GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
OpenXPKI::Server::Workflow::Activity::Reports::Detail(3) User Contributed Perl Documentation OpenXPKI::Server::Workflow::Activity::Reports::Detail(3)

OpenXPKI::Server::Workflow::Activity::Reports::Detail

Write a detailed report with certificate status information in CSV format. Data can be written to a file or into the workflow context. If you have a large report make sure your database settings can handle the report size! It might also be wise to either use a volatile context item or clean up after you are done to free the database space.

Selection criteria and output format can be controlled by several activity parameters, the default is to print all currenty valid certificates.

format
Default is csv using delimiter to create lines. If set to json, the result is encoded using JSON with the keys title, head and data. Set to memory to retrieve the data portion of the report directly in the context value defined by target_key.
target_key
Write the report data into the workflow context using this key. The filesystem is not used in this case, so all file related settings are ignored.

If the format is set to memory the default value is _report_data.

target_filename
Filename to write the report to, if relative (no slash), target_dir must be set and will be prepended. If not given, a random filename is set.
target_dir
Mandatory if target_filename is relative or not set.
target_overwrite
boolean, overwrite the target file if it exists.
target_umask
The umask to set on the generated file, default is 640. Note that the owner is the user/group running the socket, if you want to download this file using the webserver, make sure that either the webserver has permissions on the daemons group or set the umask to 644.
delimiter
A single char which is used as delimiter. Default is the pipe symbol |. Be aware that no escaping or quoting of values is done, so you can only use a symbol that will not occur in the data fields! Good choices beside the pipe is a tab (\t), semicolon (;) or hash (#);
head
A string or template toolkit pattern to put into the first line of the report file. If not set, a default header is added. Available template vars are (both dates are in ISO8601 format):
export_date
valid_at
pki_realm
report_config
include_expired
Parseable OpenXPKI::Datetime value (autodetected), certificates which are expired after the given date are included in the report. Default is not to include expired certificates.
include_revoked
If set to a true value, certificates which are not in ISSUED state (revoked, crl pending, on hold) are also included in the report. Default is to show only issued certificates.
valid_at
Parseable OpenXPKI::Datetime value (autodetected) used as base for validity calculation. Default is now.
cutoff_notbefore
Parseable OpenXPKI::Datetime value (autodetected), show only certificates where notebefore is between valid_at and this value.
cutoff_notafter
Parseable OpenXPKI::Datetime value (autodetected), show certificates where notafter is less then value. The requested valid_at or, if set, the expiry cutoff date is added as lower border.
unique_subject
If set to a true value, only the certiticate with the latest notbefore date for each subject is included in the report. Note that filtering on subject is done AFTER the other filters, e.g. in case you do not include revoked certifiates you get the latest one that was not revoked. Subjects are compared case insensitive!
subject
Expression to use as filter on the subject of the certificate. This is passed with a "like" operator to the sql layer, the asterisk can be used as wildcard. Mutiple expressions are possible and or'ed together.
profile
Only include certificates with this profile in the report, mutliple profiles can be passed as list.
report_config
Lookup extended specifications in the config system at report.<report_config>. The config can contain any of the filter controls which will override any given value from the activity if a value is given. Additional columns can also be specified, these are appended at the end of each line. 

   cols:
     - head: Title put in the head columns
       cert: issuer_identifier
     - head: Just another title
       attribute: meta_email
     - head: Third column
       template: "[% attribute.meta_email %]"
     - head: The profile given in the CSR
       csr: profile

The cert key takes the value from the named column from the certificate table, attribute shows the value of the attribute. template is passed to OpenXPKI::Template with cert and attribute set. Note that all attributes are lists, even if there are single valued!

Available columns are:

subject
certificate_serial
csr_serial
identifier
status
notafter
notbefore
issuer_dn
issuer_identifier
subject_key_identifier
authority_key_identifier
profile (from csr)

Your activity definition: 

    generate_report:
        class: OpenXPKI::Server::Workflow::Activity::Reports::Detail
        param:
            target_umask: 0644
            _map_target_filename: "expiry report [% USE date(format='%Y-%m-%dT%H:%M:%S') %][% date.format( context.valid_at ) %].csv"
            target_dir: /tmp
            report_config: expiry

Content of report/expiry.yaml inside realms config directory:

   cutoff_notafter: +000060
   include_expired: -000030

   cols:
     - head: Requestor eMail
       attribute: meta_email

This gives you a nice report about certificates which have expired within the last 30 days or will expire in the next 60 days with the contact email used while the request process.

2022-05-14 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.