Add certificate issuance, CSR signing, and cert listing to web UI
- Add SignCSR RPC to v2 CA proto and regenerate; implement handleSignCSR
in CA engine and caServer gRPC layer; add SignCSR client method and
POST /pki/sign-csr web route with result display in pki.html
- Fix issuer detail cert listing: template was using map-style index on
CertSummary structs; switch to struct field access and populate
IssuedBy/IssuedAt fields from proto response
- Add certificate detail view (cert_detail.html) with GET /cert/{serial}
and GET /cert/{serial}/download routes
- Update Makefile proto target to generate both v1 and v2 protos
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
36
web/templates/cert_detail.html
Normal file
36
web/templates/cert_detail.html
Normal file
@@ -0,0 +1,36 @@
|
||||
{{define "title"}} - Certificate: {{.Cert.Serial}}{{end}}
|
||||
{{define "content"}}
|
||||
<div class="page-header">
|
||||
<h2>Certificate: {{.Cert.CommonName}}</h2>
|
||||
<div class="page-meta">
|
||||
<a href="/pki/issuer/{{.Cert.Issuer}}">← Issuer: {{.Cert.Issuer}}</a>
|
||||
 · 
|
||||
<a href="/pki/cert/{{.Cert.Serial}}/download">Download Certificate (PEM)</a>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Certificate Details</div>
|
||||
<table class="kv-table">
|
||||
<tbody>
|
||||
<tr><th>Serial</th><td><code>{{.Cert.Serial}}</code></td></tr>
|
||||
<tr><th>Common Name</th><td>{{.Cert.CommonName}}</td></tr>
|
||||
<tr><th>Issuer</th><td>{{.Cert.Issuer}}</td></tr>
|
||||
<tr><th>Profile</th><td>{{.Cert.Profile}}</td></tr>
|
||||
{{if .Cert.SANs}}
|
||||
<tr><th>SANs</th><td>{{range $i, $san := .Cert.SANs}}{{if $i}}, {{end}}{{$san}}{{end}}</td></tr>
|
||||
{{end}}
|
||||
<tr><th>Issued By</th><td>{{.Cert.IssuedBy}}</td></tr>
|
||||
<tr><th>Issued At</th><td>{{.Cert.IssuedAt}}</td></tr>
|
||||
<tr><th>Expires At</th><td>{{.Cert.ExpiresAt}}</td></tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
|
||||
<div class="card">
|
||||
<div class="card-title">Certificate PEM</div>
|
||||
<div class="form-group">
|
||||
<textarea rows="12" class="pem-input" readonly>{{.Cert.CertPEM}}</textarea>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
||||
@@ -45,7 +45,7 @@
|
||||
<tbody>
|
||||
{{range .Certs}}
|
||||
<tr>
|
||||
<td>{{.CommonName}}</td>
|
||||
<td><a href="/pki/cert/{{.Serial}}">{{.CommonName}}</a></td>
|
||||
<td>{{.Profile}}</td>
|
||||
<td><code>{{.Serial}}</code></td>
|
||||
<td>{{.IssuedBy}}</td>
|
||||
|
||||
@@ -98,31 +98,6 @@
|
||||
{{if and .HasRoot .Issuers}}
|
||||
<div class="card">
|
||||
<div class="card-title">Issue Certificate</div>
|
||||
{{if .IssuedCert}}
|
||||
<div class="success">
|
||||
<p><strong>Certificate issued successfully.</strong></p>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Serial</label>
|
||||
<input type="text" class="pem-input" value="{{index .IssuedCert "serial"}}" readonly>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Expires</label>
|
||||
<input type="text" value="{{index .IssuedCert "expires_at"}}" readonly>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Certificate PEM</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "cert_pem"}}</textarea>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Private Key PEM</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "key_pem"}}</textarea>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Chain PEM</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{index .IssuedCert "chain_pem"}}</textarea>
|
||||
</div>
|
||||
{{else}}
|
||||
<form method="post" action="/pki/issue">
|
||||
<div class="form-row">
|
||||
<div class="form-group">
|
||||
@@ -196,6 +171,53 @@
|
||||
<button type="submit">Issue Certificate</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
{{if and .HasRoot .Issuers}}
|
||||
<div class="card">
|
||||
<div class="card-title">Sign CSR</div>
|
||||
{{if .SignedCert}}
|
||||
<div class="success">
|
||||
<p>CSR signed successfully. Serial: <code>{{.SignedCert.Serial}}</code> — Expires: {{.SignedCert.ExpiresAt}}</p>
|
||||
<div class="form-group">
|
||||
<label>Certificate PEM</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{.SignedCert.CertPEM}}</textarea>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label>Chain PEM</label>
|
||||
<textarea rows="8" class="pem-input" readonly>{{.SignedCert.ChainPEM}}</textarea>
|
||||
</div>
|
||||
</div>
|
||||
{{else}}
|
||||
<form method="post" action="/pki/sign-csr">
|
||||
<div class="form-row">
|
||||
<div class="form-group">
|
||||
<label for="sign_issuer">Issuer</label>
|
||||
<select id="sign_issuer" name="issuer" required>
|
||||
<option value="">— select issuer —</option>
|
||||
{{range .Issuers}}<option value="{{.}}">{{.}}</option>{{end}}
|
||||
</select>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="sign_profile">Profile (key usage defaults)</label>
|
||||
<select id="sign_profile" name="profile">
|
||||
<option value="server">server (default)</option>
|
||||
<option value="client">client</option>
|
||||
<option value="peer">peer</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="sign_ttl">TTL (optional)</label>
|
||||
<input type="text" id="sign_ttl" name="ttl" placeholder="2160h">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="sign_csr_pem">CSR (PEM)</label>
|
||||
<textarea id="sign_csr_pem" name="csr_pem" rows="8" class="pem-input" placeholder="-----BEGIN CERTIFICATE REQUEST-----" required></textarea>
|
||||
</div>
|
||||
<button type="submit">Sign CSR</button>
|
||||
</form>
|
||||
{{end}}
|
||||
</div>
|
||||
{{end}}
|
||||
|
||||
Reference in New Issue
Block a user