3,054
edits
Changes
Jump to navigation
Jump to search
mLine 1:
Line 1: − + Line 23:
Line 23: − + Line 32:
Line 32: − + Line 125:
Line 125: + + + + + − + Line 145:
Line 150: − + + + − + − + Line 169:
Line 176: − + + + − + − Use this for bugs phpki-ng itself {{BugzillaFileBug|product=SME%20Contribs|component=phpki-ng|title=this link}}+ + + + − + + + + +
no edit summary
{{Languages|PHPki}}
{{Languages|PHPki}}
{{Note box| For v10 we have created a new update version of PHPKi called PHPKi-ng with fixes and higher security defaults. If you used the previous version you will need to create a new CA and certificates. We have imported the original version to contribs if you really need to use it, but it is not recommended, and will not be generally released}}
{{Note box| For v10 we have created a new update version of PHPKi called PHPKi-ng with fixes and higher security defaults. If you used the previous version you will need to create a new CA and certificates. We have imported the original version to contribs if you really need to use it, but it is not recommended, and will not be generally released.}}
===Maintainer===
===Maintainer===
[http://sourceforge.net/projects/phpki/ PHPki] is an Open Source Web application for managing a multi-agency PKI for HIPAA compliance. With it, you may create and centrally manage X.509 certificates for use with S/MIME enabled e-mail clients, SSL servers, and VPN applications. PHPki is now used to manage certificates with the latest release of the [[OpenVPN_Bridge|SME Server OpenVPN Bridge contrib]].
[http://sourceforge.net/projects/phpki/ PHPki] is an Open Source Web application for managing a multi-agency PKI for HIPAA compliance. With it, you may create and centrally manage X.509 certificates for use with S/MIME enabled e-mail clients, SSL servers, and VPN applications. PHPki is now used to manage certificates with the latest release of the [[OpenVPN_Bridge|SME Server OpenVPN Bridge contrib]].
You can see a demo installation [http://phpki.sourceforge.net/phpki/ here]
You can see a demo installation [http://phpki.sourceforge.net/phpki/ here.]
=== Requirements ===
=== Requirements ===
=== Installation ===
=== Installation ===
{{Warning box| If openvpn is not detected PHPKi cannot generate a TA Key and it should advise you during install. To generate a TA Key once you have openvpn installed do this (assuming this is the correct directory)
{{Warning box| If openvpn is not detected PHPKi cannot generate a TA Key and it should advise you during install. To generate a TA Key once you have openvpn installed do this (assuming this is the correct directory)
openvpn --genkey --secret /opt/phpki/phpki-store/CA/private/takey.pem
openvpn --genkey --secret /opt/phpki/phpki-store/CA/private/takey.pem
chown phpki:phpki /opt/phpki/phpki-store/CA/private/takey.pem}}
chown phpki:phpki /opt/phpki/phpki-store/CA/private/takey.pem}}
{{Note box|If you just installed the [[OpenVPN_Bridge]] contrib and are installing PHPki as suggested by the wiki page, or you just want to use [[PHPki]] without [[OpenVPN_Bridge]] contrib, then you are done here, and you don't have to migrate any certificates}}
{{Note box|If you just installed the [[OpenVPN_Bridge]] contrib and are installing PHPki as suggested by the wiki page, or you just want to use [[PHPki]] without [[OpenVPN_Bridge]] contrib, then you are done here, and you don't have to migrate any certificates}}
{{Note box|starting phpki-ng-0.84-14 new URL are available to access your CRL and request for certificate status
http://www.somewhere.com/phpki/ns_revoke_query.php?
http://www.somewhere.com/phpki/dl_crl.php}}
=== Add another admin ===
=== Add another admin ===
if you happen to need to delegate certifciate generation, you can use user-panel to add access to the panel, but you will also need to add the user manually to phpki config
if you happen to need to delegate certificate generation, you can use user-panel to add access to the panel, but you will also need to add the user manually to phpki config
edit /opt/phpki/phpki-store/config/config.php<syntaxhighlight lang="php">
edit /opt/phpki/phpki-store/config/config.php<syntaxhighlight lang="php">
Certificates and PKI configuration are stored in /opt/phpki/phpki-store, php files are in /opt/phpki/html
Certificates and PKI configuration are stored in /opt/phpki/phpki-store, php files are in /opt/phpki/html
{{Warning box|These files can be very important, so my recommendation is to let them remain here. If you really want to remove them, just backup them before:
{{Warning box|To start from scratch after uninstallation you need to get rid of the html and pkpki-store directories before reinstalling.
The files in phpki-store can be very important, so my recommendation is to let them remain here. If you really want to remove them, just backup them before:
cd /opt/phpki
cd /opt/phpki
tar cvzf ~/phpki-backup.tar.gz ./
tar cvzf ~/phpki-backup.tar.gz ./
Now you can remove the entire /opt/phpki directory
Now you can remove the entire /opt/phpki directory
rm /opt/phpki/{html,phpki-store} -rf
}}
}}
=== Re-install ===
=== Re-install ===
==== before php-ki-ng 0.84-14 ====
==== before phpki-ng 0.84-14 ====
If you have removed the contrib, and want to re-install it keeping you previous CA (assuming you restored /opt/phpki), you'll need to follow these steps after you have installed the rpms:
If you have removed the contrib, and want to re-install it keeping your previous CA (assuming you restored /opt/phpki), you'll need to follow these steps after you have installed the rpms:
cd /opt/phpki/html/
cd /opt/phpki/html/
=== Bugs ===
=== Bugs ===
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla]
Please raise bugs under the SME-Contribs section in [http://bugs.contribs.org/enter_bug.cgi bugzilla].
====smeserver-phpki-ng====
For the new smeserver-phpki-ng select the smeserver-phpki-ng component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-phpki-ng|title=this link}}
For the new smeserver-phpki-ng, select the smeserver-phpki-ng component or use {{BugzillaFileBug|product=SME%20Contribs|component=smeserver-phpki-ng|title=this link}}
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-phpki-ng|noresultsmessage="No open bugs found."}}
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=smeserver-phpki-ng|noresultsmessage="No open bugs found."}}
====phpki-ng====
For the new phpki-ng itself select the phpki-ng component or use {{BugzillaFileBug|product=SME%20Contribs|component=phpki-ng|title=this link}}
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=phpki-ng|noresultsmessage="No open bugs found."}}
{{#bugzilla:columns=id,product,version,status,summary |sort=id |order=desc |component=phpki-ng|noresultsmessage="No open bugs found."}}
=== changelog ===
=== Changelog ===
Only released version in smecontrib are listed here.
{{#smechangelog:smeserver-phpki-ng}}
{{#smechangelog:phpki-ng}}
----
----
[[Category:Contrib]]
[[Category:Contrib]]
[[Category:Administration:Certificates]]
[[Category:Administration:Certificates]]