--- loncom/lonnet/perl/lonnet.pm	2016/07/24 14:35:29	1.1314
+++ loncom/lonnet/perl/lonnet.pm	2016/07/25 19:50:44	1.1315
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.1314 2016/07/24 14:35:29 raeburn Exp $
+# $Id: lonnet.pm,v 1.1315 2016/07/25 19:50:44 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -229,6 +229,46 @@ sub get_server_distarch {
     return;
 }
 
+sub get_servercerts_info {
+    my ($lonhost,$context) = @_;
+    my ($rep,$uselocal);
+    if (grep { $_ eq $lonhost } &current_machine_ids()) {
+        $uselocal = 1;
+    }
+    if (($context ne 'cgi') || $uselocal) {
+        my $distro = (split(/\:/,&get_server_distarch($lonhost)))[0];
+        if ($distro =~ /^(?:centos|redhat|scientific)(\d+)$/) {
+            if ($1 < 6) {
+                $uselocal = 0;
+            }
+        }
+    }
+    if ($uselocal) {
+        $rep = LONCAPA::Lond::server_certs(\%perlvar);
+    } else {
+        $rep=&reply('servercerts',$lonhost);
+    }
+    my ($result,%returnhash);
+    if (defined($lonhost)) {
+        if (!defined(&hostname($lonhost))) {
+            return;
+        }
+    }
+    if (($rep=~/^(refused|rejected|error)/) || ($rep eq 'con_lost') ||
+        ($rep eq 'unknown_cmd')) {
+        $result = $rep;
+    } else {
+        $result = 'ok';
+        my @pairs=split(/\&/,$rep);
+        foreach my $item (@pairs) {
+            my ($key,$value)=split(/=/,$item,2);
+            my $what = &unescape($key);
+            $returnhash{$what}=&thaw_unescape($value);
+        }
+    }
+    return ($result,\%returnhash);
+}
+
 sub get_server_loncaparev {
     my ($dom,$lonhost,$ignore_cache,$caller) = @_;
     if (defined($lonhost)) {
@@ -2202,7 +2242,7 @@ sub get_domain_defaults {
                                   'requestcourses','inststatus',
                                   'coursedefaults','usersessions',
                                   'requestauthor','selfenrollment',
-                                  'coursecategories','autoenroll'],$domain);
+                                  'coursecategories','ssl','autoenroll'],$domain);
     my @coursetypes = ('official','unofficial','community','textbook','placement');
     if (ref($domconfig{'defaults'}) eq 'HASH') {
         $domdefaults{'lang_def'} = $domconfig{'defaults'}{'lang_def'}; 
@@ -2328,6 +2368,14 @@ sub get_domain_defaults {
             $domdefaults{'catunauth'} = $domconfig{'coursecategories'}{'unauth'};
         }
     }
+    if (ref($domconfig{'ssl'}) eq 'HASH') {
+        if (ref($domconfig{'ssl'}{'replication'}) eq 'HASH') {
+            $domdefaults{'replication'} = $domconfig{'ssl'}{'replication'};
+        }
+        if (ref($domconfig{'ssl'}{'connect'}) eq 'HASH') {
+            $domdefaults{'connect'} = $domconfig{'ssl'}{'connect'};
+        }
+    }
     if (ref($domconfig{'autoenroll'}) eq 'HASH') {
         $domdefaults{'autofailsafe'} = $domconfig{'autoenroll'}{'autofailsafe'};
     }