X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fdomain%2FPingConfigForm.templ;h=f8f700f369b427041888d03802be5b9671e4e935;hp=16c50a3e53a8bb742d2f3d0d90bf7b692f5f50e5;hb=67bdb3b1fd3ff821d00715bf2a7ed90ca7a7a664;hpb=52bad029da3feab0c54d0a84cac4d2c29d0b3297

diff --git a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ
index 16c50a3e..f8f700f3 100644
--- a/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ
+++ b/src/org/cacert/gigi/pages/account/domain/PingConfigForm.templ
@@ -14,13 +14,13 @@
   <div class="panel-heading"><input type="checkbox" name="DNSType" value="y"<?=$!dns?>> <?=_Verify by reading DNS-TXT entries?></div>
   <div class="panel-body">
     <?=_Please insert the following DNS TXT entry into the Zone-file of your domain:?><br/>
-    <pre><?=$tokenName?>._cacert._auth IN TXT <?=$tokenValue?></pre>
+    <pre><?=$tokenName?>.<?=$dnsPrefix?>._auth IN TXT <?=$tokenValue?></pre>
   </div>
 </div>
 <div class="panel panel-info panel-activatable">
   <div class="panel-heading"><input type="checkbox" name="HTTPType" value="y"<?=$!http?>> <?=_Verify by reading HTTP-content?></div>
   <div class="panel-body">
-    <?=_Please make the following content available under ?><pre class='string'>http://<span class='exampleDomain'>example.org</span>/cacert-<?=$tokenName?>.txt</pre><br/>
+    <?=_Please make the following content available under ?><pre class='string'>http://<span class='exampleDomain'>example.org</span>/<?=$httpPrefix?><?=$tokenName?>.txt</pre><br/>
     <pre><?=$tokenValue?></pre>
   </div>
 </div>
@@ -28,7 +28,11 @@
   <div class="panel-heading"><input type="checkbox" name="SSLType" value="y"<?=$!ssl?>> <?=_Verify by searching for installed certificate.?></div>
   <div class="panel-body">
     <?=_Please list up to four services using your certificate. You need to have one of them up and using a valid SomeCA certificate or a specific self-signed certificate in order to pass this test?>:
-    <?=_The self-signed certificate needs to contain your domain as CN and ${tokenValue} as organization unit. With $!{openSSLHelp} OpenSSL command line utilities can generate such a certificate.?>:
+    <?=_The self-signed certificate needs to contain your domain as CN and ${tokenValue} as organization unit.?> <?=_You can use these commands to create such a certificate:?>
+    <code>
+openssl req -newkey rsa:4096 -subj "/CN=<span class='exampleDomain'>example.org</span>/OU=<?=$tokenValue?>" -nodes -out myCSR -keyout myKey<br>
+openssl x509 -req -in myCSR -signkey myKey -out myCert -extfile &lt;(printf 'extendedKeyUsage = serverAuth\n')
+    </code>
     <table>
     <? foreach($ssl-services){ ?>
     <tr><td><select name='ssl-type-<?=$i?>'>
@@ -39,4 +43,6 @@
     </table>
   </div>
 </div>
-  
\ No newline at end of file
+<? if($notEmbedded) { ?>
+<button class="btn btn-primary" type="submit"><?=_Update?></button>
+<? } ?>