Using the demo servlet
It is a demo servlet that will accept any incoming post, create a user with a unique username, and instantly send back a certificate. The entity- and certificate profiles used are sent as parameters in the post. To set up the demo servlet:
Find out the CA id of the CA you want to use for signing of the demo certificates. Use the Admin GUI or 'bin/ejbca.sh ca listcas' to find the integer value that is the CA id.
Configure the CA id in modules/publicweb-gui/src/org/ejbca/ui/web/pub/DemoCertReqServlet.java, it's the parameter DEFAULT_DEMOCAID.
Edit src/publicweb/publicweb/WEB-INF/web.xml and uncomment the two sections for the demo servlet.
If using UTF-8 to display the web-page containing the demo form to the users, change ISO-8859-1 to UTF-8 for the env-entry contentEncoding. Otherwise national characters in names will be encoded/displayed incorrectly in the certificates.
Deploy with ant deploy.
Create an end entity profile and a certificate profile that should be used for the demo certificates.
Create a demo apply page containing something similar to the sample form below for Firefox. There are some sample scripts under modules/publicweb-gui/resources/.
<
form
name
=
"demoreq"
action
=
"http://127.0.0.1:8080/ejbca/democertreq"
method
=
"post"
>
Please fill out the form and click <
b
>Enroll</
b
> to receive your certificate.
Read our <
a
href
=
"https://www.primekey.se/primekey/en/Demo.html"
>privacy policy</
a
>.<
br
>
<
input
name
=
"certificateprofile"
value
=
"DemoCertProfile"
type
=
"hidden"
>
<
input
name
=
"entityprofile"
value
=
"DemoEntityProfile"
type
=
"hidden"
><
br
>
<
br
>
Full name:
<
input
name
=
"user"
value
=
"C=SE,O=PrimeKey Solutions AB,OU=Demo,CN="
size
=
"25"
maxlength
=
"60"
class
=
"input"
type
=
"text"
>
<
p
align
=
"left"
> E-mail:
<
input
name
=
"email"
size
=
"25"
maxlength
=
"60"
class
=
"input"
type
=
"text"
>
<
input
name
=
"includeemail"
value
=
"true"
type
=
"hidden"
>
</
p
>
<
p
align
=
"left"
> Choose key length from the list below. The default is recommended in most cases. <
br
>
<
br
>
<
keygen
type
=
"hidden"
name
=
"keygen"
value
=
"challenge"
>
</
p
><
p
align
=
"left"
>
<
input
value
=
"Enroll"
name
=
"submit"
type
=
"submit"
>
</
form
>
You can use some hidden fields and some java script to for example only ask for a name, and concatenate it with a hidden partial DN to produce a full dn for the user parameter. Use your imagination!