/** *After the CSR has been uploaded to the Comodo certificate apply API, it * must be authorized by the user. * Call the authorize endpoint in the API and update the respective DB entry. */ private function capiAuthorizeCSR() { $authorize_endpoint = ConfusaConstants::$CAPI_AUTH_ENDPOINT; $postfields_auth = $this->bs_pf(); $postfields_auth["orderNumber"] = $this->order_number; $data = CurlWrapper::curlContact($authorize_endpoint, "post", $postfields_auth); Logger::log_event(LOG_DEBUG, "Authorizing CSR " . $this->order_number . " for signing."); /* the only formal restriction we have is if the API returns 0 for the query */ if (substr($data, 0, 1) == "0") { /* update the database-entry to reflect the autorization-state */ MDB2Wrapper::update("UPDATE order_store SET authorized='authorized' WHERE order_number=?", array('text'), array($this->order_number)); Logger::log_event(LOG_NOTICE, "Authorized certificate with order number " . $this->order_number . ". " . $this->owner_string); } else { Logger::log_event(LOG_WARNING, "Error authorizing CSR " . $this->order_number . " " . "Server said " . $error_parts[0] . " (" . $error_parts[1] . ")"); $msg = "Received an error when authorizing the CSR with orderNumber " . $this->order_number . $data . "\n"; $error_parts = explode("\n", $data, 2); $msg .= $this->capiErrorMessage($error_parts[0], $error_parts[1]); throw new CGE_ComodoAPIException($msg); } }
/** * Provision the whole CA chain (the signing CA cert plus the intermediate * CA cert, plus the root CA). * * @see makeCRLAvailabe */ private function makeChainAvailable() { if (Config::get_config('ca_mode') == CA_COMODO) { $root_ca_content = CurlWrapper::curlContact(ConfusaConstants::$CAPI_ROOT_CA); $interm_ca_content = CurlWrapper::curlContact(ConfusaConstants::$CAPI_INTERMEDIATE_CA); $actual_ca_cert = CurlWrapper::curlContact($this->cert_url); /* convert from DER to PEM */ $cert = new Certificate($actual_ca_cert); $ca_chain = $root_ca_content . $interm_ca_content . $cert->getPEMContent(true); file_put_contents($this->cert_path, $ca_chain); } }