summaryrefslogtreecommitdiffstats
path: root/application/clicommands/ImportCommand.php
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--application/clicommands/ImportCommand.php57
1 files changed, 57 insertions, 0 deletions
diff --git a/application/clicommands/ImportCommand.php b/application/clicommands/ImportCommand.php
new file mode 100644
index 0000000..1f9d1ef
--- /dev/null
+++ b/application/clicommands/ImportCommand.php
@@ -0,0 +1,57 @@
+<?php
+// Icinga Web 2 X.509 Module | (c) 2018 Icinga GmbH | GPLv2
+
+namespace Icinga\Module\X509\Clicommands;
+
+use Icinga\Application\Logger;
+use Icinga\Module\X509\CertificateUtils;
+use Icinga\Module\X509\Command;
+use ipl\Sql\Connection;
+
+class ImportCommand extends Command
+{
+ /**
+ * Import all X.509 certificates from the given file and mark them as trusted
+ *
+ * USAGE:
+ *
+ * icingacli x509 import --file <file>
+ *
+ * EXAMPLES:
+ *
+ * icingacli x509 import --file /etc/ssl/certs/ca-bundle.crt
+ */
+ public function indexAction()
+ {
+ $file = $this->params->getRequired('file');
+
+ if (! file_exists($file)) {
+ Logger::warning('The specified certificate file does not exist.');
+ exit(1);
+ }
+
+ $db = $this->getDb();
+
+ $bundle = CertificateUtils::parseBundle($file);
+
+ $count = 0;
+
+ $db->transaction(function (Connection $db) use ($bundle, &$count) {
+ foreach ($bundle as $data) {
+ $cert = openssl_x509_read($data);
+
+ $id = CertificateUtils::findOrInsertCert($db, $cert);
+
+ $db->update(
+ 'x509_certificate',
+ ['trusted' => 'yes'],
+ ['id = ?' => $id]
+ );
+
+ $count++;
+ }
+ });
+
+ printf("Processed %d X.509 certificate%s.\n", $count, $count !== 1 ? 's' : '');
+ }
+}