$value) {
if ($key !== "count") {
$entries[] = explode(":", $value);
}
}
if (isset($_GET["file"])) {
$basecert = $vardir . "/userkeys/" . $ldap_user;
if (!file_exists($basecert . ".cert.pem")) {
exec("taskserver-user-certs $ldap_user");
}
$certificate = file_get_contents($basecert . ".cert.pem");
$cert_key = file_get_contents($basecert . ".key.pem");
// IdenTrust DST Root CA X3
// obtained here: https://letsencrypt.org/fr/certificates/
$server_cert = "-----BEGIN CERTIFICATE-----
MIIDSjCCAjKgAwIBAgIQRK+wgNajJ7qJMDmGLvhAazANBgkqhkiG9w0BAQUFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTAwMDkzMDIxMTIxOVoXDTIxMDkzMDE0MDExNVow
PzEkMCIGA1UEChMbRGlnaXRhbCBTaWduYXR1cmUgVHJ1c3QgQ28uMRcwFQYDVQQD
Ew5EU1QgUm9vdCBDQSBYMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AN+v6ZdQCINXtMxiZfaQguzH0yxrMMpb7NnDfcdAwRgUi+DoM3ZJKuM/IUmTrE4O
rz5Iy2Xu/NMhD2XSKtkyj4zl93ewEnu1lcCJo6m67XMuegwGMoOifooUMM0RoOEq
OLl5CjH9UL2AZd+3UWODyOKIYepLYYHsUmu5ouJLGiifSKOeDNoJjj4XLh7dIN9b
xiqKqy69cK3FCxolkHRyxXtqqzTWMIn/5WgTe1QLyNau7Fqckh49ZLOMxt+/yUFw
7BZy1SbsOFU5Q9D8/RhcQPGX69Wam40dutolucbY38EVAjqr2m7xPi71XAicPNaD
aeQQmxkqtilX4+U9m5/wAl0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNV
HQ8BAf8EBAMCAQYwHQYDVR0OBBYEFMSnsaR7LHH62+FLkHX/xBVghYkQMA0GCSqG
SIb3DQEBBQUAA4IBAQCjGiybFwBcqR7uKGY3Or+Dxz9LwwmglSBd49lZRNI+DT69
ikugdB/OEIKcdBodfpga3csTS7MgROSR6cz8faXbauX+5v3gTt23ADq1cEmv8uXr
AvHRAosZy5Q6XkjEGB5YGV8eAlrwDPGxrancWYaLbumR9YbK+rlmM6pZW87ipxZz
R8srzJmwN0jP41ZL9c8PDHIyh8bwRLtTcm1D9SZImlJnt1ir/md2cXjbDaJWFBM5
JDGFoqgCWjBH4d1QB7wCCZAA62RjYJsWvIjJEubSfZGL+T0yjWW06XyxV3bqxbYo
Ob8VZRzI9neWagqNdwvYkQsEjgfbKbYK7p2CNTUQ
-----END CERTIFICATE-----";
$file = $_GET["file"];
switch($file) {
case "ca.cert.pem":
$content = $server_cert;
$name = "ca.cert.pem";
$type = "application/x-x509-ca-cert";
break;
case "cert.pem":
$content = $certificate;
$name = $ldap_user . ".cert.pem";
$type = "application/x-x509-ca-cert";
break;
case "key.pem":
$content = $cert_key;
$name = $ldap_user . ".key.pem";
$type = "application/x-x509-ca-cert";
break;
case "mirakel";
foreach ($entries as $entry) {
list($org, $user, $key) = $entry;
if ($key == $_GET["key"]) { break; }
}
$name = $user . ".mirakel";
$type = "text/plain";
$content = "username: $user
org: $org
user key: $key
server: $host
client.cert:
$certificate
Client.key:
$cert_key
ca.cert:
$server_cert
";
break;
default:
die("invalid file name");
break;
}
header("Content-Type: $type");
header('Content-Disposition: attachment; filename="' . $name . '"');
header('Content-Transfer-Encoding: binary');
header('Accept-Ranges: bytes');
header('Cache-Control: private');
header('Pragma: private');
echo $content;
exit;
}
?>
Taskwarrior configuration
For command line interface, download the files, put them near your Taskwarrior
configuration files, and add that to your Taskwarrior configuration:
taskd.certificate=/path/to/.cert.pem
taskd.key=/path/to/.key.pem
taskd.server=
1) {
echo "# Chose one of them\n";
foreach($entries as $entry) {
list($org, $user, $key) = $entry;
echo "# taskd.credentials=$org/$user/$key\n";
}
} else { ?>
taskd.credentials=//
taskd.ca=/path/to/ca.cert.pem
For Mirakel, download and import the file:
For Android Taskwarrior app, see instructions here.