Merge pull request #19 from Mrt134/master

Additional documentation for SSL certificate management
2026-01-27 02:20:17 +00:00 · 2016-05-17 11:34:52 -04:00
parent 20c0c0b47e d216ad5c2b
commit 273cd613d3
2 changed files with 102 additions and 12 deletions
--- a/api/connection.rst
+++ b/api/connection.rst
@@ -187,10 +187,10 @@ Several actions are available for managing the SSL certificates used for authent
 | id                              |               | any unique value for the request; examples include a hash, checksum, or uuid                                         |
 |                                 |               |                                                                                                                      |
 +---------------------------------+---------------+----------------------------------------------------------------------------------------------------------------------+
-| name                            | sysadm        |                                                                                                                      |
+| name                            | settings      |                                                                                                                      |
 |                                 |               |                                                                                                                      |
 +---------------------------------+---------------+----------------------------------------------------------------------------------------------------------------------+
-| namespace                       | settings      |                                                                                                                      |
+| namespace                       | sysadm        |                                                                                                                      |
 |                                 |               |                                                                                                                      |
 +---------------------------------+---------------+----------------------------------------------------------------------------------------------------------------------+
 | action                          |               | supported actions include "list_ssl_certs", "register_ssl_cert", and "revoke_ssl_cert"                               |
@@ -206,7 +206,37 @@ The rest of this section provides examples of the available *actions* for each t
 List SSL Certificates
 ---------------------

-The "list_ssl_certificates" action lists the known and registered certificates. For each certificate, the response includes the username, public key, and the text of the certificate.
+The "list_ssl_certificates" action lists the known and registered certificates. For each certificate, the response includes the username, public key, and the certificate's details.
+
+**Websocket Request**
+
+.. code-block:: json
+  
+  {  
+  "id" : "example_id",
+  "name" : "settings",
+  "namespace": "sysadm",
+  "args" : {
+    "action" : "list_ssl_certificates"
+    }
+  }
+
+**Websocket Response**
+
+.. code-block:: json
+  
+  {  
+   "id" : "example_id",
+   "name" : "response",
+   "namespace": "sysadm",
+   "args" : {
+      "<user>" : {
+         "<key>" : "<certificate_details>"
+         }
+      }
+  }
+  
+.. note:: the "<key>" value is base64 encoded.

 .. index:: register_ssl_cert, settings

@@ -219,6 +249,36 @@ The "register_ssl_certificate" action registers the specified certificate on the
 certificate is loaded in any future connections. When using this action, The "pub_key" needs to match the public key of one of the certificates currently loaded into the server/client
 connection.

+**Websocket Request**
+
+.. code-block:: json
+  
+  {
+   "id" : "example_id",
+   "name" : "settings",
+   "namespace": "sysadm",
+   "args" : {
+    "action" : "register_ssl_certificate",
+    "pub_key" : "<base64key>",
+    "nickname" : "<example_name>",
+    "email" : "<example_email>"
+    }
+  }
+  
+**Websocket Response**
+
+.. code-block:: json
+  
+  {  
+   "id" : "example_id",
+   "name" : "response",
+   "namespace": "sysadm",
+   "args" : {}
+  }
+
+  
+.. note:: the "nickname" and "email" arguments are optional and may not be seen in all responses
+
 .. index:: revoke_ssl_cert, settings

 .. _Revoke a SSL Certificate:
@@ -230,6 +290,32 @@ The "revoke_ssl_certificate" action revokes a currently registered certificate s
 keys given by the "list_ssl_certs" action, but does not need to match any currently loaded certificates. The "user" is optional and allows a connection with full administrative privileges to
 revoke a certificate belonging to another user.

+**Websocket Request**
+
+.. code-block:: json
+  
+  {
+   "id" : "example_id",
+   "name" : "settings",
+   "namespace": "sysadm",
+   "args" : {
+    "action" : "revoke_ssl_certificate",
+    "pub_key" : "<base64key>",
+    "user" : "<example_user>"
+    }
+  }
+  
+**Websocket Response**
+
+.. code-block:: json
+  
+  {  
+   "id" : "example_id",
+   "name" : "response",
+   "namespace": "sysadm",
+   "args" : {}
+  }
+
 .. note:: if the current user has full administrative access, "list_ssl_certs" will return the registered certificates for all users on the system. Otherwise, it will only return the
   certificates for the current user. Similarly, "revoke_ssl_cert" may be used to remove certificates registered to other users only if the current user/connection has full administrative
   access; otherwise, it may only be used to manage the current user's certificates.
--- a/api/themes/pcbsd_style/static/css/pcbsd_style.css
+++ b/api/themes/pcbsd_style/static/css/pcbsd_style.css
@@ -2698,10 +2698,10 @@ div[class^='highlight'] pre {
    font-weight: bold;
    position: relative;
 //    background: #fcfcfc;
-    background: #808991 !important;
+    background: rgba(0, 0, 0, 0) linear-gradient(135deg, #b5bdc8 0%, #828c95 36%, #28343b 100%)!important;
    border: none;
-    border-bottom: solid 1px #808991;
-    border-top: solid 1px #808991;
+    border-bottom: none/*solid 1px #808991*/;
+    border-top: none/*solid 1px #808991*/;
    padding-left: 1.618em -4px
 }
 .wy-menu-vertical li.on a:hover,
@@ -2734,7 +2734,11 @@ div[class^='highlight'] pre {
 /*level3:#.#.#*/.wy-menu-vertical li.toctree-l2.current li.toctree-l3>a {
    display: block;
 //    background: #c9c9c9;
-    background: #850d0d;
+   background: rgb(179,19,5);
+background: -moz-linear-gradient(top, rgba(179,19,5,1) 0%, rgba(179,19,5,1) 100%);
+background: -webkit-linear-gradient(top, rgba(179,19,5,1) 0%,rgba(179,19,5,1) 100%);
+background: linear-gradient(to bottom, rgba(179,19,5,1) 0%,rgba(179,19,5,1) 100%);
+filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#b31305', endColorstr='#b31305',GradientType=0 );
    padding: 0.4045em 4.045em
 }
 .wy-menu-vertical li.toctree-l2 a:hover span.toctree-expand {
@@ -3622,11 +3626,11 @@ span[id*='MathJax-Span'] {

 .wy-nav-side,
 div.related {
-    background: #a90329;
-	background: -moz-linear-gradient(top, #a90329 0%, #8f0222 44%, #6d0019 100%);
-	background: -webkit-linear-gradient(top, #a90329 0%,#8f0222 44%,#6d0019 100%);
-	background: linear-gradient(to bottom, #a90329 0%,#8f0222 44%,#6d0019 100%);
-	filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#a90329', endColorstr='#6d0019',GradientType=0 );
+    background: rgb(179,19,5);
+background: -moz-linear-gradient(top, rgba(179,19,5,1) 0%, rgba(179,19,5,1) 100%);
+background: -webkit-linear-gradient(top, rgba(179,19,5,1) 0%,rgba(179,19,5,1) 100%);
+background: linear-gradient(to bottom, rgba(179,19,5,1) 0%,rgba(179,19,5,1) 100%);
+filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#b31305', endColorstr='#b31305',GradientType=0 );
    /* was 0f0df0 */
 }
 code.kbd,