2 <?=_This form allows you to report a certificate whose private key has been compromised.?>
3 <?=_You require to identify the certificate you need to report.?>
4 <?=_You may upload the certificate (as PEM or DER) or may identify the certificate by serial.?>
8 <?=_Additionally you need to prove that you have access to the private key.?>
9 <?=_There are also two possibilities available here:?>
10 <?=_Either you may upload the plain private key (as PEM or DER) or you may only sign a given message with the according private key.?>
11 <?=_You may create a fitting signature with this command:?>
15 echo -n "This private key has been compromised. Challenge: <span id="signChallenge"><?=$challenge?></span>" | openssl dgst -sha256 -sign priv.key | base64
22 <td><?=_Certificate?>: </td>
24 <textarea class="form-control" name="cert" rows="3" cols="40" placeholder="Certificate"></textarea>
28 <input type="text" class="form-control" name="serial" placeholder="Certificate Serial Number (hexadecimal)">
32 <td><?=_Private Key?>: </td>
34 <textarea class="form-control" name="priv" rows="3" cols="40" placeholder="Private Key"></textarea>
38 <input type="text" class="form-control" name="signature" placeholder="Signature">
43 <?=_You may provide information on how the private key was compromised to help the certificate owner prevent further key compromises.?>
44 <?=_You can indicate that this information should not be sent to the certificate owner, but only be visible to ${appName} staff, by checking the checkbox below.?>
46 <label for="confidential"><?=_Don't send the message to the certificate owner?></label>
47 <input type='checkbox' name='confidential' id='confidential'>
49 <textarea class="form-control" name="message" rows="3" cols="40"></textarea>
53 <td colspan="4"><input class="btn btn-primary" type="submit" name="process" value="<?=_Next?>"></td>