This package is the public Yast2 API to configure the apache2.
6.2.1. $hostList = GetHostsList();
This function returns a reference to a list of strings of all host ids. Even without any virtual host, there is always the "default" host id for the default host. On error, undef is returned and the Error() function can be used to get the error hash.
Example 98.
my $list = GetHostsList();
if( not defined($list) ) {
return Error();
}
foreach my $hostid ( @$list ) {
print "ID: $hostid\n";
}Example 99.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 100.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 101.
WriteServerCA($hostID, $pemData);
Example 102.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 103.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 104.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.2. $hostData = GetHost($hostid);
This function returns a reference to a host data list. The format of the Host data list is described above. In case of an error (for example, if there is no host with such an id) undef is returned.
Example 105.
# dumping all configured hosts
my $hostList = GetHostsList();
if( not defined $hostList ) {
# error
}
foreach my $hostid ( @$hostList ) {
my @host = GetHost( $hostid );
print "# dumping $hostid\n";
foreach my $directive ( @host ) {
print $directive->{OVERHEAD}."\n";
print $directive->{KEY}.' '.$directive->{VALUE}."\n";
}
}Example 106.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 107.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 108.
WriteServerCA($hostID, $pemData);
Example 109.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 110.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 111.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.3. ModifyHost($hostid,$hostdata)
This function modifies the host with $hostid. The complete host data will be replaced with $hostdata.
Example 112.
# turn off SSL and setting a comment in config file
my @host = GetHost( $hostid );
foreach my $directive ( @host ) {
if( $directive->{KEY} eq 'SSL' ) {
$directive->{VALUE} = 2;
$directive->{OVERHEAD} = "# customer wants SSL to be required\n";
}
}
ModifyHost( $hostid, \@host );Example 113.
my @hostData = GetHost( $hostid );
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, \@hostData );
replaceKey( 'ServerAdmin', { KEY => 'ServerAdmin', VALUE => 'my@my.dom' }, \@hostData );
ModifyHost( $hostid, \@hostData );
sub replaceKey {
my $key = shift;
my $new = shift;
my $hostData = shift;
my $found = 0;
foreach( @$hostData ) {
if( $_->{KEY} eq $new->{KEY} ) {
$new->{OVERHEAD} = $_ ->{OVERHEAD} unless( exists($new->{OVERHEAD}) );
$_ = $new;
$found = 1;
last;
}
}
push( @$hostData, $new ) unless( $found );
return 1;
}Example 114.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 115.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 116.
WriteServerCA($hostID, $pemData);
Example 117.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 118.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 119.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.4. CreateHost($hostid,$hostdata)
This function creates a host with $hostid. $hostdata is the host data array.
Example 120.
my @newHost = (
{ KEY => "ServerName", VALUE => 'createTest2.suse.de' },
{ KEY => "VirtualByName", VALUE => 1 },
{ KEY => "ServerAdmin", VALUE => 'no@one.de' }
);
CreateHost( '192.168.1.2/createTest2.suse.de', \@temp );Example 121.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 122.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 123.
WriteServerCA($hostID, $pemData);
Example 124.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 125.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 126.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.5. DeleteHost($hostid)
This function removes the host with $hostid. If the hostid is not found, undef is returned.
Example 127.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 128.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 129.
WriteServerCA($hostID, $pemData);
Example 130.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 131.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 132.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.6. $moduleList = GetModuleList()
this function returns a reference to an array of strings. The list contains all active apache2 module names. This is more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2.
Example 133.
my $modules = GetModuleList();
if( $modules ) {
foreach my $mod_name ( @$modules ) {
print "active module: $mod_name\n";
}
}Example 134.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 135.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 136.
WriteServerCA($hostID, $pemData);
Example 137.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 138.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 139.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.7. $moduleList = GetKnownModules()
this function returns a reference to an array of hashes. Each has has the following keys:
Example 140.
# list all modules with enabled/disabled state
my $knownMods = GetKnownModules();
my $activeMods = GetModuleList();
my %activeMods = ();
@activeMods{@$activeMods} = ();
foreach my $km ( @$knownMods ) {
my $state = (grep(/^$km$/, @$activeMods))?('on'):('off');
delete($activeMods{$km});
print "$km->{name} = $state\n";
}
# list active unknown mods now
foreach my $m ( keys(%activeMods ) ) {
print "$m = on\n";
}Example 141.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 142.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 143.
WriteServerCA($hostID, $pemData);
Example 144.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 145.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 146.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.8. ModifyModuleList($moduleList, $state)
with this function you can turn on and off modules of the apache2 $modulelist is an array reference to a list of modulenames. This modifes more or less just the content of the sysconfig variable "APACHE_MODULES" from /etc/sysconfig/apache2. Unknown modules are allowed too but they will be appendet to the end of the list.
Example 147.
ModifyModuleList( [ 'perl' ], 1 );
ModifyModuleList( [ 'php4' ], 0 );
Example 148.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 149.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 150.
WriteServerCA($hostID, $pemData);
Example 151.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 152.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 153.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.9. $knownSelList = GetKnownModuleSelections()
this functions returns a reference to an array that contains hashes with information about all known module selections. One hash has the following keys:
Example 154.
my $knownSelList = GetKnownModuleSelections();
foreach my $kms ( @$knownSelList ) {
print "$kms->{id} = $kms->{summary}\n";
}Example 155.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 156.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 157.
WriteServerCA($hostID, $pemData);
Example 158.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 159.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 160.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.10. $selList = GetModuleSelectionsList()
this function returns a reference to an array that contains strings with the names of the active module selections.
Example 161.
my $selList = GetModuleSelectionsList();
print "active selections: ".join(',', @$selList)."\n";Example 162.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
Example 163.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 164.
WriteServerCA($hostID, $pemData);
Example 165.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 166.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 167.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.11. ModifyModuleSelectionList($selList, $status)
this function modifies the module selection list. You can turn on and off module selections with the boolean $status. Changing the selections will directly influence the module list.
Example 168.
ModifyModuleSelectionList( ['perl-scripting', 'debug'],1 );
ModifyModuleSelectionList( ['php4-scripting'], 0 );
6.2.12. ModifyService($status)
with this function you can turn on and off the apache2 runlevel script. Turning off means, no apache2 start at boot time.
Example 169.
ModifyService(0); # turn apache2 off at boot time
ModifyService(1); # turn apache2 on at boot time
Example 170.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 171.
WriteServerCA($hostID, $pemData);
Example 172.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 173.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 174.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.13. SwitchService($status)
with this function you can start and stop the apache2 service.
Example 175.
SwitchService( 0 ); # turning off the apache2 service
SwitchService( 1 ); # turning on the apache2 service
Example 176.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 177.
WriteServerCA($hostID, $pemData);
Example 178.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 179.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 180.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.14. ReloadService($status)
with this function you can reload the apache2 service
Example 181.
ReloadService();
Example 182.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 183.
WriteServerCA($hostID, $pemData);
Example 184.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 185.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 186.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.15. $status = ReadService()
with this function you can read out the state of the apache2 runlevel script (starting apache2 at boot time).
Example 187.
print "apache2 is ".( (ReadService())?('on'):('off') )."\n";Example 188.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 189.
WriteServerCA($hostID, $pemData);
Example 190.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 191.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 192.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.16. CreateListen( $fromPort, $toPort, $listen, $doFirewall )
with this function you can configure the addresses and ports the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 193.
CreateListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup
CreateListen( 443, 443, '', 1 ); # HTTPS on all interfaces
CreateListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 194.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 195.
WriteServerCA($hostID, $pemData);
Example 196.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 197.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 198.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.17. DeleteListen( $fromPort, $toPort, $listen, $doFirewall )
with this function you can delete an address and port the webserver is listening on. $fromPort and $toPort can have the same value. $listen must be a network interface of the host but can be an empty string for 'all' interfaces. If the listen parameter can't be found, undef is returned. The $doFirewall boolean indicates if the SuSEFirewall2 shall be configured for the settings.
Example 199.
DeleteListen( 80, 80, '127.0.0.1', 0 ); # localhost without firewall setup
DeleteListen( 443, 443, '', 1 ); # HTTPS on all interfaces
DeleteListen( 80, 80, '192.168.0.1', 1 ); # internal+firewall setup
Example 200.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 201.
WriteServerCA($hostID, $pemData);
Example 202.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 203.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 204.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.18. $listenList = GetCurrentListen()
this function returns a list of hashes with the current listen data. Each hash has the following keys:
Example 205.
my $listenList = GetCurrentListen();
foreach my $ld ( @$listenList ) {
print "Listening on: ".$ld->{ADDRESS}."/".$ld->{PORT}."\n";
}Example 206.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 207.
WriteServerCA($hostID, $pemData);
Example 208.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 209.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 210.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.19. $packList = GetServicePackages()
this function returns a list of strings with the needed RPM packages for this service.
Example 211.
my $packList = GetServicePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run this service\n";
}Example 212.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 213.
WriteServerCA($hostID, $pemData);
Example 214.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 215.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 216.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.20. $packList = GetModulePackages()
this function returns a list of strings with the needed RPM pacakges for all activated apache2 modules.
Example 217.
my $packList = GetModulePackages();
foreach my $pack ( @$packList ) {
print "$pack needs to be installed to run the selected modules\n";
}Example 218.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 219.
WriteServerCA($hostID, $pemData);
Example 220.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 221.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 222.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.21. $params = GetServerFlags()
returns a string with the apache2 server flags like "-DSSL"
Example 223.
print GetServerFlags();
Example 224.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 225.
WriteServerCA($hostID, $pemData);
Example 226.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 227.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 228.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.22. SetServerFlags($params)
Put into $params any server flags ("Defines") that you want to hand over to httpd at start time, or other command line flags. This could be -D SSL, for example. Or -DSTATUS.
Example 229.
SetServerFlags("-DReverseProxy");Example 230.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 231.
WriteServerCA($hostID, $pemData);
Example 232.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 233.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 234.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.23. WriteServerCert($hostId,$pemData)
this function writes the server certificate for the host with $hostID to the right place and sets the SSLCertificateFile directive to the right path. The certificate must be in PEM format and it can contain the private key too. If there is a private key in the PEM data, the SSLCertificateKeyFile directive is set too. The key can also be set via WriteServerKey. If the $pemData is undefined, an old certificate gets deleted and SSLCertificateFile directive gets dropped. Writing the server certificate does not turn on SSL automatically. On failure, undef is returned. The path for writing the certificate is /etc/apache2/ssl.crt the filename is $hostname-cert.pem
Example 235.
WriteServerCert('*:443', $pemData);
$host = GetHost('*:443');
replaceKey( 'SSL', { KEY => 'SSL', VALUE => 1 }, $host );
ModifyHost('*:443', $host);Example 236.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);Example 237.
WriteServerCA($hostID, $pemData);
Example 238.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}Example 239.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
Example 240.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}6.2.24. WriteServerKey($hostID, $pemData)
this function writes the server key for the host with $hostID to the right place and sets the SSLCertificateKeyFile directive to the right path. The key must be in PEM format and it can contain the certificate too. If there is a certificate in the PEM data, the SSLCertificateFile directive is set too. The certificate can also be set via WriteServerCert. If the $pemData is undefined, an old key gets deleted and SSLCertificateKeyFile directive gets dropped. Writing the server key does not turn on SSL automatically. On failure, undef is returned. The path for writing the keyfile is /etc/apache2/ssl.key the filename is $hostname-key.pem
Example 241.
WriteServerCert('*:443', $certData);
WriteServerKey('*:443', $keyData);6.2.25. WriteServerCA($hostID, $pemData)
this function writes the server CA for the host with $hostID to the right place and sets the SSLCACertificateFile directive to the right path. The CA must be in PEM format. If the $pemData is undefined, an old CA file gets deleted and SSLCACertificateFile directive gets dropped. Writing the server CA does not turn on SSL automatically. On failure, undef is returned. The path for writing the ca certificate file is /etc/apache2/ssl.crt the filename is $hostname-cacert.pem
Example 242.
WriteServerCA($hostID, $pemData);
6.2.26. $pemData = ReadServerCert($hostID)
this function returns the server certificate PEM data. Even if the key is stored in the same file, just the certificate part is returned. On failure, undef is returned.
Example 243.
$pemData = ReadServerCert($hostID);
if( $pemData and open( CERT, "> /tmp/cert.pem" ) ) {
print CERT $pemData;
close(CERT);
$text = `openssl x509 -in /tmp/cert.pem -text -noout`;
}6.2.27. $pemData = ReadServerKey($hostID)
this function returns the server key in PEM format. Even if the certificate is stored in the same file, just the private key part is returned. On failure, undef is returned.
Example 244.
$cert = ReadServerCert($hostID);
$key = ReadServerKey($hostID);
6.2.28. $pemData = ReadServerCA($hostID)
this function returns the server CA in PEM format. On failure, undef is returned.
Example 245.
$CA = ReadServerCA($hostID);
if( $CA ) {
$fingerprint = `echo "$CA"|openssl x509 -fingerprint -noout`;
}
