client_management/app/models/site_cert.rb

class SiteCert
  require 'fileutils'
  include Mongoid::Document
  include Mongoid::Timestamps
  mount_uploader :cert_file, AssetUploader #Public key
  mount_uploader :ca_bundle, AssetUploader
  mount_uploader :private_key, AssetUploader
  field :is_certbot, type: Boolean ,default: false
  field :is_valid , type: Boolean ,default: false
  field :domain_names , type: Array ,default: []
  field :source_paths , type: Array ,default: []
  field :start_date , type: DateTime
  field :end_date , type: DateTime
  field :invalid_message, type: String
  has_many :site_constructs, :autosave => true
  after_save :change_data
  def upload_date
  	self.created_at.strftime("%Y/%m/%d %H:%M") rescue ""
  end
  def display_domain_names
  	self.domain_names.join("<br>").html_safe rescue ""
  end
  def generate_file_link(field_name)
  	f = self.send(field_name)
  	file_name = self[field_name]
  	"<a href=\"#{f.url}\" title=\"#{file_name}\">#{file_name}</a>".html_safe
  end
  def display_start_date
    self.start_date.strftime("%Y-%m-%d") rescue ""
  end
  def display_end_date
    self.end_date.strftime("%Y-%m-%d") rescue ""
  end
  def change_data
    if !@skip_callback
      org_cert_file_name = self.cert_file.file.file.to_s
      cert_file_name = org_cert_file_name.sub(/.cer$/, '.crt')
      if org_cert_file_name != cert_file_name
        if File.read(org_cert_file_name).match(/\A\s*---/)
          FileUtils.cp(org_cert_file_name, cert_file_name)
        else
          `openssl x509 --inform DER -in #{org_cert_file_name} --out #{cert_file_name}`
        end
        self.cert_file.retrieve_from_store!(File.basename(cert_file_name))
      end
    	cert_file_md5 = `openssl x509 -noout -modulus -in #{cert_file_name} | openssl md5`
    	private_key_md5 = `openssl rsa -noout -modulus -in #{self.private_key.file.file} | openssl md5`
    	is_valid = (cert_file_md5 == private_key_md5)
      domain_names = `openssl x509 -text <  #{cert_file_name} | grep 'DNS:' | sed 's/\s*DNS:\([a-z0-9.\-]*\)[,\s]\?/\1 /g'`.split('DNS:').map{|s| s.sub(',','').strip}.select{|s| s.present?} rescue []
    	if domain_names.length == 0
        domain_names = [`openssl x509 -text <  #{cert_file_name} | grep 'Subject' | grep 'CN =' | grep 'Subject' | grep 'CN =' |sed 's/\s*Subject: //g'`[0...-1].split(/, | = /).each_slice(2).to_h['CN']] rescue []
    	end
      sign_algo_valid = `openssl x509 -text <  #{cert_file_name} | grep 'Signature Algorithm: sha1'`[0...-1].blank? rescue false
      invalid_messages = []
      if !is_valid
        invalid_messages << 'cert and key not match'
      end
      if !sign_algo_valid
        invalid_messages << 'Signature Algorithm cannot use sha1, please use sha256'
      end
      if domain_names.blank?
        invalid_messages << 'Domain Names(alt_names) is empty.'
      end
      self.invalid_message = invalid_messages.join(', ')
      if is_valid
        is_valid = sign_algo_valid
      end
      if domain_names.blank?
        self.is_valid = false
      else
        start_date_text = `openssl x509 -text <  #{cert_file_name} -startdate -noout`.split('=').last.strip
        end_date_text = `openssl x509 -text <  #{cert_file_name} -enddate -noout`.split('=').last.strip
        self.start_date = DateTime.parse(start_date_text) rescue nil
        self.end_date = DateTime.parse(end_date_text) rescue nil
        self.is_valid = is_valid
        self.domain_names = domain_names
      end
      @skip_callback = true
      self.save(:validate=>false)
      @skip_callback = false
    	false
    end
  end
  def valid_domain_names(site_names)
    site_names = site_names.split(" ").map{|s| s.strip}
    valid_site_names = []
    self.domain_names.each do |d|
      regx = ::Regexp.new("\\A"+d.gsub('.',"\\.").gsub('*','[^\\.]+').sub(',','').strip)
      valid_site_names += site_names.select{|s| !(s.match(regx).nil?)}
    end
    return valid_site_names
  end
end
Add cert setting. 2021-04-19 01:29:53 +00:00			`class SiteCert`
Fix bug. 2024-05-07 15:46:25 +00:00			`require 'fileutils'`
Add cert setting. 2021-04-19 01:29:53 +00:00			`include Mongoid::Document`
			`include Mongoid::Timestamps`
			`mount_uploader :cert_file, AssetUploader #Public key`
			`mount_uploader :ca_bundle, AssetUploader`
			`mount_uploader :private_key, AssetUploader`
Add certbot feature to install cert. 2021-08-11 08:16:14 +00:00			`field :is_certbot, type: Boolean ,default: false`
Add cert setting. 2021-04-19 01:29:53 +00:00			`field :is_valid , type: Boolean ,default: false`
			`field :domain_names , type: Array ,default: []`
			`field :source_paths , type: Array ,default: []`
			`field :start_date , type: DateTime`
			`field :end_date , type: DateTime`
fix cert validation feature 2023-03-20 15:17:04 +00:00			`field :invalid_message, type: String`
Add cert setting. 2021-04-19 01:29:53 +00:00			`has_many :site_constructs, :autosave => true`
			`after_save :change_data`
			`def upload_date`
			`self.created_at.strftime("%Y/%m/%d %H:%M") rescue ""`
			`end`
			`def display_domain_names`
			`self.domain_names.join("<br>").html_safe rescue ""`
			`end`
			`def generate_file_link(field_name)`
			`f = self.send(field_name)`
			`file_name = self[field_name]`
			`"<a href=\"#{f.url}\" title=\"#{file_name}\">#{file_name}</a>".html_safe`
			`end`
			`def display_start_date`
			`self.start_date.strftime("%Y-%m-%d") rescue ""`
			`end`
			`def display_end_date`
			`self.end_date.strftime("%Y-%m-%d") rescue ""`
			`end`
			`def change_data`
Add batch install certbot certs feature. Add redirect to default domain name feature. 2021-10-08 12:04:38 +00:00			`if !@skip_callback`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			`org_cert_file_name = self.cert_file.file.file.to_s`
			`cert_file_name = org_cert_file_name.sub(/.cer$/, '.crt')`
			`if org_cert_file_name != cert_file_name`
Fix bug. 2024-05-07 15:46:25 +00:00			`if File.read(org_cert_file_name).match(/\A\s*---/)`
			`FileUtils.cp(org_cert_file_name, cert_file_name)`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			`else`
			`openssl x509 --inform DER -in #{org_cert_file_name} --out #{cert_file_name}`
			`end`
Fix bug. 2024-05-07 15:46:25 +00:00			`self.cert_file.retrieve_from_store!(File.basename(cert_file_name))`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			`end`
			cert_file_md5 = `openssl x509 -noout -modulus -in #{cert_file_name} \| openssl md5`
Add batch install certbot certs feature. Add redirect to default domain name feature. 2021-10-08 12:04:38 +00:00			private_key_md5 = `openssl rsa -noout -modulus -in #{self.private_key.file.file} \| openssl md5`
			`is_valid = (cert_file_md5 == private_key_md5)`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			domain_names = `openssl x509 -text < #{cert_file_name} \| grep 'DNS:' \| sed 's/\sDNS:\([a-z0-9.\-]\)[,\s]\?/\1 /g'`.split('DNS:').map{\|s\| s.sub(',','').strip}.select{\|s\| s.present?} rescue []
fix cert validation feature 2023-03-20 15:17:04 +00:00			`if domain_names.length == 0`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			domain_names = [`openssl x509 -text < #{cert_file_name} \| grep 'Subject' \| grep 'CN =' \| grep 'Subject' \| grep 'CN =' \|sed 's/\s*Subject: //g'`[0...-1].split(/, \| = /).each_slice(2).to_h['CN']] rescue []
fix cert validation feature 2023-03-20 15:17:04 +00:00			`end`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			sign_algo_valid = `openssl x509 -text < #{cert_file_name} \| grep 'Signature Algorithm: sha1'`[0...-1].blank? rescue false
fix cert validation feature 2023-03-20 15:17:04 +00:00			`invalid_messages = []`
			`if !is_valid`
			`invalid_messages << 'cert and key not match'`
			`end`
			`if !sign_algo_valid`
			`invalid_messages << 'Signature Algorithm cannot use sha1, please use sha256'`
			`end`
			`if domain_names.blank?`
			`invalid_messages << 'Domain Names(alt_names) is empty.'`
			`end`
			`self.invalid_message = invalid_messages.join(', ')`
			`if is_valid`
			`is_valid = sign_algo_valid`
			`end`
			`if domain_names.blank?`
Add batch install certbot certs feature. Add redirect to default domain name feature. 2021-10-08 12:04:38 +00:00			`self.is_valid = false`
			`else`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			start_date_text = `openssl x509 -text < #{cert_file_name} -startdate -noout`.split('=').last.strip
			end_date_text = `openssl x509 -text < #{cert_file_name} -enddate -noout`.split('=').last.strip
Add batch install certbot certs feature. Add redirect to default domain name feature. 2021-10-08 12:04:38 +00:00			`self.start_date = DateTime.parse(start_date_text) rescue nil`
			`self.end_date = DateTime.parse(end_date_text) rescue nil`
			`self.is_valid = is_valid`
			`self.domain_names = domain_names`
			`end`
auto convert cer to cert 2023-03-25 06:07:05 +00:00			`@skip_callback = true`
			`self.save(:validate=>false)`
Add batch install certbot certs feature. Add redirect to default domain name feature. 2021-10-08 12:04:38 +00:00			`@skip_callback = false`
			`false`
			`end`
Add cert setting. 2021-04-19 01:29:53 +00:00			`end`
Fix bug. Add batch install cert feature. 2021-12-09 09:59:15 +00:00			`def valid_domain_names(site_names)`
			`site_names = site_names.split(" ").map{\|s\| s.strip}`
			`valid_site_names = []`
			`self.domain_names.each do \|d\|`
			`regx = ::Regexp.new("\\A"+d.gsub('.',"\\.").gsub('*','[^\\.]+').sub(',','').strip)`
			`valid_site_names += site_names.select{\|s\| !(s.match(regx).nil?)}`
			`end`
			`return valid_site_names`
			`end`
Add cert setting. 2021-04-19 01:29:53 +00:00			`end`