2 <?=_This form allows you to report a certificate whose private key has been compromised. You require to identify the certificate you need to report. You may upload the certificate (as PEM or DER) or may identify the certificate by serial.?>
6 <?=_Additionally you need to prove that you have access to the private key. There are also two possibilities available here: Either you may upload the plain private key (as PEM or DER) or you may only sign a given message with the according private key. You may create a fitting signature with this command:?>
9 <code data-challenge="<?=$challenge?>">
10 printf '%s' '<?=$challengePrefix?><?=$challenge?>' | openssl dgst -sha256 -sign priv.key | base64
17 <td><?=_Certificate?>: </td>
19 <textarea class="form-control" name="cert" rows="3" cols="40" placeholder="<?=_Certificate?>"></textarea>
23 <input type="text" class="form-control" name="serial" placeholder="<?=_Certificate Serial Number (hexadecimal)?>">
27 <td><?=_Private Key?>: </td>
29 <textarea class="form-control" name="priv" rows="3" cols="40" placeholder="<?=_Private Key?>"></textarea>
33 <input type="text" class="form-control" name="signature" placeholder="<?=_Signature?>">
38 <?=_You may provide information on how the private key was compromised to help the certificate owner prevent further key compromises. You can indicate that this information should not be sent to the certificate owner, but only be visible to ${appName} staff, by checking the checkbox below.?>
40 <label for="confidential"><?=_Don't send the message to the certificate owner?></label>
41 <input type='checkbox' name='confidential' id='confidential'>
43 <textarea class="form-control" name="message" rows="3" cols="40"></textarea>
47 <td colspan="4"><input class="btn btn-primary" type="submit" name="process" value="<?=_Next?>"></td>
projects / gigi.git / blob