Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
OpenXPKI::Server::WorkUserXContributed:PerlkDocumentatioty::Reports::Detail(3)

Name
       OpenXPKI::Server::Workflow::Activity::Reports::Detail

Description
       Write a detailed	report with certificate	status information in CSV
       format.	Data can be written to a file or into the workflow context. If
       you have	a large	report make sure your database settings	can handle the
       report size!  It	might also be wise to either use a volatile context
       item or clean up	after you are done to free the database	space.

       Selection criteria and output format can	be controlled by several
       activity	parameters, the	default	is to print all	currenty valid
       certificates.

Configuration
   Activity parameters
       target_key
	   Write the report data into the workflow context using this key. The
	   filesystem is not used in this case,	so all file related settings
	   are ignored.

       target_filename
	   Filename to write the report	to, if relative	(no slash), target_dir
	   must	be set and will	be prepended. If not given, a random filename
	   is set.

       target_dir
	   Mandatory if	target_filename	is relative or not set.

       target_overwrite
	   boolean, overwrite the target file if it exists.

       target_umask
	   The umask to	set on the generated file, default is 640. Note	that
	   the owner is	the user/group running the socket, if you want to
	   download this file using the	webserver, make	sure that either the
	   webserver has permissions on	the daemons group or set the umask to
	   644.

       delimiter
	   A single char which is used as delimiter. Default is	the pipe
	   symbol |. Be	aware that no escaping or quoting of values is done,
	   so you can only use a symbol	that will not occur in the data
	   fields! Good	choices	beside the pipe	is a tab (\t), semicolon (;)
	   or hash (#);

       head
	   A string or template	toolkit	pattern	to put into the	first line of
	   the report file. If not set,	a default header is added. Available
	   template vars are (both dates are in	ISO8601	format):

	   export_date
	   valid_at
	   pki_realm
	   report_config
       include_expired
	   Parseable OpenXPKI::Datetime	value (autodetected), certificates
	   which are expired after the given date are included in the report.
	   Default is not to include expired certificates.

       include_revoked
	   If set to a true value, certificates	which are not in ISSUED	state
	   (revoked, crl pending, on hold) are also included in	the report.
	   Default is to show only issued certificates.

       valid_at
	   Parseable OpenXPKI::Datetime	value (autodetected) used as base for
	   validity calculation. Default is now.

       cutoff_notbefore
	   Parseable OpenXPKI::Datetime	value (autodetected), show only
	   certificates	where notebefore is between valid_at and this value.

       cutoff_notafter
	   Parseable OpenXPKI::Datetime	value (autodetected), show
	   certificates	where notafter is less then value. The requested
	   valid_at or,	if set,	the expiry cutoff date is added	as lower
	   border.

       unique_subject
	   If set to a true value, only	the certiticate	with the latest
	   notbefore date for each subject is included in the report. Note
	   that	filtering on subject is	done AFTER the other filters, e.g. in
	   case	you do not include revoked certifiates you get the latest one
	   that	was not	revoked. Subjects are compared case insensitive!

       subject
	   Expression to use as	filter on the subject of the certificate. This
	   is passed with a "like" operator to the sql layer, the asterisk can
	   be used as wildcard.	Mutiple	expressions are	possible and or'ed
	   together.

       profile
	   Only	include	certificates with this profile in the report, mutliple
	   profiles can	be passed as list.

       report_config
	   Lookup extended specifications in the config	system at
	   report.<report_config>.  The	config can contain any of the filter
	   controls which will override	any given value	from the activity if a
	   value is given.  Additional columns can also	be specified, these
	   are appended	at the end of each line.

	      cols:
		- head:	Title put in the head columns
		  cert:	issuer_identifier
		- head:	Just another title
		  attribute: meta_email
		- head:	Third column
		  template: "[%	attribute.meta_email %]"
		- head:	The profile given in the CSR
		  csr: profile

	   The cert key	takes the value	from the named column from the
	   certificate table, attribute	shows the value	of the attribute.
	   template is passed to OpenXPKI::Template with cert and attribute
	   set.	Note that all attributes are lists, even if there are single
	   valued!

	   Available columns are:

	   subject
	   certificate_serial
	   csr_serial
	   identifier
	   status
	   notafter
	   notbefore
	   issuer_dn
	   issuer_identifier
	   subject_key_identifier
	   authority_key_identifier
	   profile (from csr)

   Full	example
       Your activity definition:

	   generate_report:
	       class: OpenXPKI::Server::Workflow::Activity::Reports::Detail
	       param:
		   target_umask: 0644
		   _map_target_filename: "expiry report	[% USE date(format='%Y-%m-%dT%H:%M:%S')	%][% date.format( context.valid_at ) %].csv"
		   target_dir: /tmp
		   report_config: expiry

       Content of report/expiry.yaml inside realms config directory:

	  cutoff_notafter: +000060
	  include_expired: -000030

	  cols:
	    - head: Requestor eMail
	      attribute: meta_email

       This gives you a	nice report about certificates which have expired
       within the last 30 days or will expire in the next 60 days with the
       contact email used while	the request process.

perl v5.24.1	      OpenXPKI::Server::Workflow::Activity::Reports::Detail(3)

Name | Description | Configuration

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=OpenXPKI::Server::Workflow::Activity::Reports::Detail&sektion=3&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help