|target_filename||Filename to write the report to, if relative (no slash), target_dir must be set and will be prepended. If not given, a random filename is set.|
|target_dir||Mandatory if target_filename is relative. If either one is set, the system temp dir is used.|
|target_umask||The umask to set on the generated file, default is 640. Note that the owner is the user/group running the socket, if you want to download this file using the webserver, make sure that either the webserver has permissions on the daemons group or set the umask to 644.|
|include_expired||Parseable OpenXPKI::Datetime value (autodetected), certificates which are expired after the given date are included in the report. Default is not to include expired certificates.|
|include_revoked||If set to a true value, certificates which are not in ISSUED state (revoked, crl pending, on hold) are also included in the report. Default is to show only issued certificates.|
|valid_at||Parseable OpenXPKI::Datetime value (autodetected) used as base for validity calculation. Default is now.|
|cutoff_notbefore||Parseable OpenXPKI::Datetime value (autodetected), show certificates where notebefore is greater than value.|
|cutoff_notafter||Parseable OpenXPKI::Datetime value (autodetected), show certificates where notafter is less then value.|
|unique_subject||If set to a true value, only the certiticate with the latest notbefore date for each subject is included in the report. Note that filtering on subject is done AFTER the other filters, e.g. in case you do not include revoked certifiates you get the latest one that was not revoked.|
Lookup extended specifications in the config system at report.<report_config>.
The config can contain any of
cutoff_notbefore, cutoff_notafter, include_revoked, include_expired.
which will override any given value from the activity if a value is given.
Additional columns can also be specified, these are appended at the end
of each line.
The cert key takes the value from the named column from the certificate table, attribute shows the value of the attribute. template is passed to OpenXPKI::Template with cert and attribute set. Note that all attributes are lists, even if there are single valued!
Your activity definition:
Content of report/expiry.yaml inside realms config directory:
cutoff_notafter: +000060 include_expired: -000030 cols: - head: Requestor eMail attribute: meta_email
This gives you a nice report about certificates which have expired within the last 30 days or will expire in the next 60 days with the contact email used while the request process.
|perl v5.20.3||OPENXPKI::SERVER::WORKFLOW::ACTIVITY::REPORTS::DETAIL (3)||2016-04-03|