return;
}
- CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null);
+ CertExporter.writeCertCrt(result, resp.getOutputStream(), req.getParameter("chain") != null, req.getParameter("noAnchor") == null, true);
return;
} catch (GeneralSecurityException e) {
resp.sendError(500, "Crypto failed");
<? } ?><br/>
<a href='<?=$serial?>.crt?chain'><?=_PEM encoded Certificate Chain?></a><br/>
<a href='<?=$serial?>.crt?chain&noAnchor'><?=_PEM encoded Certificate Chain (Excluding Anchor)?></a><br/>
+ <a href='<?=$serial?>.crt?chain&noLeaf'><?=_PEM encoded Certificate Chain (Excluding Leaf)?></a><br/>
<a href='<?=$serial?>.cer'><?=_DER encoded Certificate?></a><br/>
<a href='<?=$serial?>.cer?install&chain'><?=_Install into browser.?></a><br/>
<a href='<?=$serial?>.cer?install'><?=_Install into browser. (Chrome)?></a>. <?=_Please ensure that the intermediate certificates listed above are installed prior to installing the certificate.?><br/>
ServletOutputStream out = resp.getOutputStream();
boolean doChain = req.getParameter("chain") != null;
boolean includeAnchor = req.getParameter("noAnchor") == null;
+ boolean includeLeaf = req.getParameter("noLeaf") == null;
if (crt) {
- CertExporter.writeCertCrt(c, out, doChain, includeAnchor);
+ CertExporter.writeCertCrt(c, out, doChain, includeAnchor, includeLeaf);
} else if (cer) {
CertExporter.writeCertCer(c, out, doChain, includeAnchor);
}
private CertExporter() {}
- public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException {
+ public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor, boolean includeLeaf) throws IOException, GeneralSecurityException {
X509Certificate cert = c.cert();
- out.println(PEM.encode("CERTIFICATE", cert.getEncoded()));
+ if (includeLeaf) {
+ out.println(PEM.encode("CERTIFICATE", cert.getEncoded()));
+ }
if (doChain) {
CACertificate ca = c.getParent();
while ( !ca.isSelfsigned()) {