| Server IP : 103.119.228.120 / Your IP : 18.119.248.214 Web Server : Apache System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64 User : nobody ( 99) PHP Version : 5.6.40 Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime MySQL : ON | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /scripts/ |
Upload File : |
#!/usr/local/cpanel/3rdparty/bin/perl
# cpanel - scripts/gencrt Copyright 2022 cPanel, L.L.C.
# All rights reserved.
# copyright@cpanel.net http://cpanel.net
# This code is subject to the cPanel license. Unauthorized copying is prohibited
use strict;
## no critic qw(RequireUseWarnings) # TODO: Make this use warnings
use Sys::Hostname ();
use Cpanel::Config::Contact ();
use Cpanel::OpenSSL ();
use Cpanel::SSLStorage::User ();
use Cpanel::TempFile ();
use Cpanel::SSL::Create ();
use Cpanel::Validate::EmailRFC ();
alarm(1200);
my $hostname = Sys::Hostname::hostname();
my $now = time();
my $gendate = localtime($now);
my $xemail = $ARGV[0];
my $host = $ARGV[1];
my $country = $ARGV[2];
my $state = $ARGV[3];
my $city = $ARGV[4];
my $co = $ARGV[5];
my $cod = $ARGV[6];
my $email = $ARGV[7];
my $pass = $ARGV[8];
if ( !-t STDIN && ( !$xemail || !$host || !$country || !$state || !$city || !$co || !$cod || !$email || !$pass ) ) {
die "Can't get vars ... did you forget one of them ?";
}
my $contactemail = Cpanel::Config::Contact::get_public_contact();
my $send_key_yn;
#GenCRT script by cPanel, L.L.C.
if ( -t STDIN ) {
print "[==========Generating an SSL Key, Certificate, and CSR=================]\n";
print "Before we begin please tell me where to email the CSR to: ";
$xemail = <STDIN>;
$xemail =~ s/\n//g;
die "Invalid Email address: $email, please re-enter" unless Cpanel::Validate::EmailRFC::is_valid($xemail);
print "Enter the domain to make a certificate for: ";
$host = <STDIN>;
$host =~ s/\n//g;
print "=*=*=Certificate Information=*=*=\n";
print "Enter the Country Code (2 letters, e.g., US): ";
$country = <STDIN>;
$country =~ s/\n//g;
print "Enter the State: ";
$state = <STDIN>;
$state =~ s/\n//g;
print "Enter the City: ";
$city = <STDIN>;
$city =~ s/\n//g;
print "Enter the Company Name: ";
$co = <STDIN>;
$co =~ s/\n//g;
print "Enter the Company Division: ";
$cod = <STDIN>;
$cod =~ s/\n//g;
print "Enter the Contact Email Address: ";
$email = <STDIN>;
$email =~ s/\n//g;
die "Invalid Email address: $email, please re-enter" unless Cpanel::Validate::EmailRFC::is_valid($email);
$pass = ' ';
while ( length $pass < 4 ) {
print "Enter a challenge password for the CSR (at least 4 characters): ";
$pass = <STDIN>;
$pass =~ s/\n//g;
}
print "\nWould you like the key emailed to you as well as the CSR?\nThis is only useful to install SSL onto a server other than this one;\nit is otherwise a security risk.\nIf you are unsure, indicate “no” by pressing ENTER.\n? ";
$send_key_yn = <STDIN>;
$send_key_yn = ( $send_key_yn =~ m{y}i ) ? 1 : 0;
}
#-------------------------------------------
$host = lc($host);
my $openssl = Cpanel::OpenSSL->new();
my $genkey = $openssl->generate_key();
if ( !$genkey || !$genkey->{'status'} || !$genkey->{'stdout'} ) {
die "Key generation failed: $genkey->{'stderr'}\n";
}
my $key = $genkey->{'stdout'};
if ( !-t STDIN ) {
print "<table border=1><tr><td><b>KEY (RSA Key)</b><pre>";
print qq{<textarea name=key cols=66 rows=23>};
}
print "$key\n";
if ( !-t STDIN ) {
print qq{</textarea>};
print "</td></tr></table>";
}
if ($send_key_yn) {
open( SENDMAIL, "|/usr/sbin/sendmail -t" );
print SENDMAIL "To: $contactemail\n";
print SENDMAIL "To: $xemail\n";
print SENDMAIL "From: ssl\@$hostname\n";
print SENDMAIL "Subject: SSL RSA PRIVATE KEY for $host ($gendate)\n\n";
print SENDMAIL $key;
close(SENDMAIL);
}
#---------------------------
my $csr;
eval {
$csr = Cpanel::SSL::Create::csr(
key => $key,
subject_names => [
[ dNSName => $host ],
],
subject => [
[ countryName => $country ],
[ emailAddress => $email ],
[ localityName => $city ],
[ organizationName => $co, ],
[ organizationalUnitName => $cod ],
[ stateOrProvinceName => $state ],
],
);
} or die "Failed to generate the CSR: $@";
if ( !-t STDIN ) {
print "<table border=1><tr><td><b>CSR (Certificate Signing Request)</b><pre>";
print qq{<textarea name=csr cols=66 rows=23>};
}
print "$csr\n\n";
if ( !-t STDIN ) {
print qq{</textarea>};
print "</td></tr></table>";
}
open( SENDMAIL, "|/usr/sbin/sendmail -t" );
print SENDMAIL "To: $contactemail\n";
print SENDMAIL "To: $xemail\n";
print SENDMAIL "From: ssl\@$hostname\n";
print SENDMAIL "Subject: SSL CERTIFICATE SIGNING REQUEST for $host ($gendate)\n\n";
print SENDMAIL<<EOM;
countryName (C): $country
stateOrProvinceName (ST): $state
localityName (L): $city
organizationName (O): $co
organizationalUnitName (OU): $cod
commonName (CN): $host
emailAddress: $email
challenge password: $pass
========================================================
$csr
EOM
close(SENDMAIL);
#--------------------------------------
my $cert;
{
my $tf = Cpanel::TempFile->new();
my ( $keyfile, $key_fh ) = $tf->file();
print {$key_fh} $key;
close $key_fh;
my $gen = $openssl->generate_cert(
{
'keyfile' => $keyfile,
'country' => $country,
'state' => $state,
'city' => $city,
'company' => $co,
'division' => $cod,
'hostname' => $host,
'email' => $email,
}
);
die "$gen->{'stderr'}\n" if !$gen->{'status'};
$cert = $gen->{'stdout'};
}
if ( !-t STDIN ) {
print "<table border=1><tr><td><b>CRT (Self Signed Certificate)</b><pre>";
print qq{<textarea name=crt cols=66 rows=23>};
}
print $cert;
if ( !-t STDIN ) {
print qq{</textarea>};
print "</td></tr></table>";
}
my ( $ok, $sslstorage ) = Cpanel::SSLStorage::User->new();
die "$sslstorage\n" if !$ok;
my $err;
( $ok, $err ) = $sslstorage->add_key( 'text' => $key );
die "$err\n" if !$ok;
( $ok, $err ) = $sslstorage->add_certificate( 'text' => $cert );
die "$err\n" if !$ok;
( $ok, $err ) = $sslstorage->add_csr( 'text' => $csr );
die "$err\n" if !$ok;