version 1.84, 2016/07/30 00:38:14
|
version 1.87, 2017/05/16 17:33:33
|
Line 34 http://www.lon-capa.org/
|
Line 34 http://www.lon-capa.org/
|
<perlscript mode='fg'> |
<perlscript mode='fg'> |
$|=1; |
$|=1; |
use strict; |
use strict; |
|
use lib '/home/httpd/lib/perl/'; |
|
use LONCAPA::Configuration; |
|
use LONCAPA::Lond; |
|
use LONCAPA::SSL; |
|
use LONCAPA; |
|
use GDBM_File; |
|
use Storable qw(thaw); |
|
use Term::ReadKey; |
|
use Locale::Country; |
|
|
print(<<END); |
print(<<END); |
|
|
Line 50 use strict;
|
Line 59 use strict;
|
|
|
END |
END |
#sleep(3); |
#sleep(3); |
|
|
|
sub get_static_config { |
|
# get LCperlvars from loncapa_apache.conf |
|
my $confdir = '/etc/httpd/conf/'; |
|
if ('<DIST />' eq 'sles10' || '<DIST />' eq 'sles11' || '<DIST />' eq 'sles12' || '<DIST />' eq 'suse10.1' || '<DIST />' eq 'suse10.2' || '<DIST />' eq 'suse10.3' || '<DIST />' eq 'suse11.1' || '<DIST />' eq 'suse11.2' || '<DIST />' eq 'suse11.3' || '<DIST />' eq 'suse11.4' || '<DIST />' eq 'suse12.1' || '<DIST />' eq 'suse12.2' || '<DIST />' eq 'suse12.3' || '<DIST />' eq 'suse13.1' || '<DIST />' eq 'suse13.2' || '<DIST />' eq 'debian5' || '<DIST />' eq 'debian6' || '<DIST />' eq 'ubuntu6' || '<DIST />' eq 'ubuntu8' || '<DIST />' eq 'ubuntu10' || '<DIST />' eq 'ubuntu12' || '<DIST />' eq 'ubuntu14' || '<DIST />' eq 'ubuntu16') { |
|
$confdir = '/etc/apache2/'; |
|
} |
|
my $filename='loncapa_apache.conf'; |
|
my %LCperlvar; |
|
if (-e "$confdir$filename") { |
|
open(CONFIG,'<'.$confdir.$filename) or die("Can't read $confdir$filename"); |
|
while (my $configline=<CONFIG>) { |
|
if ($configline =~ /^[^\#]?PerlSetVar/) { |
|
my ($unused,$varname,$varvalue)=split(/\s+/,$configline); |
|
chomp($varvalue); |
|
$LCperlvar{$varname}=$varvalue; |
|
} |
|
} |
|
close(CONFIG); |
|
} |
|
return \%LCperlvar; |
|
} |
|
|
|
sub get_domain_config { |
|
my ($dom,$primaryserver,$isprimary,$url,$perlvarref) = @_; |
|
my %confhash; |
|
if ($isprimary) { |
|
if (ref($perlvarref) eq 'HASH') { |
|
my $lonusersdir = $perlvarref->{'lonUsersDir'}; |
|
my $fname = $lonusersdir.'/'.$dom.'/configuration.db'; |
|
if (-e $fname) { |
|
my $dbref=&LONCAPA::locking_hash_tie($fname,&GDBM_READER()); |
|
if (ref($dbref) eq 'HASH') { |
|
foreach my $key (sort(keys(%{$dbref}))) { |
|
my $value = $dbref->{$key}; |
|
if ($value =~ s/^__FROZEN__//) { |
|
$value = thaw(&LONCAPA::unescape($value)); |
|
} else { |
|
$value = &LONCAPA::unescape($value); |
|
} |
|
$confhash{$key} = $value; |
|
} |
|
&LONCAPA::locking_hash_untie($dbref); |
|
} |
|
} |
|
} |
|
} else { |
|
if (open(PIPE,"wget --no-check-certificate '$url?primary=$primaryserver&format=raw' |")) { |
|
my $config = ''; |
|
while (<PIPE>) { |
|
$config .= $_; |
|
} |
|
close(PIPE); |
|
if ($config) { |
|
my @pairs=split(/\&/,$config); |
|
foreach my $item (@pairs) { |
|
my ($key,$value)=split(/=/,$item,2); |
|
my $what = &LONCAPA::unescape($key); |
|
if ($value =~ s/^__FROZEN__//) { |
|
$value = thaw(&LONCAPA::unescape($value)); |
|
} else { |
|
$value = &LONCAPA::unescape($value); |
|
} |
|
$confhash{$what}=$value; |
|
} |
|
} |
|
} |
|
} |
|
return (\%confhash); |
|
} |
|
|
|
sub make_passphrase { |
|
my ($got_passwd,$firstpass,$secondpass,$passwd); |
|
my $maxtries = 10; |
|
my $trial = 0; |
|
while ((!$got_passwd) && ($trial < $maxtries)) { |
|
$firstpass = &get_password('Enter password'); |
|
if (length($firstpass) < 6) { |
|
print('Password too short.'."\n". |
|
'Please choose a password with at least six characters.'."\n". |
|
'Please try again.'."\n"); |
|
} elsif (length($firstpass) > 30) { |
|
print('Password too long.'."\n". |
|
'Please choose a password with no more than thirty characters.'."\n". |
|
'Please try again.'."\n"); |
|
} else { |
|
my $pbad=0; |
|
foreach (split(//,$firstpass)) {if ((ord($_)<32)||(ord($_)>126)){$pbad=1;}} |
|
if ($pbad) { |
|
print('Password contains invalid characters.'."\n". |
|
'Password must consist of standard ASCII characters.'."\n". |
|
'Please try again.'."\n"); |
|
} else { |
|
$secondpass = &get_password('Enter password a second time'); |
|
if ($firstpass eq $secondpass) { |
|
$got_passwd = 1; |
|
$passwd = $firstpass; |
|
} else { |
|
print('Passwords did not match.'."\n". |
|
'Please try again.'."\n"); |
|
} |
|
} |
|
} |
|
$trial ++; |
|
} |
|
return $passwd; |
|
} |
|
|
|
sub get_password { |
|
my ($prompt) = @_; |
|
local $| = 1; |
|
print $prompt.': '; |
|
my $newpasswd = ''; |
|
ReadMode 'raw'; |
|
my $key; |
|
while(ord($key = ReadKey(0)) != 10) { |
|
if(ord($key) == 127 || ord($key) == 8) { |
|
chop($newpasswd); |
|
print "\b \b"; |
|
} elsif(!ord($key) < 32) { |
|
$newpasswd .= $key; |
|
print '*'; |
|
} |
|
} |
|
ReadMode 'normal'; |
|
print "\n"; |
|
return $newpasswd; |
|
} |
|
|
|
sub send_mail { |
|
my ($hostname,$recipient,$subj,$file) = @_; |
|
my $from = 'www@'.$hostname; |
|
my $certmail = "To: $recipient\n". |
|
"From: $from\n". |
|
"Subject: ".$subj."\n". |
|
"Content-type: text/plain\; charset=UTF-8\n". |
|
"MIME-Version: 1.0\n\n"; |
|
if (open(my $fh,"<$file")) { |
|
while (<$fh>) { |
|
$certmail .= $_; |
|
} |
|
close($fh); |
|
$certmail .= "\n\n"; |
|
if (open(my $mailh, "|/usr/lib/sendmail -oi -t -odb")) { |
|
print $mailh $certmail; |
|
close($mailh); |
|
print "Mail sent ($subj) to $recipient\n"; |
|
} else { |
|
print "Sending mail ($subj) to $recipient failed.\n"; |
|
} |
|
} |
|
return; |
|
} |
|
|
</perlscript> |
</perlscript> |
</file> |
</file> |
<file> |
<file> |
<target dist='default'>loncom/hosts.tab</target> |
<target dist='default'>../../loncom/hosts.tab</target> |
<perlscript mode='fg'> |
<perlscript mode='fg'> |
my $lonCluster; |
my $lonCluster; |
unless (-l "<TARGET />") { |
my $currCluster; |
print(<<END); |
|
|
if (-l "<TARGET />") { |
|
my $currlink = readlink("<TARGET />"); |
|
if ($currlink =~ /^new_(existing|standalone|development|production)_hosts\.tab$/) { |
|
$currCluster = $1; |
|
} |
|
my %clustertypes = ( |
|
production => 'PRODUCTION', |
|
standalone => 'STAND-ALONE', |
|
development => 'DEVELOPMENT', |
|
existing => 'RUNNING YOUR OWN CLUSTER', |
|
); |
|
if (($currCluster) && (exists($clustertypes{$currCluster}))) { |
|
print(<<END); |
|
|
|
The cluster type for this server is currently: $clustertypes{$currCluster} |
|
END |
|
|
|
} |
|
} |
|
|
|
print(<<END); |
|
|
=============================================================================== |
=============================================================================== |
|
|
Which cluster option would you like to have installed? |
Which cluster option would you like to have installed? |
IMPORTANT: to take advantage of the cluster options 1) and 3), |
IMPORTANT: to take advantage of the cluster options 1) and 3), |
you must contact loncapa\@loncapa.org. |
you must contact loncapa\@loncapa.org. |
Line 117 END
|
Line 302 END
|
$lonCluster='rawhide'; $flag=1; |
$lonCluster='rawhide'; $flag=1; |
} |
} |
} |
} |
} |
|
</perlscript> |
</perlscript> |
</file> |
</file> |
<file> |
<file> |
Line 130 my $primaryLibServer;
|
Line 314 my $primaryLibServer;
|
my $protocol; |
my $protocol; |
my $intdom; |
my $intdom; |
my $desiredhostname; |
my $desiredhostname; |
|
my $city; |
|
my $state; |
|
my $country; |
my @libservers = (); |
my @libservers = (); |
unless (-e "<TARGET />") { |
unless (-e "<TARGET />") { |
print(<<END); |
print(<<END); |
Line 139 If you have questions, please visit http
|
Line 326 If you have questions, please visit http
|
or contact helpdesk\@loncapa.org. |
or contact helpdesk\@loncapa.org. |
|
|
=============================================================================== |
=============================================================================== |
The following 8 values are needed to configure LON-CAPA: |
The following 10 values are needed to configure LON-CAPA: |
* Machine Role |
* Machine Role |
* LON-CAPA Domain Name |
* LON-CAPA Domain Name |
* LON-CAPA Machine ID Name |
* LON-CAPA Machine ID Name |
Line 148 The following 8 values are needed to con
|
Line 335 The following 8 values are needed to con
|
* Web Server Protocol |
* Web Server Protocol |
* Internet Domain Name of Your Institution |
* Internet Domain Name of Your Institution |
* Hostname |
* Hostname |
|
* City, State, Country for LON-CAPA SSL certificate |
|
* Password for key for creating SSL certificates |
=============================================================================== |
=============================================================================== |
|
|
In addition, a Support E-mail Address can also be included. If |
In addition, a Support E-mail Address can also be included. If |
Line 266 END
|
Line 455 END
|
close(OUT); |
close(OUT); |
$lonDefDomain=$choice; |
$lonDefDomain=$choice; |
$flag=1; |
$flag=1; |
} elsif (length($choice)>35) { |
} elsif (length($choice)>35) { |
print "Name too long\n"; |
print "Name too long\n"; |
} elsif (length($choice)<2) { |
} elsif (length($choice)<2) { |
print "Name too short\n"; |
print "Name too short\n"; |
} elsif ($bad_domain_flag) { |
} elsif ($bad_domain_flag) { |
print "Invalid input ('$choice' conflicts with LON-CAPA namespace).\n"; |
print "Invalid input ('$choice' conflicts with LON-CAPA namespace).\n"; |
Line 353 END
|
Line 542 END
|
close(OUT); |
close(OUT); |
$lonHostID=$choice; |
$lonHostID=$choice; |
$flag=1; |
$flag=1; |
} elsif (length($choice)>45) { |
} elsif (length($choice)>45) { |
print "Name too long\n"; |
print "Name too long\n"; |
} elsif (length($choice)<4) { |
} elsif (length($choice)<4) { |
print "Name too short\n"; |
print "Name too short\n"; |
} elsif ($choice!~/\_/ and $choice=~/^[\w\-.]+$/) { |
} elsif ($choice!~/\_/ and $choice=~/^[\w\-.]+$/) { |
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
Line 393 END
|
Line 582 END
|
print(<<END); |
print(<<END); |
ENTER DOMAIN'S PRIMARY LIBRARY SERVER ID [$primaryLibServer]: |
ENTER DOMAIN'S PRIMARY LIBRARY SERVER ID [$primaryLibServer]: |
END |
END |
} elsif (@libservers > 0) { |
} elsif (@libservers > 0) { |
print(<<END); |
print(<<END); |
ENTER DOMAIN'S PRIMARY LIBRARY SERVER ID [$libservers[0]] |
ENTER DOMAIN'S PRIMARY LIBRARY SERVER ID [$libservers[0]] |
END |
END |
Line 411 END
|
Line 600 END
|
print(OUT 'primaryLibServer'."\t".$choice."\n"); |
print(OUT 'primaryLibServer'."\t".$choice."\n"); |
close(OUT); |
close(OUT); |
$flag=1; |
$flag=1; |
} elsif (length($choice)>35) { |
} elsif (length($choice)>35) { |
print "Name too long\n"; |
print "Name too long\n"; |
} elsif (length($choice)<4) { |
} elsif (length($choice)<4) { |
print "Name too short\n"; |
print "Name too short\n"; |
} elsif ($choice!~/\_/ and $choice=~/^[\w\-.]+$/) { |
} elsif ($choice!~/\_/ and $choice=~/^[\w\-.]+$/) { |
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
Line 434 my $lonAdmEMail;
|
Line 623 my $lonAdmEMail;
|
while (!$flag) { |
while (!$flag) { |
print(<<END); |
print(<<END); |
|
|
**** Server Administrators E-mail **** |
**** Server Administrator's E-mail **** |
E-mail address of the person who will manage this machine |
E-mail address of the person who will manage this machine |
[should be in the form somebody\@somewhere] |
[should be in the form somebody\@somewhere] |
ENTER ADMIN E-MAIL ADDRESS: |
ENTER ADMIN E-MAIL ADDRESS: |
Line 566 while (!$flag) {
|
Line 755 while (!$flag) {
|
****** Hostname of the server/VM ***** |
****** Hostname of the server/VM ***** |
|
|
The hostname of the server/VM is required. This will be similar to: |
The hostname of the server/VM is required. This will be similar to: |
somename.ustate.edu or somename.department.ustate.edu, and would be |
somename.ustate.edu or somename.department.ustate.edu, and would be |
the web address which users would point their web browsers at to |
the web address which users would point their web browsers at to |
access the server. |
access the server. |
|
|
Line 598 if ($posshostname) {
|
Line 787 if ($posshostname) {
|
} |
} |
} |
} |
|
|
|
# get Country |
|
print(<<END); |
|
|
|
****** Information about Country, State or Province and City ***** |
|
|
|
A two-letter country code, e.g., US, CA, DE etc. as defined by ISO 3166, |
|
is required. A state or province, and a city are also required. |
|
This locality information is included in two SSL certificates used internally |
|
by LON-CAPA, unless you are running standalone. |
|
|
|
If your server will be part of either the production or development |
|
clusters, then the certificate will need to be signed by the official |
|
LON-CAPA Certificate Authority (CA). If you will be running your own |
|
cluster then the cluster will need to create its own CA. |
|
|
|
END |
|
|
|
my $posscountry; |
|
if ($desiredhostname =~ /\.(edu|com|org)$/) { |
|
$posscountry = 'us'; |
|
|
|
} else { |
|
($posscountry) = ($desiredhostname =~ /\.(a-z){2}$/); |
|
} |
|
if ($posscountry) { |
|
my $countrydesc = &Locale::Country::code2country($posscountry); |
|
if ($countrydesc eq '') { |
|
undef($posscountry); |
|
} |
|
} |
|
|
|
$flag=0; |
|
while (!$flag) { |
|
if ($posscountry) { |
|
$posscountry = uc($posscountry); |
|
print "ENTER TWO-LETTER COUNTRY CODE [$posscountry]:\n"; |
|
} else { |
|
print "ENTER TWO-LETTER COUNTRY CODE:\n"; |
|
} |
|
my $choice=<>; |
|
chomp($choice); |
|
if ($choice ne '') { |
|
if (&Locale::Country::code2country(lc($choice))) { |
|
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
|
print(OUT 'country'."\t".uc($choice)."\n"); |
|
close(OUT); |
|
$country=uc($choice); |
|
$flag=1; |
|
} else { |
|
print "Invalid input -- a valid two letter country code is required\n"; |
|
} |
|
} elsif (($choice eq '') && ($posscountry ne '')) { |
|
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
|
print(OUT 'country'."\t".$posscountry."\n"); |
|
close(OUT); |
|
$country = $posscountry; |
|
$flag = 1; |
|
} else { |
|
print "Invalid input -- a country code is required\n"; |
|
} |
|
} |
|
|
|
$flag=0; |
|
# get State or Province |
|
while (!$flag) { |
|
print(<<END); |
|
|
|
ENTER STATE OR PROVINCE NAME: |
|
END |
|
|
|
my $choice=<>; |
|
chomp($choice); |
|
if ($choice ne '') { |
|
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
|
print(OUT 'state'."\t".$choice."\n"); |
|
close(OUT); |
|
$state=$choice; |
|
$flag=1; |
|
} |
|
else { |
|
print "Invalid input (a state or province name is required).\n"; |
|
} |
|
} |
|
|
|
$flag=0; |
|
# get City |
|
while (!$flag) { |
|
print(<<END); |
|
|
|
ENTER CITY NAME: |
|
END |
|
|
|
my $choice=<>; |
|
chomp($choice); |
|
if ($choice ne '') { |
|
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
|
print(OUT 'city'."\t".$choice."\n"); |
|
close(OUT); |
|
$city=$choice; |
|
$flag=1; |
|
} |
|
else { |
|
print "Invalid input (a city is required).\n"; |
|
} |
|
} |
|
|
|
$flag=0; |
|
while (!$flag) { |
|
print(<<END); |
|
|
|
The domain description, country, state and city will be |
|
used in the SSL certificates |
|
|
|
1) Domain Description: $domainDescription |
|
2) Country: $country |
|
3) State or Province: $state |
|
4) City: $city |
|
5) Everything is correct up above |
|
|
|
ENTER A CHOICE OF 1-4 TO CHANGE, otherwise ENTER 5: |
|
END |
|
my $choice=<>; |
|
chomp($choice); |
|
if ($choice == 1) { |
|
print(<<END); |
|
1) Domain Description: $domainDescription |
|
ENTER NEW VALUE |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
$domainDescription=$choice2; |
|
} |
|
elsif ($choice == 2) { |
|
print(<<END); |
|
2) Country: $country |
|
ENTER NEW VALUE (this should be a two-character code, e,g, US, CA, DE) |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
$country = uc($choice2); |
|
} |
|
elsif ($choice == 3) { |
|
print(<<END); |
|
3) State or Province: $state |
|
ENTER NEW VALUE: |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
$state=$choice2; |
|
} |
|
elsif ($choice == 4) { |
|
print(<<END); |
|
4) City: $city |
|
ENTER NEW VALUE: |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
$city=$choice2; |
|
} elsif ($choice == 5) { |
|
$flag=1; |
|
$state =~ s{/}{ }g; |
|
$city =~ s{/}{ }g; |
|
$domainDescription =~ s{/}{ }g; |
|
} else { |
|
print "Invalid input.\n"; |
|
} |
|
} |
|
|
|
my $perlvarref = &get_static_config(); |
|
if (ref($perlvarref) eq 'HASH') { |
|
my ($certsdir,$privkey,$connectcsr,$replicatecsr); |
|
$certsdir = $perlvarref->{'lonCertificateDirectory'}; |
|
$privkey = $perlvarref->{'lonnetPrivateKey'}; |
|
$connectcsr = $perlvarref->{'lonnetCertificate'}; |
|
$connectcsr =~ s/\.pem$/.csr/; |
|
$replicatecsr = $perlvarref->{'lonnetHostnameCertificate'}; |
|
$replicatecsr =~ s/\.pem$/.csr/; |
|
|
|
print(<<END); |
|
|
|
****** SSL Certificates ***** |
|
|
|
You need to provide a password to be used for the openssl key which |
|
will be stored in $certsdir, and will be used when creating two |
|
certificate signing requests: $connectcsr and $replicatecsr |
|
|
|
END |
|
|
|
my $sslkeypass; |
|
$flag=0; |
|
# get Password for SSL key |
|
while (!$flag) { |
|
$sslkeypass = &make_passphrase(); |
|
if ($sslkeypass) { |
|
$flag = 1; |
|
} else { |
|
print "Invalid input (a password is required for the SSL key).\n"; |
|
} |
|
} |
|
|
|
if ($certsdir && $privkey) { |
|
my $connectsubj = "/C=$country/ST=$state/O=$domainDescription/L=$city/CN=$lonHostID/OU=LONCAPA/emailAddress=$lonAdmEMail"; |
|
my $replicatesubj = "/C=$country/ST=$state/O=$domainDescription/L=$city/CN=internal-$desiredhostname/OU=LONCAPA/emailAddress=$lonAdmEMail"; |
|
|
|
# generate SSL key |
|
# generate SSL csr for hostID |
|
# generate SSL csr for internal hostname |
|
|
|
if (-f "$certsdir/lonKey.enc") { |
|
my $mode = 0600; |
|
chmod $mode, "$certsdir/lonKey.enc"; |
|
} |
|
open(PIPE,"openssl genrsa -des3 -passout pass:$sslkeypass -out $certsdir/lonKey.enc 2048 2>&1 |"); |
|
close(PIPE); |
|
if (-f "$certsdir/$privkey") { |
|
my $mode = 0600; |
|
chmod $mode, "$certsdir/$privkey"; |
|
} |
|
open(PIPE,"openssl rsa -in $certsdir/lonKey.enc -passin pass:$sslkeypass -out $certsdir/$privkey -outform PEM |"); |
|
close(PIPE); |
|
if ($connectcsr) { |
|
open(PIPE,"openssl req -key $certsdir/lonKey.enc -passin pass:$sslkeypass -new -batch -subj \"$connectsubj\" -out $certsdir/$connectcsr |"); |
|
close(PIPE); |
|
} |
|
if ($replicatecsr) { |
|
open(PIPE,"openssl req -key $certsdir/lonKey.enc -passin pass:$sslkeypass -new -batch -subj \"$replicatesubj\" -out $certsdir/$replicatecsr |"); |
|
close(PIPE); |
|
} |
|
if (-f "$certsdir/lonKey.enc") { |
|
my $mode = 0400; |
|
chmod $mode, "$certsdir/lonKey.enc"; |
|
} |
|
if (-f "$certsdir/$privkey") { |
|
my $mode = 0400; |
|
chmod $mode, "$certsdir/$privkey"; |
|
} |
|
} |
|
|
|
my $camail; |
|
if ($lonCluster eq 'production' || $lonCluster eq 'development') { |
|
$camail = $perlvarref->{'SSLEmail'}; |
|
} else { |
|
$flag=0; |
|
# get Certificate Authority E-mail |
|
while (!$flag) { |
|
print(<<END); |
|
|
|
ENTER EMAIL ADDRESS TO SEND CERTIFICATE SIGNING REQUESTS |
|
END |
|
|
|
my $choice=<>; |
|
chomp($choice); |
|
if ($choice ne '') { |
|
open(OUT,'>>/tmp/loncapa_updatequery.out'); |
|
print(OUT 'Certificate Authority Email Address'."\t".$choice."\n"); |
|
close(OUT); |
|
$camail=$choice; |
|
$flag=1; |
|
} else { |
|
print "Invalid input (an email address is required).\n"; |
|
} |
|
} |
|
} |
|
if ($camail) { |
|
my $subj; |
|
if (-e "$certsdir/$connectcsr") { |
|
$subj = "Certificate Request ($lonHostID)"; |
|
print(&send_mail($desiredhostname,$camail,$subj,"$certsdir/$connectcsr")); |
|
} |
|
if (-e "$certsdir/$replicatecsr") { |
|
$subj = "Certificate Request (internal-$desiredhostname)"; |
|
print(&send_mail($desiredhostname,$camail,$subj,"$certsdir/$replicatecsr")); |
|
} |
|
} |
|
} |
|
|
# update loncapa.conf |
# update loncapa.conf |
my $confdir = '/etc/httpd/conf/'; |
my $confdir = '/etc/httpd/conf/'; |
if ('<DIST />' eq 'sles10' || '<DIST />' eq 'sles11' || '<DIST />' eq 'sles12' || '<DIST />' eq 'suse10.1' || '<DIST />' eq 'suse10.2' || '<DIST />' eq 'suse10.3' || '<DIST />' eq 'suse11.1' || '<DIST />' eq 'suse11.2' || '<DIST />' eq 'suse11.3' || '<DIST />' eq 'suse11.4' || '<DIST />' eq 'suse12.1' || '<DIST />' eq 'suse12.2' || '<DIST />' eq 'suse12.3' || '<DIST />' eq 'suse13.1' || '<DIST />' eq 'suse13.2' || '<DIST />' eq 'debian5' || '<DIST />' eq 'debian6' || '<DIST />' eq 'ubuntu6' || '<DIST />' eq 'ubuntu8' || '<DIST />' eq 'ubuntu10' || '<DIST />' eq 'ubuntu12' || '<DIST />' eq 'ubuntu14' || '<DIST />' eq 'ubuntu16') { |
if ('<DIST />' eq 'sles10' || '<DIST />' eq 'sles11' || '<DIST />' eq 'sles12' || '<DIST />' eq 'suse10.1' || '<DIST />' eq 'suse10.2' || '<DIST />' eq 'suse10.3' || '<DIST />' eq 'suse11.1' || '<DIST />' eq 'suse11.2' || '<DIST />' eq 'suse11.3' || '<DIST />' eq 'suse11.4' || '<DIST />' eq 'suse12.1' || '<DIST />' eq 'suse12.2' || '<DIST />' eq 'suse12.3' || '<DIST />' eq 'suse13.1' || '<DIST />' eq 'suse13.2' || '<DIST />' eq 'debian5' || '<DIST />' eq 'debian6' || '<DIST />' eq 'ubuntu6' || '<DIST />' eq 'ubuntu8' || '<DIST />' eq 'ubuntu10' || '<DIST />' eq 'ubuntu12' || '<DIST />' eq 'ubuntu14' || '<DIST />' eq 'ubuntu16') { |
Line 742 my %perlvarstatic;
|
Line 1207 my %perlvarstatic;
|
push(@hosts_files,'/home/httpd/lonTabs/hosts.tab', |
push(@hosts_files,'/home/httpd/lonTabs/hosts.tab', |
'/home/httpd/lonTabs/dns_hosts.tab'); |
'/home/httpd/lonTabs/dns_hosts.tab'); |
|
|
|
my @poss_hosts_files = @hosts_files; |
if (!$domainDescription) { |
if (!$domainDescription) { |
foreach my $file (@domain_files) { |
foreach my $file (@domain_files) { |
open(IN,'<'.$file); |
open(IN,'<'.$file); |
Line 795 my %perlvarstatic;
|
Line 1261 my %perlvarstatic;
|
} |
} |
} |
} |
|
|
|
my (%hostnames,%protocols); |
while(!$primaryLibServer && (@hosts_files || @domain_files)) { |
while(!$primaryLibServer && (@hosts_files || @domain_files)) { |
my $file = shift(@domain_files); |
my $file = shift(@domain_files); |
open(IN,'<'.$file); |
open(IN,'<'.$file); |
Line 809 my %perlvarstatic;
|
Line 1276 my %perlvarstatic;
|
$file = shift(@hosts_files); |
$file = shift(@hosts_files); |
open(IN,'<'.$file); |
open(IN,'<'.$file); |
while(my $line = <IN>) { |
while(my $line = <IN>) { |
if ($line =~ /^([^\:]+)\:\Q$perlvar{'lonDefDomain'}\E\:library\:/) { |
if ($line =~ /^([^\:]+)\:\Q$perlvar{'lonDefDomain'}\E\:library\:([^\:]+)/) { |
push(@libservers,$1); |
push(@libservers,$1); |
|
$hostnames{$1} = $2; |
} |
} |
} |
} |
# make list unique |
# make list unique |
@libservers = keys(%{{ map { $_ => 1 } (@libservers) }}); |
@libservers = keys(%{{ map { $_ => 1 } (@libservers) }}); |
close(IN); |
close(IN); |
if (@libservers == 1) { |
if (@libservers == 1) { |
$primaryLibServer = $libservers[0]; |
$primaryLibServer = $libservers[0]; |
} |
} |
} |
} |
|
|
|
# get hostname of primaryLibServer |
|
my ($primary_hostname,$primary_protocol); |
|
if ($primaryLibServer) { |
|
if ($hostnames{$primaryLibServer}) { |
|
$primary_hostname = $hostnames{$primaryLibServer}; |
|
$primary_protocol = $protocols{$primaryLibServer}; |
|
} else { |
|
foreach my $file (@poss_hosts_files) { |
|
open(IN,'<'.$file); |
|
while (my $line = <IN>) { |
|
if ($line =~ /^([^\:]+)\:\Q$perlvar{'lonDefDomain'}\E\:library\:([^\:]+):(https?)/) { |
|
if ($1 eq $primaryLibServer) { |
|
$primary_hostname = $2; |
|
$primary_protocol = $3; |
|
last; |
|
} |
|
} |
|
} |
|
close(IN); |
|
last if ($primary_hostname); |
|
} |
|
} |
|
} |
|
|
# implement editing logic below, interactively |
# implement editing logic below, interactively |
# update loncapa.conf until 15 is entered |
# update loncapa.conf until 17 is entered |
|
|
my $flag=0; |
my $flag=0; |
|
|
|
# |
|
# Changes to 5, 6, and 14 not supported if configuration.db set on primary library server. |
|
# (requires either this machine to be primary library server or for LON-CAPA and Apache |
|
# to be running on primary library server. |
|
# |
|
|
|
my ($isprimary,$domconf,$url,$gotdomconf,$adminmail,$supportmail,$connectssl,%setbygui); |
|
if ($primaryLibServer eq $perlvar{'lonHostID'}) { |
|
$isprimary = 1; |
|
} else { |
|
unless ($primary_protocol eq 'https') { |
|
$primary_protocol = 'http'; |
|
} |
|
$url = $primary_protocol.'://'.$primary_hostname.'/cgi-bin/listdomconfig.pl'; |
|
} |
|
my $domconf = &get_domain_config($perlvar{'lonDefDomain'},$primaryLibServer,$isprimary, |
|
$url,\%perlvarstatic); |
|
if (ref($domconf)) { |
|
$gotdomconf = 1; |
|
if (ref($domconf->{'contacts'}) eq 'HASH') { |
|
if (exists($domconf->{'contacts'}->{'adminemail'})) { |
|
$adminmail = $domconf->{'contacts'}->{'adminemail'}; |
|
} |
|
if (exists($domconf->{'contacts'}->{'supportemail'})) { |
|
$supportmail = $domconf->{'contacts'}->{'supportemail'}; |
|
} |
|
} |
|
if (ref($domconf->{'ssl'}) eq 'HASH') { |
|
foreach my $connect ('connto','connfrom') { |
|
if (ref($domconf->{'ssl'}->{$connect}) eq 'HASH') { |
|
my ($sslreq,$sslnoreq,$currsetting); |
|
my %contypes; |
|
foreach my $type ('dom','intdom','other') { |
|
my $key; |
|
if ($domconf->{'ssl'}->{'connect'}->{$type} eq 'req') { |
|
$key = 'yes'; |
|
} else { |
|
$key = 'no'; |
|
} |
|
if ($type eq 'dom') { |
|
$contypes{$key} .= ' own domain,'; |
|
} elsif ($type eq 'intdom') { |
|
$contypes{$key} .= ' own institution,'; |
|
} elsif ($type eq 'other') { |
|
$contypes{$key} .= ' other domains,'; |
|
} |
|
} |
|
foreach my $key (sort(keys(%contypes))) { |
|
$contypes{$key} =~ s/^\s//; |
|
$contypes{$key} =~ s/,$//; |
|
if ($key eq 'yes') { |
|
$currsetting .= ' Yes ('.$contypes{$key}.'),'; |
|
} elsif ($key eq 'no') { |
|
$currsetting .= ' No ('.$contypes{$key}.')'; |
|
} |
|
$currsetting =~ s/,$//; |
|
} |
|
if ($currsetting ne '') { |
|
$connectssl = $sslname{$connect}.' -- '.$currsetting.' | '; |
|
} |
|
} |
|
} |
|
$connectssl =~ s/\s\|\s$//; |
|
} |
|
} |
|
if ($connectssl) { |
|
$setbygui{'securestatus'} = 1; |
|
$securestatus = 'Set by domain configuration via web GUI. Currently: '.$connectssl; |
|
} |
|
if ($adminmail) { |
|
$adminmail = 'Set by domain configuration via web GUI. Currently: '.$adminmail; |
|
$setbygui{'lonAdmEMail'} = 1; |
|
} else { |
|
$adminmail = $perlvar{'lonAdmEMail'}; |
|
} |
|
if ($supportmail) { |
|
$supportmail = 'Set by domain configuration via web GUI. Currently: '.$supportmail; |
|
$setbygui{'lonSupportEMail'} = 1; |
|
} else { |
|
$supportmail = $perlvar{'lonSupportEMail'}; |
|
} |
|
|
|
print "\nRetrieving status information for SSL key and certificates ...\n\n"; |
|
my ($lonhostcertstatus,$lonhostnamecertstatus,$lonkeystatus); |
|
my $currcerts = &LONCAPA::SSL::print_certstatus({$perlvar{'lonHostID'} => 1,},'text','cgi'); |
|
chomp($currcerts); |
|
my %sslstatus; |
|
|
|
if ($currcerts eq "$perlvar{'lonHostID'}:error") { |
|
print "No information available for SSL certificates\n"; |
|
$sslstatus{'key'} = -1; |
|
$sslstatus{'host'} = -1; |
|
$sslstatus{'hostname'} = -1; |
|
$sslstatus{'ca'} = -1; |
|
$lonkeystatus = 'unknown status'; |
|
$lonhostcertstatus = 'unknown status'; |
|
$lonhostnamecertstatus = 'unknown status'; |
|
} else { |
|
my %sslnames = ( |
|
key => 'lonnetPrivateKey', |
|
host => 'lonnetCertificate', |
|
hostname => 'lonnetHostnameCertificate', |
|
ca => 'lonnetCertificateAuthority', |
|
); |
|
my %ssldesc = ( |
|
key => 'Private Key', |
|
host => 'Connections Certificate', |
|
hostname => 'Replication Certificate', |
|
ca => 'LON-CAPA CA Certificate', |
|
); |
|
my ($lonhost,$info) = split(/\:/,$currcerts,2); |
|
if ($lonhost eq $perlvar{'lonHostID'}) { |
|
my @items = split(/\&/,$info); |
|
foreach my $item (@items) { |
|
my ($key,$value) = split(/=/,$item,2); |
|
my @data = split(/,/,$value); |
|
if (grep(/^\Q$key\E$/,keys(%sslnames))) { |
|
if (lc($data[0]) eq 'yes') { |
|
print "$ssldesc{$key} $perlvarstatic{$sslnames{$key}} available with status = $data[1]\n"; |
|
if ($key eq 'key') { |
|
$lonkeystatus = "status: $data[1]"; |
|
if ($data[1] =~ /ok$/) { |
|
$sslstatus{$key} = 1; |
|
} |
|
} else { |
|
if ($data[1] eq 'Expired') { |
|
$sslstatus{$key} = 2; |
|
} else { |
|
$sslstatus{$key} = 1; |
|
} |
|
if ($key eq 'host') { |
|
$lonhostcertstatus = "status: $data[1]"; |
|
} elsif ($key eq 'hostname') { |
|
$lonhostnamecertstatus = "status: $data[1]"; |
|
} |
|
} |
|
} else { |
|
$sslstatus{$key} = 0; |
|
print "$ssldesc{$key} $perlvarstatic{$sslnames{$key}} not available\n"; |
|
if (($key eq 'host') || ($key eq 'hostname')) { |
|
my $csr = $perlvarstatic{$sslnames{$key}}; |
|
$csr =~s /\.pem$/.csr/; |
|
my $csrstatus; |
|
if (-e "$perlvarstatic{'lonCertificateDirectory'}/$csr") { |
|
open(PIPE,"openssl req -text -noout -verify -in $perlvarstatic{'lonCertificateDirectory'}/$csr 2>&1 |"); |
|
while(<PIPE>) { |
|
chomp(); |
|
$csrstatus = $_; |
|
last; |
|
} |
|
close(PIPE); |
|
print "Certificate signing request for $ssldesc{$key} available with status = $csrstatus\n\n"; |
|
if ($key eq 'host') { |
|
$lonhostcertstatus = 'awaiting signature'; |
|
} else { |
|
$lonhostnamecertstatus = 'awaiting signature'; |
|
} |
|
$sslstatus{$key} = 3; |
|
} else { |
|
print "No certificate signing request available for $ssldesc{$key}\n\n"; |
|
if ($key eq 'host') { |
|
$lonhostcertstatus = 'still needed'; |
|
} else { |
|
$lonhostnamecertstatus = 'still needed'; |
|
} |
|
} |
|
} elsif ($key eq 'key') { |
|
$lonkeystatus = 'still needed'; |
|
} |
|
} |
|
} |
|
} |
|
} |
|
} |
|
|
while (!$flag) { |
while (!$flag) { |
print(<<END); |
print(<<END); |
|
|
Line 835 This is now the current configuration of
|
Line 1502 This is now the current configuration of
|
2) Domain Description: $domainDescription |
2) Domain Description: $domainDescription |
3) Machine Name: $perlvar{'lonHostID'} |
3) Machine Name: $perlvar{'lonHostID'} |
4) ID of primary library server for domain: $primaryLibServer |
4) ID of primary library server for domain: $primaryLibServer |
5) Server Administrator's E-mail Address: $perlvar{'lonAdmEMail'} |
5) Server Administrator's E-mail Address: $adminmail |
6) Support E-mail Address: $perlvar{'lonSupportEMail'} |
6) Support E-mail Address: $supportmail |
7) Web Server Protocol (http or https): $protocol |
7) Web Server Protocol (http or https): $protocol |
8) Internet Domain Name: $intdom |
8) Internet Domain Name: $intdom |
9) Hostname: $desiredhostname |
9) Hostname: $desiredhostname |
10) Role: $perlvar{'lonRole'} |
10) Role: $perlvar{'lonRole'} |
11) Cache Expiration Time: $perlvar{'lonExpire'} |
11) Cache Expiration Time: $perlvar{'lonExpire'} (seconds) |
12) Server Load: $perlvar{'lonLoadLim'} |
12) Server Load: $perlvar{'lonLoadLim'} |
13) User Load: $perlvar{'lonUserLoadLim'} |
13) User Load: $perlvar{'lonUserLoadLim'} |
14) Allow only secure connections: $securestatus |
14) Allow only secure connections: $securestatus |
15) Everything is correct up above |
15) Private Key for SSL: $lonkeystatus |
|
16) SSL Certificate for LON-CAPA server connections: $lonhostcertstatus |
|
17) SSL Certificate for Content Replication: $lonhostnamecertstatus |
|
18) Everything is correct up above |
END |
END |
|
|
my @error; |
my @error; |
foreach my $v ($perlvar{'lonDefDomain'},$perlvar{'lonHostID'}) { |
foreach my $v ($perlvar{'lonDefDomain'},$perlvar{'lonHostID'}) { |
if (length($v)>35) { push(@error,"Name $v too long"); } |
if (length($v)>35) { push(@error,"Name $v too long"); } |
if (length($v)<2) { push(@error,"Name $v too short"); } |
if (length($v)<2) { push(@error,"Name $v too short"); } |
if ($v=~/capa/i) { |
if ($v=~/capa/i) { |
if ($v!~/^oucapa\d+$/ && |
if ($v!~/^oucapa\d+$/ && |
($v!~/^capa\d+$/ && $perlvar{'lonDefDomain'} eq 'uwsp')) { |
($v!~/^capa\d+$/ && $perlvar{'lonDefDomain'} eq 'uwsp')) { |
Line 887 if (!defined($intdom)) {
|
Line 1557 if (!defined($intdom)) {
|
} |
} |
|
|
if (!defined($primaryLibServer)) { |
if (!defined($primaryLibServer)) { |
if (@libservers > 0) { |
if (@libservers > 0) { |
push(@error,"No primary library server ID designated. Choose from: ".join(',',sort(@libservers))); |
push(@error,"No primary library server ID designated. Choose from: ".join(',',sort(@libservers))); |
} else { |
} else { |
push(@error,"No library servers in this domain (including current server)"); |
push(@error,"No library servers in this domain (including current server)"); |
} |
} |
} else { |
} else { |
if (length($primaryLibServer)>35) { push(@error,"Primary Library Server ID: $primaryLibServer too long"); } |
if (length($primaryLibServer)>35) { push(@error,"Primary Library Server ID: $primaryLibServer too long"); } |
if (length($primaryLibServer)<2) { push(@error,"Primary Library Server ID: $primaryLibServer too short"); } |
if (length($primaryLibServer)<2) { push(@error,"Primary Library Server ID: $primaryLibServer too short"); } |
if ($primaryLibServer =~/capa/i) { |
if ($primaryLibServer =~/capa/i) { |
if ($primaryLibServer!~/^oucapa\d+$/ && |
if ($primaryLibServer!~/^oucapa\d+$/ && |
($primaryLibServer!~/^capa\d+$/ && $perlvar{'lonDefDomain'} eq 'uwsp')) { |
($primaryLibServer!~/^capa\d+$/ && $perlvar{'lonDefDomain'} eq 'uwsp')) { |
Line 909 if (!defined($primaryLibServer)) {
|
Line 1579 if (!defined($primaryLibServer)) {
|
} |
} |
|
|
|
|
|
my ($certsdir,$privkey,$connectcsr,$replicatecsr); |
|
$certsdir = $perlvarstatic{'lonCertificateDirectory'}; |
|
$privkey = $perlvarstatic{'lonnetPrivateKey'}; |
|
$connectcsr = $perlvarstatic{'lonnetCertificate'}; |
|
$connectcsr =~ s/\.pem$/.csr/; |
|
$replicatecsr = $perlvarstatic{'lonnetHostnameCertificate'}; |
|
$replicatecsr =~ s/\.pem$/.csr/; |
|
|
if (@error) { print "\n*** ERRORS: \n\t".join("\n\t",@error)."\n"; } |
if (@error) { print "\n*** ERRORS: \n\t".join("\n\t",@error)."\n"; } |
print(<<END); |
print(<<END); |
ENTER A CHOICE OF 1-14 TO CHANGE, otherwise ENTER 15: |
ENTER A CHOICE OF 1-17 TO CHANGE, otherwise ENTER 18: |
END |
END |
my $choice=<>; |
my $choice=<>; |
chomp($choice); |
chomp($choice); |
Line 964 END
|
Line 1642 END
|
$primaryLibServer=$choice2; |
$primaryLibServer=$choice2; |
} |
} |
elsif ($choice==5) { |
elsif ($choice==5) { |
print(<<END); |
if ($setbygui{'lonAdmEMail'}) { |
|
print(<<END); |
|
5) Server Administrator's E-mail Address: $adminmail |
|
Use the web GUI (as domain coordinator) to make changes after completing the UPDATE. |
|
END |
|
} else { |
|
print(<<END); |
5) Server Administrator's E-mail Address: $perlvar{'lonAdmEMail'} |
5) Server Administrator's E-mail Address: $perlvar{'lonAdmEMail'} |
ENTER NEW VALUE: |
ENTER NEW VALUE: |
END |
END |
my $choice2=<>; |
my $choice2=<>; |
chomp($choice2); |
chomp($choice2); |
$perlvar{'lonAdmEMail'}=$choice2; |
$perlvar{'lonAdmEMail'}=$choice2; |
|
} |
} |
} |
elsif ($choice==6) { |
elsif ($choice==6) { |
print(<<END); |
if ($setbygui{'lonAdmEMail'}) { |
|
print(<<END); |
|
6) Support E-mail Address: $supportmail |
|
Use the web GUI (as domain coordinator) to make changes after completing the UPDATE. |
|
END |
|
} else { |
|
print(<<END); |
6) Support E-mail Address: $perlvar{'lonSupportEMail'} |
6) Support E-mail Address: $perlvar{'lonSupportEMail'} |
ENTER NEW VALUE: |
ENTER NEW VALUE: |
END |
END |
my $choice2=<>; |
my $choice2=<>; |
chomp($choice2); |
chomp($choice2); |
$perlvar{'lonSupportEMail'}=$choice2; |
$perlvar{'lonSupportEMail'}=$choice2; |
|
} |
} |
} |
elsif ($choice==7) { |
elsif ($choice==7) { |
print(<<END); |
print(<<END); |
Line 1051 END
|
Line 1743 END
|
$perlvar{'lonUserLoadLim'}=$choice2; |
$perlvar{'lonUserLoadLim'}=$choice2; |
} |
} |
elsif ($choice==14) { |
elsif ($choice==14) { |
print(<<END); |
if ($setbygui{'securestatus'}) { |
|
print(<<END); |
|
14) Allow only secure connections: $securestatus |
|
Use the web GUI (as domain coordinator) to make changes after completing the UPDATE. |
|
END |
|
} else { |
|
print(<<END); |
14) Allow only secure connections: $securestatus |
14) Allow only secure connections: $securestatus |
The Lon-CAPA communication daemons lonc and lond can be configured to |
The Lon-CAPA communication daemons lonc and lond can be configured to |
allow only secure connections by default. |
allow only secure connections by default. |
Line 1066 POSSIBLE CHOICES:
|
Line 1764 POSSIBLE CHOICES:
|
4) allow insecure connections |
4) allow insecure connections |
ENTER NEW VALUE (currently $securenum): |
ENTER NEW VALUE (currently $securenum): |
END |
END |
my $choice2=<>; |
my $choice2=<>; |
chomp($choice2); |
chomp($choice2); |
if ($choice2 eq '1') { |
if ($choice2 eq '1') { |
$perlvar{'loncAllowInsecure'}=0;$perlvar{'londAllowInsecure'}=0; |
$perlvar{'loncAllowInsecure'}=0;$perlvar{'londAllowInsecure'}=0; |
} elsif ($choice2 eq '2') { |
} elsif ($choice2 eq '2') { |
$perlvar{'loncAllowInsecure'}=0;$perlvar{'londAllowInsecure'}=1; |
$perlvar{'loncAllowInsecure'}=0;$perlvar{'londAllowInsecure'}=1; |
} elsif ($choice2 eq '3') { |
} elsif ($choice2 eq '3') { |
$perlvar{'loncAllowInsecure'}=1;$perlvar{'londAllowInsecure'}=0; |
$perlvar{'loncAllowInsecure'}=1;$perlvar{'londAllowInsecure'}=0; |
} elsif ($choice2 eq '4') { |
} elsif ($choice2 eq '4') { |
$perlvar{'loncAllowInsecure'}=1;$perlvar{'londAllowInsecure'}=1; |
$perlvar{'loncAllowInsecure'}=1;$perlvar{'londAllowInsecure'}=1; |
|
} |
|
($securestatus,$securenum)=&securesetting(%perlvar); |
} |
} |
($securestatus,$securenum)=&securesetting(%perlvar); |
} elsif ($choice==15) { |
} |
if (($sslstatus{'key'} == 1) || ($sslstatus{'key'} == 2)) { |
elsif (($choice==15) && (!@error)) { |
print(<<END); |
|
15) Private Key for SSL: $lonkeystatus |
|
|
|
POSSIBLE CHOICES: |
|
1) overwrite existing key |
|
2) create new key for use later |
|
3) make no change |
|
ENTER NEW VALUE |
|
END |
|
} elsif ($sslstatus{'key'} == ) { |
|
my $choice2=<>; |
|
chomp($choice2); |
|
} elsif ($choice==16) { |
|
if ($sslstatus{'key'} == 1) || ($sslstatus{'key'} == 2)) { |
|
#$sslstatus{'host'}; |
|
print(<<END); |
|
16) SSL Certificate for LON-CAPA server connections: $lonhostcertstatus |
|
|
|
POSSIBLE CHOICES: |
|
1) create new certificate signing request with new key |
|
2) create new certificate signing request with existing key |
|
3) resend current certificate signing request |
|
4) make no change |
|
ENTER NEW VALUE |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
} elsif ($choice==17) { |
|
#$sslstatus{'hostname'} |
|
print(<<END); |
|
17) SSL Certificate for Content Replication: $lonhostnamecertstatus |
|
|
|
POSSIBLE CHOICES: |
|
1) create new certificate signing request with new key |
|
2) create new certificate signing request with existing key |
|
3) resend current certificate signing request |
|
4) make no change |
|
ENTER NEW VALUE |
|
END |
|
my $choice2=<>; |
|
chomp($choice2); |
|
} elsif (($choice==18) && (!@error)) { |
$flag=1; |
$flag=1; |
} |
} else { |
else { |
|
print "Invalid input.\n"; |
print "Invalid input.\n"; |
} |
} |
} |
} |