dohertj2/lmxopcua
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Files
a71d33be35fac682cbf86e4beaf8adcc890ad90c
lmxopcua/src/Server/ZB.MOM.WW.OtOpcUa.AdminUI/Components/Pages/Certificates.razor
T
Joseph Doherty 74161f9460
v2-ci / unit-tests (tests/Core/ZB.MOM.WW.OtOpcUa.Cluster.Tests) (push) Has been cancelled
Details
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.ControlPlane.Tests) (push) Has been cancelled
Details
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.OpcUaServer.Tests) (push) Has been cancelled
Details
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Runtime.Tests) (push) Has been cancelled
Details
v2-ci / unit-tests (tests/Server/ZB.MOM.WW.OtOpcUa.Security.Tests) (push) Has been cancelled
Details
v2-ci / integration (push) Has been cancelled
Details
v2-ci / build (push) Has been cancelled
Details
feat(adminui): F15 Phase D — logic + ops pages 
- ClusterAudit (/clusters/{id}/audit) — reads ConfigAuditLog with the
  EventId/CorrelationId columns added in F3; shown as a Cluster tab
- VirtualTags (/virtual-tags)            — fleet-wide read view
- ScriptedAlarms (/scripted-alarms)      — fleet-wide read view
- Scripts (/scripts)                     — fleet-wide; expandable code preview
- RoleGrants (/role-grants)              — per Q4, surfaces the fleet-wide
                                           LDAP-group → role mapping from
                                           Authentication:Ldap:GroupToRole
                                           (read-only; reload via host restart)
- Certificates (/certificates)           — own/trusted/issuer/rejected store
                                           contents resolved against
                                           OpcUa:PkiStoreRoot config (F13a)
- Reservations (/reservations)           — ExternalIdReservation table
- AlarmsHistorian (/alarms-historian)    — live HistorianAdapterActor sink
                                           status via the F11 GetStatus query;
                                           5s polling

ScriptLog deferred (needs the F16-deferred ScriptLogHub bridge).
ClusterNav extended with the Audit tab.

Adds an AdminUI → Runtime project reference so the historian status page can
inject IRequiredActor<HistorianAdapterActorKey>. NuGet audit suppression for
the transitive Opc.Ua.Core advisory mirrored from the Runtime project.

All 104 v2 tests still green.
2026-05-26 08:01:23 -04:00

112 lines
4.3 KiB
Plaintext
Raw Blame History

@page "/certificates"
@attribute [Microsoft.AspNetCore.Authorization.Authorize]
@rendermode RenderMode.InteractiveServer
@using System.Security.Cryptography.X509Certificates
@using Microsoft.Extensions.Configuration
@inject IConfiguration Config
<div class="d-flex justify-content-between align-items-center mb-3">
<h4 class="mb-0">OPC UA certificates</h4>
</div>
<section class="panel notice rise" style="animation-delay:.02s">
PKI store layout: <span class="mono">{PkiStoreRoot}/own</span> (this server's identity),
<span class="mono">issuer</span> / <span class="mono">trusted</span> (peers we accept),
<span class="mono">rejected</span> (peers we've turned away). F13a wires SDK
auto-creation so the own-store self-signs on first boot.
</section>
@if (_rows is null)
{
<p class="mt-3">Loading…</p>
}
else
{
@foreach (var store in _rows)
{
<section class="panel rise mt-3" style="animation-delay:.08s">
<div class="panel-head">@store.Label &middot; @store.Certificates.Count entry@(store.Certificates.Count == 1 ? "" : "s")</div>
@if (string.IsNullOrEmpty(store.Path))
{
<div style="padding:1rem" class="text-muted">No path configured.</div>
}
else if (!Directory.Exists(store.Path))
{
<div style="padding:1rem" class="text-muted">
<span class="mono">@store.Path</span> doesn't exist yet. It will be created on first boot.
</div>
}
else if (store.Certificates.Count == 0)
{
<div style="padding:1rem" class="text-muted">No certificates in <span class="mono">@store.Path</span>.</div>
}
else
{
<div class="table-wrap">
<table class="data-table">
<thead>
<tr>
<th>Subject</th>
<th>Issuer</th>
<th>Thumbprint</th>
<th>Not before</th>
<th>Not after</th>
</tr>
</thead>
<tbody>
@foreach (var c in store.Certificates)
{
<tr>
<td><span class="mono small">@c.Subject</span></td>
<td><span class="mono small">@c.Issuer</span></td>
<td><span class="mono small">@c.Thumbprint[..16]…</span></td>
<td>@c.NotBefore.ToString("u")</td>
<td>@c.NotAfter.ToString("u")</td>
</tr>
}
</tbody>
</table>
</div>
}
</section>
}
}
@code {
private List<StoreView>? _rows;
protected override void OnInitialized()
{
var pkiRoot = Config.GetValue<string?>("OpcUa:PkiStoreRoot") ?? "pki";
_rows = new()
{
LoadStore("Own", Path.Combine(pkiRoot, "own", "certs")),
LoadStore("Trusted peers", Path.Combine(pkiRoot, "trusted", "certs")),
LoadStore("Trusted issuers", Path.Combine(pkiRoot, "issuer", "certs")),
LoadStore("Rejected", Path.Combine(pkiRoot, "rejected", "certs")),
};
}
private static StoreView LoadStore(string label, string path)
{
var view = new StoreView(label, path, new List<X509Certificate2>());
if (!Directory.Exists(path)) return view;
foreach (var file in Directory.EnumerateFiles(path).Where(IsCertFile))
{
try { view.Certificates.Add(X509CertificateLoader.LoadCertificateFromFile(file)); }
catch { /* ignore unreadable entries */ }
}
return view;
}
private static bool IsCertFile(string path)
{
var ext = Path.GetExtension(path);
return ext.Equals(".der", StringComparison.OrdinalIgnoreCase)
|| ext.Equals(".cer", StringComparison.OrdinalIgnoreCase)
|| ext.Equals(".crt", StringComparison.OrdinalIgnoreCase);
}
private sealed record StoreView(string Label, string Path, List<X509Certificate2> Certificates);
}
Reference in New Issue View Git Blame Copy Permalink