summaryrefslogtreecommitdiff
path: root/interface-definitions/pki.xml.in
diff options
context:
space:
mode:
Diffstat (limited to 'interface-definitions/pki.xml.in')
-rw-r--r--interface-definitions/pki.xml.in95
1 files changed, 95 insertions, 0 deletions
diff --git a/interface-definitions/pki.xml.in b/interface-definitions/pki.xml.in
index a13a357fd..0ed199539 100644
--- a/interface-definitions/pki.xml.in
+++ b/interface-definitions/pki.xml.in
@@ -9,11 +9,18 @@
<tagNode name="ca">
<properties>
<help>Certificate Authority</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
</properties>
<children>
<leafNode name="certificate">
<properties>
<help>CA certificate in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>CA certificate is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
#include <include/generic-description.xml.i>
@@ -25,6 +32,10 @@
<leafNode name="key">
<properties>
<help>CA private key in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>CA private key is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="password-protected">
@@ -38,6 +49,10 @@
<leafNode name="crl">
<properties>
<help>Certificate revocation list in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>CRL is not base64-encoded</constraintErrorMessage>
<multi/>
</properties>
</leafNode>
@@ -52,13 +67,74 @@
<tagNode name="certificate">
<properties>
<help>Certificate</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
</properties>
<children>
<leafNode name="certificate">
<properties>
<help>Certificate in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>Certificate is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
+ <node name="acme">
+ <properties>
+ <help>Automatic Certificate Management Environment (ACME) request</help>
+ </properties>
+ <children>
+ #include <include/url-http-https.xml.i>
+ <leafNode name="url">
+ <defaultValue>https://acme-v02.api.letsencrypt.org/directory</defaultValue>
+ </leafNode>
+ <leafNode name="domain-name">
+ <properties>
+ <help>Domain Name</help>
+ <constraint>
+ <validator name="fqdn"/>
+ </constraint>
+ <constraintErrorMessage>Invalid domain name (RFC 1123 section 2).\nMay only contain letters, numbers and .-_</constraintErrorMessage>
+ <multi/>
+ </properties>
+ </leafNode>
+ <leafNode name="email">
+ <properties>
+ <help>Email address to associate with certificate</help>
+ <constraint>
+ #include <include/constraint/email.xml.i>
+ </constraint>
+ </properties>
+ </leafNode>
+ #include <include/listen-address-ipv4-single.xml.i>
+ <leafNode name="rsa-key-size">
+ <properties>
+ <help>Size of the RSA key</help>
+ <completionHelp>
+ <list>2048 3072 4096</list>
+ </completionHelp>
+ <valueHelp>
+ <format>2048</format>
+ <description>RSA key length 2048 bit</description>
+ </valueHelp>
+ <valueHelp>
+ <format>3072</format>
+ <description>RSA key length 3072 bit</description>
+ </valueHelp>
+ <valueHelp>
+ <format>4096</format>
+ <description>RSA key length 4096 bit</description>
+ </valueHelp>
+ <constraint>
+ <regex>(2048|3072|4096)</regex>
+ </constraint>
+ </properties>
+ <defaultValue>2048</defaultValue>
+ </leafNode>
+ </children>
+ </node>
#include <include/generic-description.xml.i>
<node name="private">
<properties>
@@ -68,6 +144,10 @@
<leafNode name="key">
<properties>
<help>Certificate private key in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>Certificate private key is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="password-protected">
@@ -89,11 +169,18 @@
<tagNode name="dh">
<properties>
<help>Diffie-Hellman parameters</help>
+ <constraint>
+ #include <include/constraint/alpha-numeric-hyphen-underscore-dot.xml.i>
+ </constraint>
</properties>
<children>
<leafNode name="parameters">
<properties>
<help>DH parameters in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>DH parameters are not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
</children>
@@ -111,6 +198,10 @@
<leafNode name="key">
<properties>
<help>Public key in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>Public key is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
</children>
@@ -123,6 +214,10 @@
<leafNode name="key">
<properties>
<help>Private key in PEM format</help>
+ <constraint>
+ <validator name="base64"/>
+ </constraint>
+ <constraintErrorMessage>Private key is not base64-encoded</constraintErrorMessage>
</properties>
</leafNode>
<leafNode name="password-protected">
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-01 05:11:27 +0000