Merge "upd: remove 'browser install'" master
authorMarcus Mängel <m.maengel@inopiae.de>
Thu, 1 Oct 2020 06:48:52 +0000 (06:48 +0000)
committerGerrit Code Review <gigi-system@dogcraft.de>
Thu, 1 Oct 2020 06:48:52 +0000 (06:48 +0000)
src/club/wpia/gigi/pages/account/certs/CertificateDisplay.templ
src/club/wpia/gigi/pages/account/certs/Certificates.java
tests/club/wpia/gigi/pages/account/TestCertificateAdd.java

index e761a5b2a38c86e7790f1584ddcef1edef9e86a7..91b3c611a0f94ea419c954d0fafe6d32493bae81 100644 (file)
         <?=_PEM encoded Certificate Chain (Excluding Anchor)?> (<a href='<?=$serial?>.crt?chain&noAnchor' download>CRT</a>/<a href='<?=$serial?>.pem?chain&noAnchor' download>PEM</a>)<br/>
         <?=_PEM encoded Certificate Chain (Excluding Leaf)?> (<a href='<?=$serial?>.crt?chain&noLeaf' download>CRT</a>/<a href='<?=$serial?>.pem?chain&noLeaf' download>PEM</a>)<br/>
         <?=_DER encoded Certificate?> (<a href='<?=$serial?>.cer' download>CER</a>)<br/>
-        <a href='<?=$serial?>.cer?install&chain'><?=_Install into browser.?></a><br/>
-        <a href='<?=$serial?>.cer?install'><?=_Install into browser (Chrome)?></a>. <?=_Please ensure that the intermediate certificates listed above are installed prior to installing the certificate.?><br/><br/>
-        * <?=_For information on how to install the root certificates into the truststore of your browser take a look at the !(/kb/rootcert)root certificate page in the FAQ!'</a>'!?>.</br>
-        <?=_For the different variants of the certificate and chain take a look at the !(/kb/certs)certificate page in the FAQ!'</a>'!?>.
+        <b>*<?=_Note?></b>: <?=_Remember, in order to use the certificate correctly, you additionally need the corresponding private key. How it is needed depends on the software solution you are using. This private key is usually generated together with the certificate signing request (CSR).?></br>
+        <?=_For information on how to install the root certificates into the truststore of your browser take a look at the !(/kb/rootcert)root certificate page in the FAQ!'</a>'!?></br>
+        <?=_For the different variants of the certificate and chain take a look at the !(/kb/certs)certificate page in the FAQ!'</a>'!?>
     </td>
   </tr>
 <? } ?>
index 765a0fd0a15305eff404dda6ebdc008db64a827b..a11978a4405a42a17f2f3331def9552723e33fb9 100644 (file)
@@ -63,9 +63,6 @@ public class Certificates extends Page implements HandlesMixedRequest {
         boolean crt = false;
         boolean cer = false;
         resp.setContentType("application/pkix-cert");
-        if (req.getParameter("install") != null) {
-            resp.setContentType("application/x-x509-user-cert");
-        }
         if (pi.endsWith(".crt") || pi.endsWith(".pem")) {
             crt = true;
             pi = pi.substring(0, pi.length() - 4);
index 16594e1b2efa834f952a478d898b48a277d51efa..21419d666ed6c96602bba76c278f0aefc78233c1 100644 (file)
@@ -132,12 +132,12 @@ public class TestCertificateAdd extends ClientTest {
         byte[] cer = IOUtils.readURL(uc.getInputStream());
         assertArrayEquals(cer, PEM.decode("CERTIFICATE", crt));
 
-        uc = authenticate(new URL(huc.getHeaderField("Location") + ".cer?install&chain"));
+        uc = authenticate(new URL(huc.getHeaderField("Location") + ".cer?chain"));
         byte[] pkcs7 = IOUtils.readURL(uc.getInputStream());
         PKCS7 p7 = new PKCS7(pkcs7);
         byte[] sub = verifyChain(p7.getCertificates());
         assertArrayEquals(cer, sub);
-        assertEquals("application/x-x509-user-cert", uc.getHeaderField("Content-type"));
+        assertEquals("application/pkix-cert", uc.getHeaderField("Content-type"));
 
         uc = authenticate(new URL(huc.getHeaderField("Location")));
         String gui = IOUtils.readURL(uc);