Updates to SSL and other general items

2014-10-09 23:23:02 +11:00
parent c952738750
commit 8d71460121
25 changed files with 813 additions and 391 deletions
--- a/application/views/pages/welcome.php
+++ b/application/views/pages/welcome.php
@@ -1,11 +1,71 @@
 <!-- @todo Move this content into the DB -->
 <div id="container">
+	<div class="row">
+		<div id="welcome" class="grid-12">
+			<h1>TSM Server Access Request.</h1>
+		</div>
+	</div> <!-- /row -->
+
 	<hr class="row-divider" />

-	<div class="col-md-6">
-		<h3><i class="fa fa-edit"></i>Request Access</h3>
-		<p>To be able to use this server, you need to request access. Once your access is activated, you will be able to use this TSM server with your TSM client.</p>
-		<p><a href="<?php echo URL::site('login'); ?>" class="">Login »</a></p>
-	</div>
+	<div class="row divider service-container">
+		<div class="grid-3">
+			<h2><span class="slash">//</span> This Service</h2>
+		</div>

+		<div class="grid-3">
+			<div class="service-item">
+				<h3><i class="fa fa-recycle"></i>Node Access</h3>
+				<p>This TSM server is available for you to connect with any TSM client and backup data. You do not need to worry about the setup of a TSM server (we've done already)!</p>
+				<p>When connecting to this server, you can try out a TSM client and see how you can protect your application or data, and how you can recover it.</p>
+				<p>Request as many NODE IDs as you need, it's easy, first just register on the site, and then drop an email to dgeorge AT au DOT ibm DOT com, and tell us what you need. We'll reply with the details.</p>
+				<p><a href="<?php echo URL::site('login'); ?>" class="">Login »</a></p>
+			</div> <!-- /service -->
+		</div>
+
+		<div class="grid-3">
+			<div class="service-item">
+				<h3><i class="fa fa-shield"></i>Admin Access</h3>
+				<p>If you would like to have ADMINISTRATOR access to this server, you can request that as well. With ADMIN access, you can experience running some commands on our TSM server, as well as use the TSM server HELP.</p>
+				<p>Admin access is via our Operations Center by default, however, if you want to try out admin access with an admin client, you'll need to request an SSL certificate.</p>
+				<p><a href="<?php echo URL::link('user','ssl/add'); ?>" class="">Request SSL »</a></p>
+			</div> <!-- /service -->
+		</div>
+
+		<div class="grid-3">
+			<div class="service-item">
+				<h3><i class="fa fa-bolt"></i>Want some guidance?</h3>
+				<p>If you would like help with any of our clients, then please contact us and we'll be happy to help.</p>
+				<p>Send an email to dgeorge AT au DOT ibm DOT com, and we'll find somebody in your time zone to help you.</p>
+				<p><a href="<?php echo URL::site('login'); ?>" class="">Login »</a></p>
+			</div> <!-- /service -->
+		</div>
+
+	</div> <!-- /row -->
+
+<!--
+	<hr class="row-divider" />
+
+	<div class="row divider about-container">
+		<div class="grid-3">
+			<h2><span class="slash">//</span> Our Story</h2>
+		</div>
+
+		<div class="grid-4">
+			<div class="about-item">
+				<h3>About Us</h3>
+					<p>!</p>
+			</div> <!-- /about --/
+		</div> <!-- /grid-4 --/
+
+		<div class="grid-5">
+			<h3>Why Choose Us</h3>
+			<div class="choose-item">
+				<h3><i class="glyphicon glyphicon-star"></i> Some info</h3>
+				<p>Some info.</p>
+			</div> <!-- /choose-item --/
+
+		</div> <!-- /grid-5 --/
+	</div> <!-- /row --/
+-->
 </div> <!-- /container -->
--- a/application/views/ssl/user/add.php
+++ b/application/views/ssl/user/add.php
@@ -16,10 +16,11 @@
 			<code>gsk8capicmd_64 -keydb -create -db dsmcert.kdb -type kdb -stash</code><br/><br/>
 		</li>
 		<li>Create a Certificate Signing Request using the following command:<br/>
-		<code>gsk8capicmd_64 -certreq -create -db dsmcert.kdb -stashed -label 'TSM-SL01' -dn 'O=IBM,cn=<?php echo $o->id(); ?>' -size 2048 -file <?php echo $o->id(); ?>.CSR</code><br/><br/>
+		<code>gsk8capicmd_64 -certreq -create -db dsmcert.kdb -stashed -label 'TSM-SL01' -dn '<?php echo $o->ssl_dn(); ?>' -size 2048 -file <?php echo $o->id(); ?>.CSR</code><br/><br/>
 		</li>

-		<li>Paste the contents of your CSR file here:<br/>
+		<li>Upload your CSR file here <?php echo Form::file('csr_file',array('class'=>'col-md-3','label'=>'CSR File')); ?> 
+		OR, paste the contents of your CSR file here:<br/>
 		<?php echo Form::textarea('csr','',array('class'=>'col-md-6','label'=>'CSR','placeholder'=>'Certificate Sign Request','style'=>'font-family: monospace;','cols'=>61,'rows'=>15)); ?>
 		</li>

@@ -31,5 +32,5 @@
 	<div class="col-md-offset-1">
 		<button type="submit" class="btn btn-primary">Save changes</button>
 		<button type="button" class="btn btn-default">Cancel</button>
-        </div>
+	</div>
 </div>
--- a/application/views/ssl/user/view.php
+++ b/application/views/ssl/user/view.php
@@ -0,0 +1,110 @@
+<fieldset class="col-md-6">
+	<legend>SSL Details</legend>
+
+	<div class="dl-horizontal">
+		<dt>Subject</dt>
+		<dd><?php echo $o->dn(); ?></dd>
+
+		<?php if ($o->cert) : ?>
+			<dt>Subject Key ID</dt>
+			<dd><?php echo $o->ski(); ?></dd>
+
+			<dt>Serial Number</dt>
+			<dd><?php echo $o->serial(); ?></dd>
+
+			<dt>Issuer</dt>
+			<dd>
+				<?php if ($o->validCA()) : ?>
+				<?php echo HTML::anchor(URL::link('admin','ssl/edit/').$o->ca->id,$o->issuer()); ?>
+				<?php else : ?>
+				<?php echo $o->issuer(); ?>
+				<?php endif ?>
+			</dd>
+
+			<dt>Issuer Key ID</dt>
+			<dd><?php echo $o->aki_keyid(); ?></dd>
+
+			<dt>Issuer Serial</dt>
+			<dd><?php echo $o->aki_serial(); ?></dd>
+
+			<dt>Valid From</dt>
+			<dd><?php echo $o->valid_from(TRUE); ?></dd>
+
+			<dt>Valid To</dt>
+			<dd><?php echo $o->valid_to(TRUE); ?></dd>
+
+			<dt>Hash</dt>
+			<dd><?php echo $o->hash(); ?></dd>
+
+			<dt>Version</dt>
+			<dd><?php echo $o->version(); ?></dd>
+
+			<dt>Algorithm</dt>
+			<dd><?php echo $o->algorithm(); ?></dd>
+
+		<?php else : ?>
+			<dt>Status</dt>
+			<dd>Waiting to be signed.</dd>
+		<?php endif ?>
+	</div> <!-- dl-horizontal -->
+
+	<?php if ($o->cert) : ?>
+		<br/>
+		<legend>Certificate Chain</legend>
+
+		<?php echo Table::factory()
+			->data($o->list_ca())
+			->columns(array(
+			'id'=>'ID',
+			'subject_cn()'=>'Cert',
+			'valid_to(TRUE)'=>'Expires',
+			'issuer_cn()'=>'Issuer',
+			))
+			->prepend(array(
+				'id'=>array('url'=>URL::link('','ssl/download/')),
+			)); ?>
+	<?php endif ?>
+
+</fieldset>
+
+<fieldset class="col-md-6">
+	<legend>Certificate</legend>
+
+	<pre><?php echo $o->cert ? $o->cert : $o->csr; ?></pre>
+
+	<?php
+		echo $o->download_button(); 
+
+		if ($ao=Auth::instance()->get_user() AND ($ao->isAdmin()) AND $o->service->status AND ($o->valid_to()-(Kohana::$config->load('ssl.min_renew_days')*86400) <= time()) AND $o->service->paid_to() > time()) :
+			echo Form::open(URL::link('admin','ssl/renew/'.$o->service->id));
+			echo Form::button('submit','Renew',array('class'=>'btn btn-primary'));
+		endif
+	?>
+</fieldset>
+
+<fieldset class="col-md-12">
+	<legend>TSM Configuration</legend>
+
+        <p>To use this certificate with a Tivoli Storage Manager client, please do the following:<p>
+        <p>(If this certificate has just been renewed, you only need to jump to the last step.)<p>
+        <ol>
+                <li>Download this signed certificate and the CA certificates above.</li>
+                <li>Open up a command prompt, and depending on your operating system, change to your BA Client <strong>BIN</strong> directory. For example:<br/>
+                        <dl class="dl-horizontal">
+                                <dt>Linux</dt>
+                                <dd>cd /opt/tivoli/tsm/client/ba/bin</dd>
+                                <dt>Windows</dt>
+                                <dd>cd "C:\Program Files\Tivoli\TSM\baclient"</dd>
+                        </dl>
+                </li>
+                <li>Import the ROOT SSL certificate above with the following command:<br/>
+                        <code>gsk8capicmd_64 -cert -add -db dsmcert.kdb -stashed -file [DOWNLOAD.CRT] -label [NAME OF ROOT CERTIFICATE]</code><br/><br/>
+                </li>
+                <li>Import any additional CA certificates above with the following command:<br/>
+                        <code>gsk8capicmd_64 -cert -add -db dsmcert.kdb -stashed -file [DOWNLOAD.CRT] -label [NAME OF CERTIFICATE]</code><br/><br/>
+                </li>
+                <li>Import this signed certificate with the following command:<br/>
+                        <code>gsk8capicmd_64 -cert -receive -db dsmcert.kdb -stashed -default_cert enabled -file [DOWNLOAD.CRT]</code><br/><br/>
+                </li>
+        </ol>
+</fieldset>
--- a/application/views/welcome/user/shortcuts.php
+++ b/application/views/welcome/user/shortcuts.php
@@ -0,0 +1,5 @@
+<div class="shortcuts">
+	<a href="<?php echo URL::link('user','node/add',TRUE); ?>" class="shortcut"><i class="shortcut-icon fa fa-recycle"></i><span class="shortcut-label">Create Node</span></a>
+	<a href="<?php echo URL::link('user','ssl/add',TRUE); ?>" class="shortcut"><i class="shortcut-icon fa fa-certificate"></i><span class="shortcut-label">Create SSL</span></a>
+	<a href="<?php echo URL::link('user','admin/add',TRUE); ?>" class="shortcut"><i class="shortcut-icon fa fa-graduation-cap"></i><span class="shortcut-label">Create Admin</span></a>
+</div>