Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

134 lines
4.6 KiB

<%@ CODEPAGE=65001 'UTF-8%>
<%' certnew.cer - (CERT)srv web - return a (NEW) certificate
' Copyright (C) Microsoft Corporation, 1998 - 1999 %>
<!-- #include FILE=certdat.inc -->
<!-- #include FILE=certsrck.inc -->
<% ' ########## BEGIN SERVER SIDE EXECUTION ##########
'Process a Certificate Request
Dim nDisposition, nResult, sCert, sErrMsg, nEncoding
On Error Resume Next
' from \nt\public\sdk\inc\certcli.h
Const CR_OUT_BASE64HEADER=&H00000000
Const CR_OUT_BASE64=&H00000001
Const CR_OUT_BINARY=&H00000002
Const CR_OUT_CHAIN=&H00000100
'Disposition code ref: \nt\public\sdk\inc\certcli.h
Const CR_DISP_INCOMPLETE =0
Const CR_DISP_ERROR =1
Const CR_DISP_DENIED =2
Const CR_DISP_ISSUED =3
Const CR_DISP_ISSUED_OUT_OF_BAND=4
Const CR_DISP_UNDER_SUBMISSION =5
Const CR_DISP_REVOKED =6
Const no_disp=-1
Const CR_PROP_CASIGCERT=12
Const PROPTYPE_BINARY=3
'Stop 'debugging breakpoint
' determine the requested encoding
If "bin"=Request.QueryString("Enc") Then
nEncoding=CR_OUT_BINARY
Else '"b64"=Request.QueryString("Enc")
nEncoding=CR_OUT_BASE64HEADER
End If
' create the object to do the request
Set Session("ICertRequest")=Server.CreateObject("CertificateAuthority.Request")
Set ICertRequest=Session("ICertRequest")
nDisposition=no_disp
Err.Clear 'make sure we catch the HRESULT and not some earlier error
If "CACert"=Request.QueryString("ReqID") Then
' get the CA cert
sCert=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CASIGCERT, Request.QueryString("Renewal"), PROPTYPE_BINARY, nEncoding)
nResult=Err.Number
sErrMsg=Err.Description
If 0<>nResult Then
'internal redirect - transfer control to error page
Session("nResult")=nResult
Session("sErrMsg")=sErrMsg
Server.Transfer("certrser.asp")
End If
Else
' Fetch the user's cert
nDisposition=ICertRequest.RetrievePending(Request.QueryString("ReqID"), sServerConfig)
nResult=Err.number
sErrMsg=Err.Description
If nDisposition=CR_DISP_ISSUED Then
' Remove this request from the user's cookie
RemoveReq(Request.QueryString("ReqID"))
sCert=ICertRequest.GetCertificate(nEncoding)
Else
'internal redirect - transfer control to error page
Session("nDisposition")=nDisposition
Session("nResult")=nResult
Session("sErrMsg")=sErrMsg
Server.Transfer("certrser.asp")
End If
End If
' Set the MIME type of the data we return. We have two options:
'
' 1) Set the MIME type to x-x509-***-cert. This works great for IE,
' but causes problems for Netscape because it will automatically
' try to install the cert
' 2) Set the MIME type to pkix-cert. This gets rid of the automatic
' installation issue, but may cause 2003 and greater to grey out the
' "open" button in the file download dialog.
'
' Option #1 is implemented here. Option #2 is left commented out, but can
' easily be substituted
'----------------------------------------------------------------------
' OPTION #1: set the MIME type to x-x509-***-cert in all cases
'----------------------------------------------------------------------
If "CACert"=Request.QueryString("ReqID") Then
' Netscape installs this type and does not expect to have a private key
Response.ContentType="application/x-x509-ca-cert"
Else
' Netscape installs this type and expects to have a private key
Response.ContentType="application/x-x509-user-cert"
End If
'----------------------------------------------------------------------
' OPTION #2: prevent Netscape from automagically installing the cert,
'----------------------------------------------------------------------
' so pick MIME type depending upon what we want the browser to do.
'If "inst"=Request.QueryString("Mode") Then
' ' We want Netscape to install
' If "CACert"=Request.QueryString("ReqID") Then
' ' Netscape installs this type and does not expect to have a private key
' Response.ContentType="application/x-x509-ca-cert"
' Else
' ' Netscape installs this type and expects to have a private key
' Response.ContentType="application/x-x509-user-cert"
' End If
'
'Else
' ' We don't wan't Netscape to install
' Response.ContentType="application/pkix-cert" ' Netscape does not install this type
'End If
' send the cert to the client
Response.Clear 'guarantee no extraneous bytes
If CR_OUT_BINARY=nEncoding Then
Response.BinaryWrite(sCert)
Else
Response.Write(sCert)
End If
' ########## END SERVER SIDE EXECUTION ##########
%>