form-row">
+        <div class="form-group">
+            <label for="issue_cn">Common Name</label>
+            <input type="text" id="issue_cn" name="common_name" placeholder="example.com" required>
+        </div>
+        <div class="form-group">
+            <label for="issue_issuer">Issuer</label>
+            <select id="issue_issuer" name="issuer" required>
+                <option value="">-- select issuer --</option>
+                {{range .Issuers}}<option value="{{.}}">{{.}}</option>{{end}}
+            </select>
+        </div>
+    </div>
+    <div class="form-row">
+        <div class="form-group">
+            <label for="issue_profile">Profile</label>
+            <select id="issue_profile" name="profile">
+                <option value="server">server (default)</option>
+                <option value="client">client</option>
+                <option value="peer">peer</option>
+            </select>
+        </div>
+        <div class="form-group">
+            <label for="issue_ttl">TTL (optional)</label>
+            <input type="text" id="issue_ttl" name="ttl" placeholder="2160h">
+        </div>
+    </div>
+    <details>
+        <summary>SANs</summary>
+        <div class="form-row">
+            <div class="form-group">
+                <label for="issue_dns">DNS Names (one per line)</label>
+                <textarea id="issue_dns" name="dns_names" rows="3" placeholder="example.com&#10;www.example.com"></textarea>
+            </div>
+            <div class="form-group">
+                <label for="issue_ips">IP Addresses (one per line)</label>
+                <textarea id="issue_ips" name="ip_addresses" rows="3" placeholder="10.0.0.1"></textarea>
+            </div>
+        </div>
+    </details>
+    <button type="submit">Issue Certificate</button>
+</form>
+{{end}}
+{{end}}
+
 {{if .IsAdmin}}
 {{if .HasRoot}}
 <h3>Create Issuer</h3>