diff --git a/src/www/system_crlmanager.php b/src/www/system_crlmanager.php
index b6ee35006..a44893913 100644
--- a/src/www/system_crlmanager.php
+++ b/src/www/system_crlmanager.php
@@ -1,204 +1,204 @@
 <?php
 
 /*
-	Copyright (C) 2014-2015 Deciso B.V.
-	Copyright (C) 2010 Jim Pingle
-	All rights reserved.
+  Copyright (C) 2014-2015 Deciso B.V.
+  Copyright (C) 2010 Jim Pingle
+  All rights reserved.
 
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
 
-	1. Redistributions of source code must retain the above copyright notice,
-	this list of conditions and the following disclaimer.
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer.
 
-	2. Redistributions in binary form must reproduce the above copyright
-	notice, this list of conditions and the following disclaimer in the
-	documentation and/or other materials provided with the distribution.
+  2. Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in the
+  documentation and/or other materials provided with the distribution.
 
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
+  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+  AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+  AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+  POSSIBILITY OF SUCH DAMAGE.
 */
 
 require_once("guiconfig.inc");
 require_once('openvpn.inc');
 
 function openvpn_refresh_crls() {
-	global $g, $config;
+    global $g, $config;
 
-	openvpn_create_dirs();
+    openvpn_create_dirs();
 
-	if (isset($config['openvpn']['openvpn-server']) && is_array($config['openvpn']['openvpn-server'])) {
-		foreach ($config['openvpn']['openvpn-server'] as $settings) {
-			if (empty($settings))
-				continue;
-			if (isset($settings['disable']))
-				continue;
-			// Write the settings for the keys
-			switch($settings['mode']) {
-				case 'p2p_tls':
-				case 'server_tls':
-				case 'server_tls_user':
-				case 'server_user':
-					if (!empty($settings['crlref'])) {
-						$crl = lookup_crl($settings['crlref']);
-						crl_update($crl);
-						$fpath = "/var/etc/openvpn/server{$settings['vpnid']}.crl-verify";
-						file_put_contents($fpath, base64_decode($crl['text']));
-						@chmod($fpath, 0644);
-					}
-					break;
-			}
-		}
-	}
+    if (isset($config['openvpn']['openvpn-server']) && is_array($config['openvpn']['openvpn-server'])) {
+        foreach ($config['openvpn']['openvpn-server'] as $settings) {
+            if (empty($settings) || isset($settings['disable'])) {
+                continue;
+            }
+            // Write the settings for the keys
+            switch($settings['mode']) {
+                case 'p2p_tls':
+                case 'server_tls':
+                case 'server_tls_user':
+                case 'server_user':
+                    if (!empty($settings['crlref'])) {
+                        $crl = lookup_crl($settings['crlref']);
+                        crl_update($crl);
+                        $fpath = "/var/etc/openvpn/server{$settings['vpnid']}.crl-verify";
+                        file_put_contents($fpath, base64_decode($crl['text']));
+                        @chmod($fpath, 0644);
+                    }
+                    break;
+            }
+        }
+    }
 }
 
 
 
 function cert_unrevoke($cert, & $crl) {
-	global $config;
-	if (!is_crl_internal($crl))
-		return false;
-	foreach ($crl['cert'] as $id => $rcert) {
-		if (($rcert['refid'] == $cert['refid']) || ($rcert['descr'] == $cert['descr'])) {
-			unset($crl['cert'][$id]);
-			if (count($crl['cert']) == 0) {
-				// Protect against accidentally switching the type to imported, for older CRLs
-				if (!isset($crl['method']))
-					$crl['method'] = "internal";
-				crl_update($crl);
-			} else
-				crl_update($crl);
-			return true;
-		}
-	}
-	return false;
-}
+    global $config;
+    if (!is_crl_internal($crl)) {
+        return false;
+    }
 
-// Keep this general to allow for future expansion. See cert_in_use() above.
-function crl_in_use($crlref) {
-	return (is_openvpn_server_crl($crlref));
+    foreach ($crl['cert'] as $id => $rcert) {
+        if (($rcert['refid'] == $cert['refid']) || ($rcert['descr'] == $cert['descr'])) {
+            unset($crl['cert'][$id]);
+            if (count($crl['cert']) == 0) {
+                // Protect against accidentally switching the type to imported, for older CRLs
+                if (!isset($crl['method'])) {
+										$crl['method'] = "internal";
+								}
+                crl_update($crl);
+            } else {
+                crl_update($crl);
+            }
+            return true;
+        }
+    }
+    return false;
 }
-
+// openssl_crl_status messages from certs.inc
 global $openssl_crl_status;
 
-$crl_methods = array(
-    "internal" => gettext("Create an internal Certificate Revocation List"),
-    "existing" => gettext("Import an existing Certificate Revocation List"));
-
-if (isset($_GET['id']) && ctype_alnum($_GET['id'])) {
-    $id = $_GET['id'];
-} elseif (isset($_POST['id']) && ctype_alnum($_POST['id'])) {
-    $id = $_POST['id'];
-}
-
-if (!is_array($config['ca'])) {
+// prepare config types
+if (!isset($config['ca']) || !is_array($config['ca'])) {
     $config['ca'] = array();
 }
-
-$a_ca =& $config['ca'];
-
-if (!is_array($config['cert'])) {
+if (!isset($config['cert']) || !is_array($config['cert'])) {
     $config['cert'] = array();
 }
-
-$a_cert =& $config['cert'];
-
 if (!isset($config['crl']) || !is_array($config['crl'])) {
     $config['crl'] = array();
 }
-
 $a_crl =& $config['crl'];
 
-foreach ($a_crl as $cid => $acrl) {
-    if (!isset($acrl['refid'])) {
-        unset ($a_crl[$cid]);
-    }
-}
 
+$thiscrl = false;
 $act=null;
-if (isset($_GET['act'])) {
-	$act = $_GET['act'];
-} elseif (isset($_POST['act'])) {
-	$act = $_POST['act'];
-}
+if ($_SERVER['REQUEST_METHOD'] === 'GET') {
+    // locate cert by refid, returns false when not found
+    if (isset($_GET['id'])) {
+        $thiscrl =& lookup_crl($_GET['id']);
+        if ($thiscrl !== false) {
+            $id = $_GET['id'];
+        }
+    }
+    if (isset($_GET['act'])) {
+        $act = $_GET['act'];
+    }
 
-if (!empty($id)) {
-    $thiscrl =& lookup_crl($id);
-}
+    if ($act == "exp") {
+        crl_update($thiscrl);
+        $exp_name = urlencode("{$thiscrl['descr']}.crl");
+        $exp_data = base64_decode($thiscrl['text']);
+        $exp_size = strlen($exp_data);
 
-// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors.
-if (!isset($thiscrl) && (($act != "") && ($act != "new"))) {
-    header("Location: system_crlmanager.php");
-    $act="";
-    $savemsg = gettext("Invalid CRL reference.");
-}
+        header("Content-Type: application/octet-stream");
+        header("Content-Disposition: attachment; filename={$exp_name}");
+        header("Content-Length: $exp_size");
+        echo $exp_data;
+        exit;
+    } elseif ($act == "new") {
+        $pconfig = array();
+        $pconfig['descr'] = null;
+        $pconfig['crltext'] = null;
+        $pconfig['crlmethod'] = !empty($_GET['method']) ? $_GET['method'] : null;
+        $pconfig['caref'] = !empty($_GET['caref']) ? $_GET['caref'] : null;
+        $pconfig['lifetime'] = "9999";
+        $pconfig['serial'] = "0";
+    }
+} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
+		$pconfig = $_POST;
+    // locate cert by refid, returns false when not found
+    if (isset($_POST['id'])) {
+        $thiscrl =& lookup_crl($_POST['id']);
+        if ($thiscrl !== false) {
+            $id = $_POST['id'];
+        }
+    }
+    if (isset($_POST['act'])) {
+        $act = $_POST['act'];
+    }
 
-if ($act == "del") {
-    $name = $thiscrl['descr'];
-    if (crl_in_use($id)) {
-        $savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br />";
-    } else {
-        foreach ($a_crl as $cid => $acrl) {
-            if ($acrl['refid'] == $thiscrl['refid']) {
-                unset($a_crl[$cid]);
+    if ($act == "del" && isset($id)) {
+        $name = $thiscrl['descr'];
+        if (is_openvpn_server_crl($id)) {
+            $savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br />";
+        } else {
+            foreach ($a_crl as $cid => $acrl) {
+                if ($acrl['refid'] == $thiscrl['refid']) {
+                    unset($a_crl[$cid]);
+                }
+            }
+            write_config("Deleted CRL {$name}.");
+            header("Location: system_crlmanager.php");
+            exit;
+        }
+    } elseif ($act == "delcert" && isset($id)) {
+        if (!isset($thiscrl['cert']) || !is_array($thiscrl['cert'])) {
+            header("Location: system_crlmanager.php");
+            exit;
+        }
+        $found = false;
+        foreach ($thiscrl['cert'] as $acert) {
+            if ($acert['refid'] == $pconfig['certref']) {
+                $found = true;
+                $thiscert = $acert;
             }
         }
-        write_config("Deleted CRL {$name}.");
-        $savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br />";
-    }
-}
-
-if ($act == "new") {
-    if (isset($_GET['method'])) {
-        $pconfig['method'] = $_GET['method'];
-    } else {
-        $pconfig['method'] = null;
-    }
-    if (isset($_GET['caref'])) {
-        $pconfig['caref'] = $_GET['caref'];
-    } else {
-        $pconfig['caref'] = null;
-    }
-    $pconfig['lifetime'] = "9999";
-    $pconfig['serial'] = "0";
-}
-
-if ($act == "exp") {
-    crl_update($thiscrl);
-    $exp_name = urlencode("{$thiscrl['descr']}.crl");
-    $exp_data = base64_decode($thiscrl['text']);
-    $exp_size = strlen($exp_data);
-
-    header("Content-Type: application/octet-stream");
-    header("Content-Disposition: attachment; filename={$exp_name}");
-    header("Content-Length: $exp_size");
-    echo $exp_data;
-    exit;
-}
-
-if ($act == "addcert") {
-    if ($_POST) {
-        $input_errors = array();
-        $pconfig = $_POST;
-
-        if (!$pconfig['crlref'] || !$pconfig['certref']) {
+        if (!$found) {
+            header("Location: system_crlmanager.php");
+            exit;
+        }
+        $name = $thiscert['descr'];
+        if (cert_unrevoke($thiscert, $thiscrl)) {
+            openvpn_refresh_crls();
+            write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
+            header("Location: system_crlmanager.php");
+            exit;
+        } else {
+            $savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br />";
+        }
+        $act="edit";
+    } elseif ($act == "addcert") {
+				$input_errors = array();
+        if (!isset($id)) {
             header("Location: system_crlmanager.php");
             exit;
         }
 
         // certref, crlref
-        $crl =& lookup_crl($pconfig['crlref']);
+        $crl =& lookup_crl($id);
         $cert = lookup_cert($pconfig['certref']);
 
-        if (!$crl['caref'] || !$cert['caref']) {
+        if (empty($crl['caref']) || empty($cert['caref'])) {
             $input_errors[] = gettext("Both the Certificate and CRL must be specified.");
         }
 
@@ -217,556 +217,486 @@ if ($act == "addcert") {
             header("Location: system_crlmanager.php");
             exit;
         }
-    }
-}
-
-if ($act == "delcert") {
-    if (!is_array($thiscrl['cert'])) {
-        header("Location: system_crlmanager.php");
-        exit;
-    }
-    $found = false;
-    foreach ($thiscrl['cert'] as $acert) {
-        if ($acert['refid'] == $_GET['certref']) {
-            $found = true;
-            $thiscert = $acert;
-        }
-    }
-    if (!$found) {
-        header("Location: system_crlmanager.php");
-        exit;
-    }
-    $name = $thiscert['descr'];
-    if (cert_unrevoke($thiscert, $thiscrl)) {
-        $savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br />";
-        openvpn_refresh_crls();
-        write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
     } else {
-        $savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br />";
-    }
-    $act="edit";
-}
-
-if ($_POST) {
-    unset($input_errors);
-    $pconfig = $_POST;
-
-    /* input validation */
-    if (($pconfig['method'] == "existing") || ($act == "editimported")) {
-        $reqdfields = explode(" ", "descr crltext");
-        $reqdfieldsn = array(
-                gettext("Descriptive name"),
-                gettext("Certificate Revocation List data"));
-    }
-    if ($pconfig['method'] == "internal") {
-        $reqdfields = explode(
-            " ",
-            "descr caref"
-        );
-        $reqdfieldsn = array(
-                gettext("Descriptive name"),
-                gettext("Certificate Authority"));
-    }
-
-    do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
-
-    /* save modifications */
-    if (!$input_errors) {
-        $result = false;
-
-        if (isset($thiscrl)) {
-            $crl =& $thiscrl;
-        } else {
-            $crl = array();
-            $crl['refid'] = uniqid();
-        }
-
-        $crl['descr'] = $pconfig['descr'];
-        if ($act != "editimported") {
-            $crl['caref'] = $pconfig['caref'];
-            $crl['method'] = $pconfig['method'];
-        }
-
-        if (($pconfig['method'] == "existing") || ($act == "editimported")) {
-            $crl['text'] = base64_encode($pconfig['crltext']);
-        }
-
-        if ($pconfig['method'] == "internal") {
-            $crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
-            $crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
-            $crl['cert'] = array();
-        }
-
-        if (!isset($thiscrl)) {
-            $a_crl[] = $crl;
-        }
-
-        write_config("Saved CRL {$crl['descr']}");
-        openvpn_refresh_crls();
-        header("Location: system_crlmanager.php");
+        $input_errors = array();
+        $pconfig = $_POST;
+
+        /* input validation */
+        if (($pconfig['crlmethod'] == "existing") || ($act == "editimported")) {
+            $reqdfields = explode(" ", "descr crltext");
+            $reqdfieldsn = array(
+                    gettext("Descriptive name"),
+                    gettext("Certificate Revocation List data"));
+        } elseif ($pconfig['crlmethod'] == "internal") {
+            $reqdfields = explode(
+                " ",
+                "descr caref"
+            );
+            $reqdfieldsn = array(
+                    gettext("Descriptive name"),
+                    gettext("Certificate Authority"));
+        }
+
+        do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
+
+        /* save modifications */
+        if (count($input_errors) == 0) {
+            if (isset($id)) {
+                $crl =& $thiscrl;
+            } else {
+                $crl = array();
+                $crl['refid'] = uniqid();
+            }
+
+            foreach (array("descr", "caref", "crlmethod") as $fieldname) {
+                if (isset($pconfig[$fieldname])) {
+                    $crl[$fieldname] = $pconfig[$fieldname];
+                }
+            }
+
+            if (($pconfig['crlmethod'] == "existing") || ($act == "editimported")) {
+                $crl['text'] = base64_encode($pconfig['crltext']);
+            }
+
+            if ($pconfig['crlmethod'] == "internal") {
+                $crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
+                $crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
+                $crl['cert'] = array();
+            }
+
+            if (!isset($id)) {
+                $a_crl[] = $crl;
+            }
+
+            write_config("Saved CRL {$crl['descr']}");
+            openvpn_refresh_crls();
+            header("Location: system_crlmanager.php");
+            exit;
+        }
     }
+
 }
 
+legacy_html_escape_form_data($pconfig);
+legacy_html_escape_form_data($thiscrl);
 include("head.inc");
 ?>
 
 <body>
-    <?php include("fbegin.inc"); ?>
-    <script type="text/javascript">
-    //<![CDATA[
+  <script type="text/javascript">
 
-    function method_change() {
-
-	method = document.iform.method.value;
-
-	switch (method) {
-		case "internal":
-			document.getElementById("existing").style.display="none";
-			document.getElementById("internal").style.display="";
-			break;
-		case "existing":
-			document.getElementById("existing").style.display="";
-			document.getElementById("internal").style.display="none";
-			break;
-	}
-    }
-
-    //]]>
-    </script>
-
-
-<!-- row -->
-<section class="page-content-main">
-	<div class="container-fluid">
-
-        <div class="row">
-            <?php
-            if (isset($input_errors) && count($input_errors) > 0) {
-                print_input_errors($input_errors);
-            }
-            if (isset($savemsg)) {
-                print_info_box($savemsg);
-            }
-            ?>
-            <section class="col-xs-12">
-                <div class="content-box tab-content">
-
-				<?php if ($act == "new" || $act == gettext("Save") || (isset($input_errors) && count($input_errors)) ) :
-?>
-
-				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
-					<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" class="table table-striped">
-						<?php if (!isset($id)) :
-?>
-						<tr>
-							<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
-							<td width="78%" class="vtable">
-								<select name='method' id='method' class="formselect" onchange='method_change()'>
-								<?php
-                                    $rowIndex = 0;
-                                foreach ($crl_methods as $method => $desc) :
-                                    if (isset($_GET['importonly']) && ($_GET['importonly'] == "yes") && ($method != "existing")) {
-                                        continue;
-                                    }
-                                    $selected = "";
-                                    if (isset($pconfig['method']) && $pconfig['method'] == $method) {
-                                        $selected = "selected=\"selected\"";
-                                    }
-                                    $rowIndex++;
-                                ?>
-                                <option value="<?=$method;
-?>" <?=$selected;
-?>><?=$desc;?></option>
-								<?php
-                                endforeach;
-                                if ($rowIndex == 0) {
-                                    echo "<option></option>";
-                                }
-                                ?>
-								</select>
-							</td>
-						</tr>
-						<?php
-endif; ?>
-						<tr>
-							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
-							<td width="78%" class="vtable">
-								<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?php if (isset($pconfig['descr'])) echo htmlspecialchars($pconfig['descr']);?>"/>
-							</td>
-						</tr>
-						<tr>
-							<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Authority");?></td>
-							<td width="78%" class="vtable">
-								<select name='caref' id='caref' class="formselect">
-								<?php
-                                    $rowIndex = 0;
-                                foreach ($a_ca as $ca) :
-                                    $selected = "";
-                                    if ($pconfig['caref'] == $ca['refid']) {
-                                        $selected = "selected=\"selected\"";
-                                    }
-                                    $rowIndex++;
-                                ?>
-                                <option value="<?=$ca['refid'];
-?>" <?=$selected;
-?>><?=$ca['descr'];?></option>
-								<?php
-                                endforeach;
-                                if ($rowIndex == 0) {
-                                    echo "<option></option>";
-                                }
-                                ?>
-								</select>
-							</td>
-						</tr>
-					</table>
-
-					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing" summary="existing" class="table table-striped">
-						<thead>
-							<tr>
-								<th colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Revocation List");?></th>
-							</tr>
-						</thead>
-
-						<tbody>
-
-							<tr>
-								<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
-								<td width="78%" class="vtable">
-									<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?php if (isset($pconfig['crltext'])) echo $pconfig['crltext'];?></textarea>
-									<br />
-									<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?>
-								</td>
-							</tr>
-
-						</tbody>
-					</table>
-
-					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal" summary="internal" class="table table-striped">
-                            <thead>
-							<tr>
-								<th colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Revocation List");?></th>
-							</tr>
-                            </thead>
-
-                            <tbody>
-                                <tr>
-								<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
-								<td width="78%" class="vtable">
-									<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
-									<?=gettext("days");?><br />
-									<?=gettext("Default: 9999");?>
-								</td>
-							</tr>
-							<tr>
-								<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial");?></td>
-								<td width="78%" class="vtable">
-									<input name="serial" type="text" class="formfld unknown" id="serial" size="5" value="<?=htmlspecialchars($pconfig['serial']);?>"/>
-									<br />
-									<?=gettext("Default: 0");?>
-								</td>
-							</tr>
-					    </tbody>
-					</table>
-
-					<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="save" class="table table-striped">
-						<tr>
-							<td width="22%" valign="top">&nbsp;</td>
-							<td width="78%">
-								<input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
-								<?php if (isset($id) && $thiscrl) :
-?>
-								<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
-								<?php
-endif;?>
-							</td>
-						</tr>
-					</table>
-				</form>
-				<?php
-elseif ($act == "editimported") :
-?>
-
-				<?php	$crl = $thiscrl; ?>
-				<form action="system_crlmanager.php" method="post" name="iform" id="iform" class="table table-striped">
-					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="editimported" summary="import">
-						<tr>
-							<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Imported Certificate Revocation List");?></td>
-						</tr>
-						<tr>
-							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
-							<td width="78%" class="vtable">
-								<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($crl['descr']);?>"/>
-							</td>
-						</tr>
-						<tr>
-							<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
-							<td width="78%" class="vtable">
-								<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=base64_decode($crl['text']);?></textarea>
-								<br />
-								<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
-							</td>
-						</tr>
-						<tr>
-							<td width="22%" valign="top">&nbsp;</td>
-							<td width="78%">
-								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
-								<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
-								<input name="act" type="hidden" value="editimported" />
-							</td>
-						</tr>
-					</table>
-				</form>
-
-				<?php
-elseif ($act == "edit") :
-?>
-
-				<?php	$crl = $thiscrl; ?>
-				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
-				<table summary="revoke" class="table table-striped">
-					<thead>
-					<tr>
-						<th colspan="4"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th>
-					</tr>
-					<tr>
-						<th><b><?php echo gettext("Certificate Name")?></b></th>
-						<th><b><?php echo gettext("Revocation Reason")?></b></th>
-						<th><b><?php echo gettext("Revoked At")?></b></th>
-						<th></th>
-					</tr>
-					</thead>
-					<tbody>
-                        <?php /* List Certs on CRL */
-                        if (!isset($crl['cert']) || !is_array($crl['cert']) || (count($crl['cert']) == 0)) :
-?>
-                        <tr>
-                            <td colspan="4">
-                                <?php echo gettext("No Certificates Found for this CRL."); ?>
-                            </td>
-                        </tr>
-                            <?php
-                        else :
-                            foreach ($crl['cert'] as $i => $cert) :
-                                $name = htmlspecialchars($cert['descr']);
-                                ?>
-                            <tr>
-                                <td>
-                                    <?php echo $name; ?>
-						</td>
-						<td>
-            <?php echo $openssl_crl_status[$cert["reason"]]; ?>
-						</td>
-						<td>
-            <?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?>
-						</td>
-						<td>
-            <a href="system_crlmanager.php?act=delcert&amp;id=<?php echo $crl['refid']; ?>&amp;certref=<?php echo $cert['refid'];
-                        ?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("Delete this certificate from the CRL ");
-?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')" class="btn btn-default btn-xs">
-                <span class="glyphicon glyphicon-remove"></span>
-            </a>
-						</td>
-					</tr>
-					<?php
-                            endforeach;
-                        endif;
-                    ?>
-				<?php /* Drop-down with other certs from this CA. */
-                    // Map Certs to CAs in one pass
-                    $ca_certs = array();
-                foreach ($a_cert as $cert) {
-                    if (isset($cert['caref']) && isset($crl['caref'])  && $cert['caref'] == $crl['caref']) {
-                        $ca_certs[] = $cert;
-                    }
+  $( document ).ready(function() {
+    // delete cert revocation list
+    $(".act_delete").click(function(event){
+      event.preventDefault();
+      var id = $(this).data('id');
+      var descr = $(this).data('descr');
+      BootstrapDialog.show({
+        type:BootstrapDialog.TYPE_INFO,
+        title: "<?=gettext("Certificates");?>",
+        message: "<?=gettext("Do you really want to delete this Certificate Revocation List?");?> (" + descr + ")" ,
+        buttons: [{
+                  label: "<?=gettext("No");?>",
+                  action: function(dialogRef) {
+                    dialogRef.close();
+                  }}, {
+                  label: "<?=gettext("Yes");?>",
+                  action: function(dialogRef) {
+                    $("#id").val(id);
+                    $("#action").val("del");
+                    $("#iform").submit();
                 }
-                if (count($ca_certs) == 0) :
+              }]
+      });
+    });
+
+    // Delete certificate from CRL
+    $(".act_delete_cert").click(function(event){
+      event.preventDefault();
+      var id = $(this).data('id');
+      var certref = $(this).data('certref');
+      BootstrapDialog.show({
+        type:BootstrapDialog.TYPE_INFO,
+        title: "<?=gettext("Certificates");?>",
+        message: "<?=gettext("Delete this certificate from the CRL ");?>",
+        buttons: [{
+                  label: "<?=gettext("No");?>",
+                  action: function(dialogRef) {
+                    dialogRef.close();
+                  }}, {
+                  label: "<?=gettext("Yes");?>",
+                  action: function(dialogRef) {
+                    $("#id").val(id);
+                    $("#certref").val(certref);
+                    $("#action").val("delcert");
+                    $("#iform").submit();
+                }
+              }]
+      });
+    });
+
+		$("#crlmethod").change(function(){
+				$("#existing").addClass("hidden");
+				$("#internal").addClass("hidden");
+				if ($("#crlmethod").val() == "internal") {
+						$("#internal").removeClass("hidden");
+				} else {
+						$("#existing").removeClass("hidden");
+				};
+		});
+		$("#crlmethod").change();
+  });
+  </script>
+
+<?php include("fbegin.inc"); ?>
+
+
+<section class="page-content-main">
+  <div class="container-fluid">
+    <div class="row">
+<?php
+    if (isset($input_errors) && count($input_errors) > 0) {
+        print_input_errors($input_errors);
+    }
+    if (isset($savemsg)) {
+        print_info_box($savemsg);
+    }
 ?>
-					<tr>
-						<td colspan="4">
-							<?php echo gettext("No Certificates Found for this CA."); ?>
-						</td>
-					</tr>
-                        <?php
-                else :
-?>
-                    <tr>
-                    <th colspan="4">
-			<?=gettext("Revoke a Certificate"); ?>
-			</th>
-			</tr>
-					<tr>
-						<td>
-							<b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>:
-						</td>
-						<td colspan="3" align="left">
-							<select name='certref' id='certref' class="selectpicker" data-style="btn-default" data-live-search="true">
-                                <?php $rowIndex = 0;
-                                foreach ($ca_certs as $cert) :
-                                    $rowIndex++; ?>
-                                    <option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
-                                        <?php
-                                endforeach;
-                                if ($rowIndex == 0) {
-                                    echo "<option></option>";
-                                } ?>
-							</select>
-						</td>
-					</tr>
-					<tr>
-						<td>
-							<b><?php echo gettext("Reason");?></b>:
-						</td>
-						<td colspan="3" align="left">
-							<select name='crlreason' id='crlreason' class="selectpicker" data-style="btn-default">
-				<?php	$rowIndex = 0;
-                foreach ($openssl_crl_status as $code => $reason) :
-                    $rowIndex++; ?>
-							<option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option>
-                            <?php
+      <section class="col-xs-12">
+        <div class="content-box tab-content">
+<?php
+        if ($act == "new") :?>
+          <form method="post" name="iform" id="iform">
+            <input type="hidden" name="act" id="action" value="<?=$act;?>"/>
+            <table class="table table-striped">
+<?php
+              if (!isset($id)) :?>
+              <tr>
+                <td width="22%"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Method");?></td>
+                <td width="78%">
+                  <select name="crlmethod" id='crlmethod' class="formselect">
+                    <option value="internal" <?=$pconfig['crlmethod'] == "internal" ? "selected=\"selected\"" : "";?>><?=gettext("Create an internal Certificate Revocation List");?></option>
+                    <option value="existing" <?=$pconfig['crlmethod'] == "existing" ? "selected=\"selected\"" : "";?>><?=gettext("Import an existing Certificate Revocation List");?></option>
+                  </select>
+                </td>
+              </tr>
+<?php
+              endif; ?>
+              <tr>
+                <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Descriptive name");?></td>
+                <td>
+                  <input name="descr" type="text" id="descr" size="20" value="<?=$pconfig['descr'];?>"/>
+                </td>
+              </tr>
+              <tr>
+                <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Certificate Authority");?></td>
+                <td>
+                  <select name='caref' id='caref' class="selectpicker">
+<?php
+                  foreach ($config['ca'] as $ca):?>
+                    <option value="<?=$ca['refid'];?>" <?=$pconfig['caref'] == $ca['refid'] ? "selected=\"selected\"" : "";?>>
+                      <?=htmlentities($ca['descr']);?>
+                    </option>
+<?php
+                  endforeach;?>
+                  </select>
+                </td>
+              </tr>
+            </table>
+            <!-- import existing -->
+            <table id="existing" class="table table-striped">
+              <thead>
+                <tr>
+                  <th colspan="2"><?=gettext("Existing Certificate Revocation List");?></th>
+                </tr>
+              </thead>
+              <tbody>
+                <tr>
+                  <td width="22%"><a id="help_for_crltext" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("CRL data");?></td>
+                  <td width="78%">
+                    <textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea>
+                    <div class="hidden" for="help_for_crltext">
+                      <?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?>
+                    </div>
+                  </td>
+                </tr>
+              </tbody>
+            </table>
+            <!-- create internal -->
+            <table id="internal" class="table table-striped">
+              <thead>
+                <tr>
+                  <th colspan="2"><?=gettext("Internal Certificate Revocation List");?></th>
+                </tr>
+              </thead>
+              <tbody>
+                <tr>
+                  <td width="22%"><a id="help_for_lifetime" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Lifetime");?> (<?=gettext("days");?>)</td>
+                  <td width="78%">
+                    <input name="lifetime" type="text" id="lifetime" size="5" value="<?=$pconfig['lifetime'];?>"/>
+                    <div class="hidden" for="help_for_lifetime">
+                      <?=gettext("Default: 9999");?>
+                    </div>
+                  </td>
+                </tr>
+                <tr>
+                  <td><a id="help_for_serial" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Serial");?></td>
+                  <td>
+                    <input name="serial" type="text" id="serial" size="5" value="<?=$pconfig['serial'];?>"/>
+                    <div class="hidden" for="help_for_serial">
+                      <?=gettext("Default: 0");?>
+                    </div>
+                  </td>
+                </tr>
+              </tbody>
+            </table>
+
+            <table class="table table-striped">
+              <tr>
+                <td width="22%">&nbsp;</td>
+                <td width="78%">
+                  <input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
+<?php
+                  if (isset($id)) :?>
+                  <input name="id" type="hidden" value="<?=$id;?>" />
+<?php
+                  endif;?>
+                </td>
+              </tr>
+            </table>
+          </form>
+<?php
+          elseif ($act == "editimported") :?>
+          <form method="post" name="iform" id="iform">
+            <table id="editimported" class="table table-striped">
+              <tr>
+                <th colspan="2"><?=gettext("Edit Imported Certificate Revocation List");?></th>
+              </tr>
+              <tr>
+                <td width="22%"><i class="fa fa-info-circle text-muted"></i> <?=gettext("Descriptive name");?></td>
+                <td width="78%">
+                  <input name="descr" type="text" id="descr" size="20" value="<?=$thiscrl['descr'];?>"/>
+                </td>
+              </tr>
+              <tr>
+                <td><a id="help_for_crltext" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("CRL data");?></td>
+                <td>
+                  <textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$thiscrl['text'];?></textarea>
+                  <div class="hidden" for="help_for_crltext">
+                    <?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?>
+                  </div>
+                </td>
+              </tr>
+              <tr>
+                <td>&nbsp;</td>
+                <td>
+                  <input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
+                  <input name="id" type="hidden" value="<?=$id;?>" />
+                  <input name="act" type="hidden" value="<?=$act;?>" />
+                </td>
+              </tr>
+            </table>
+          </form>
+<?php
+          elseif ($act == "edit") :?>
+					<form method="post" name="iform" id="iform">
+            <input type="hidden" name="id" id="id" value=""/>
+            <input type="hidden" name="certref" id="certref" value=""/>
+            <input type="hidden" name="act" id="action" value=""/>
+					</form>
+          <form method="post">
+            <table class="table table-striped">
+              <thead>
+                <tr>
+                  <th colspan="4"><?=gettext("Currently Revoked Certificates for CRL");?> : <?=$thiscrl['descr'];?></th>
+                </tr>
+                <tr>
+                  <th><?=gettext("Certificate Name")?></th>
+                  <th><?=gettext("Revocation Reason")?></th>
+                  <th><?=gettext("Revoked At")?></th>
+                  <th></th>
+                </tr>
+              </thead>
+              <tbody>
+<?php /* List Certs on CRL */
+                if (!isset($thiscrl['cert']) || !is_array($thiscrl['cert']) || (count($thiscrl['cert']) == 0)) :?>
+                <tr>
+                  <td colspan="4">
+                      <?=gettext("No Certificates Found for this CRL."); ?>
+                  </td>
+                </tr>
+<?php
+              else :
+                foreach ($thiscrl['cert'] as $i => $cert) :?>
+                <tr>
+                  <td><?=$cert['descr']; ?></td>
+                  <td><?=$openssl_crl_status[$cert["reason"]]; ?></td>
+                  <td><?=date("D M j G:i:s T Y", $cert["revoke_time"]); ?></td>
+                  <td>
+                    <a id="del_cert_<?=$thiscrl['refid'];?>" data-id="<?=$thiscrl['refid'];?>" data-certref="<?=$cert['refid'];?>" title="<?=gettext("Delete this certificate from the CRL ");?>" data-toggle="tooltip"  class="act_delete_cert btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-remove"></span>
+                    </a>
+                  </td>
+                </tr>
+<?php
                 endforeach;
-                if ($rowIndex == 0) {
-                    echo "<option></option>";
-                } ?>
-							</select>
-						</td>
-					</tr>
-					<tr>
-						<td></td>
-						<td colspan="3" align="left">
-							<input name="act" type="hidden" value="addcert" />
-							<input name="crlref" type="hidden" value="<?=$crl['refid'];?>" />
-							<input name="id" type="hidden" value="<?=$crl['refid'];?>" />
-							<input id="submit" name="add" type="submit" class="formbtn btn btn-primary" value="<?=gettext("Add"); ?>" />
-						</td>
-					</tr>
-                        <?php
+              endif;
+              $ca_certs = array();
+              foreach ($config['cert'] as $cert) {
+                  if (isset($cert['caref']) && isset($thiscrl['caref'])  && $cert['caref'] == $thiscrl['caref']) {
+                      $ca_certs[] = $cert;
+                  }
+              }
+              if (count($ca_certs) == 0) :?>
+                <tr>
+                  <td colspan="4"><?=gettext("No Certificates Found for this CA."); ?></td>
+                </tr>
+<?php
+                else:?>
+                <tr>
+                  <th colspan="4"><?=gettext("Revoke a Certificate"); ?></th>
+                </tr>
+                <tr>
+                  <td>
+                    <b><?=gettext("Choose a Certificate to Revoke"); ?></b>:
+                  </td>
+                  <td colspan="3" align="left">
+                    <select name='certref' id='certref' class="selectpicker" data-style="btn-default" data-live-search="true">
+<?php
+                  foreach ($ca_certs as $cert) :?>
+                    <option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
+<?php
+                  endforeach;?>
+                    </select>
+                  </td>
+                </tr>
+                <tr>
+                  <td>
+                    <b><?=gettext("Reason");?></b>:
+                  </td>
+                  <td colspan="3" align="left">
+                    <select name='crlreason' id='crlreason' class="selectpicker" data-style="btn-default">
+<?php
+                  foreach ($openssl_crl_status as $code => $reason) :?>
+                    <option value="<?= $code ?>"><?=$reason?></option>
+<?php
+                  endforeach;?>
+                    </select>
+                  </td>
+                </tr>
+                <tr>
+                  <td></td>
+                  <td colspan="3" align="left">
+                    <input name="act" type="hidden" value="addcert" />
+                    <input name="id" type="hidden" value="<?=$thiscrl['refid'];?>" />
+                    <input id="submit" name="add" type="submit" class="formbtn btn btn-primary" value="<?=gettext("Add"); ?>" />
+                  </td>
+                </tr>
+<?php
                 endif; ?>
-					</tbody>
-				</table>
-				</form>
+              </tbody>
+            </table>
+          </form>
+<?php
+          else :?>
+          <form method="post" id="iform" class="table table-striped">
+            <input type="hidden" name="id" id="id" value=""/>
+            <input type="hidden" name="act" id="action" value=""/>
+            <table class="table table-striped">
+              <thead>
+                <tr>
+                  <td><?=gettext("Name");?></td>
+                  <td><?=gettext("Internal");?></td>
+                  <td><?=gettext("Certificates");?></td>
+                  <td><?=gettext("In Use");?></td>
+                  <td></td>
+                </tr>
+              </thead>
+              <tfoot>
+                <tr>
+                  <td colspan="5">
+                    <p>
+                      <?=gettext("Additional Certificate Revocation Lists can be added here.");?>
+                    </p>
+                  </td>
+                </tr>
+              </tfoot>
+              <tbody>
+<?php
+                // Map CRLs to CAs
+                $ca_crl_map = array();
+                foreach ($a_crl as $crl) {
+                    $ca_crl_map[$crl['caref']][] = $crl['refid'];
+                }
 
-				<?php
-else :
-?>
-
-				<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="ocpms" class="table table-striped">
-					<thead>
-					<tr>
-						<td width="35%" class="listhdrr"><?=gettext("Name");?></td>
-						<td width="10%" class="listhdrr"><?=gettext("Internal");?></td>
-						<td width="35%" class="listhdrr"><?=gettext("Certificates");?></td>
-						<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
-						<td width="10%" class="list"></td>
-					</tr>
-					</thead>
-					<tfoot>
-					<tr>
-						<td colspan="5">
-							<p>
-								<?=gettext("Additional Certificate Revocation Lists can be added here.");?>
-							</p>
-						</td>
-					</tr>
-					</tfoot>					<tbody>
-					<?php
-                        // Map CRLs to CAs in one pass
-                        $ca_crl_map = array();
-                    foreach ($a_crl as $crl) {
-                        $ca_crl_map[$crl['caref']][] = $crl['refid'];
-                    }
-
-                        $i = 0;
-                    foreach ($a_ca as $ca) :
-                        $name = htmlspecialchars($ca['descr']);
-
-                        if ($ca['prv']) {
-                            $cainternal = "YES";
-                        } else {
-                            $cainternal = "NO";
-                        }
-                    ?>
-					<tr>
-                    <td class="listlr" colspan="4">
-                        <?=$name;?>
-                    </td>
-                    <td class="list">
-                    <?php if ($cainternal == "YES") :
-?>
-							<a href="system_crlmanager.php?act=new&amp;caref=<?php echo $ca['refid']; ?>" data-toggle="tooltip" data-placement="left" title="<?php printf(gettext("Add or Import CRL for %s"), $ca['descr']);?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a>
-						<?php
-else :
-?>
-							<a href="system_crlmanager.php?act=new&amp;caref=<?php echo $ca['refid']; ?>&amp;importonly=yes" data-toggle="tooltip" data-placement="left" title="<?php printf(gettext("Import CRL for %s"), $ca['descr']);?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-plus"></span></a>
-						<?php
-endif; ?>
-                    </td>
-					</tr>
-
-                    <?php
-                    if (isset($ca_crl_map[$ca['refid']]) && is_array($ca_crl_map[$ca['refid']])) :
-                        foreach ($ca_crl_map[$ca['refid']] as $crl) :
-                            $tmpcrl = lookup_crl($crl);
-                            $internal = is_crl_internal($tmpcrl);
-                            $inuse = crl_in_use($tmpcrl['refid']);
-                        ?>
-					<tr>
-						<td class="listlr"><?php echo $tmpcrl['descr']; ?></td>
-						<td class="listr"><?php echo ($internal) ? gettext("YES") : gettext("NO"); ?></td>
-						<td class="listr"><?php echo ($internal) ? (isset($tmpcrl['cert']) && count($tmpcrl['cert'])) : gettext("Unknown (imported)"); ?></td>
-						<td class="listr"><?php echo ($inuse) ? gettext("YES") : gettext("NO"); ?></td>
-						<td valign="middle" class="list nowrap">
-                        <a href="system_crlmanager.php?act=exp&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
-                            <span class="glyphicon glyphicon-export" data-toggle="tooltip" data-placement="left" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
-                        </a>
-                        <?php if ($internal) :
-?>
-							<a href="system_crlmanager.php?act=edit&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
-								<span class="glyphicon glyphicon-edit" data-toggle="tooltip" data-placement="left" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
-				            </a>
-							<?php
-else :
-?>
-							<a href="system_crlmanager.php?act=editimported&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
-								<span class="glyphicon glyphicon-edit" data-toggle="tooltip" data-placement="left" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
-                                </a>
-							<?php
-endif; ?>
-                        <?php if (!$inuse) :
-?>
-							<a href="system_crlmanager.php?act=del&amp;id=<?=$tmpcrl['refid'];
-?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')"  class="btn btn-default btn-xs">
-								<span class="glyphicon glyphicon-remove" data-toggle="tooltip" data-placement="left" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
-							</a>
-							<?php
-endif; ?>
-						</td>
-					</tr>
-						<?php $i++;
-
-                        endforeach;
-
-                    endif; ?>
-					<tr><td colspan="5">&nbsp;</td></tr>
-					<?php $i++;
-
-                    endforeach; ?>
-					</tbody>
-				</table>
-
-                <?php
-endif; ?>
-
-                </div>
-            </section>
+                foreach ($config['ca'] as $ca) :?>
+                <tr>
+                  <td colspan="4"> <?=htmlspecialchars($ca['descr']);?></td>
+                  <td>
+<?php
+                  if (!empty($ca['prv'])) :?>
+                    <a href="system_crlmanager.php?act=new&amp;caref=<?=$ca['refid']; ?>" data-toggle="tooltip" data-placement="left" title="<?php printf(gettext("Add or Import CRL for %s"), htmlspecialchars($ca['descr']));?>" class="btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-plus"></span>
+                    </a>
+<?php
+                  else :?>
+                    <a href="system_crlmanager.php?act=new&amp;caref=<?=$ca['refid']; ?>&amp;importonly=yes" data-toggle="tooltip" data-placement="left" title="<?php printf(gettext("Import CRL for %s"), htmlspecialchars($ca['descr']));?>" class="btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-plus"></span>
+                    </a>
+<?php
+                  endif;?>
+                  </td>
+                </tr>
+<?php
+                  if (isset($ca_crl_map[$ca['refid']]) && is_array($ca_crl_map[$ca['refid']])):
+                    foreach ($ca_crl_map[$ca['refid']] as $crl):
+                        $tmpcrl = lookup_crl($crl);
+                        $internal = is_crl_internal($tmpcrl);
+                        $inuse = is_openvpn_server_crl($tmpcrl['refid']);?>
+                <tr>
+                  <td><?=htmlspecialchars($tmpcrl['descr']); ?></td>
+                  <td><?=$internal ? gettext("YES") : gettext("NO"); ?></td>
+                  <td><?=$internal ? (isset($tmpcrl['cert']) && count($tmpcrl['cert'])) : gettext("Unknown (imported)"); ?></td>
+                  <td><?=$inuse ? gettext("YES") : gettext("NO"); ?></td>
+                  <td>
+                    <a href="system_crlmanager.php?act=exp&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
+                        <span class="glyphicon glyphicon-export" data-toggle="tooltip" data-placement="left" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
+                    </a>
+<?php
+                  if ($internal) :?>
+                    <a href="system_crlmanager.php?act=edit&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-edit" data-toggle="tooltip" data-placement="left" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
+                    </a>
+<?php
+                  else :?>
+                    <a href="system_crlmanager.php?act=editimported&amp;id=<?=$tmpcrl['refid'];?>" class="btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-edit" data-toggle="tooltip" data-placement="left" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>"></span>
+                    </a>
+<?php
+                  endif; ?>
+<?php
+                  if (!$inuse) :?>
+                    <a id="del_<?=$tmpcrl['refid'];?>" data-descr="<?=htmlspecialchars($tmpcrl['descr']);?>" data-id="<?=$tmpcrl['refid'];?>" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" data-toggle="tooltip"  class="act_delete btn btn-default btn-xs">
+                      <span class="glyphicon glyphicon-remove"></span>
+                    </a>
+<?php
+                  endif; ?>
+                  </td>
+                </tr>
+<?php
+                    endforeach;
+                  endif; ?>
+                <tr><td colspan="5">&nbsp;</td></tr>
+<?php
+                endforeach; ?>
+              </tbody>
+            </table>
+          </form>
+<?php
+        endif; ?>
         </div>
-	</div>
+      </section>
+    </div>
+  </div>
 </section>
-
-<script type="text/javascript">
-//<![CDATA[
-method_change();
-//]]>
-</script>
-
 <?php include("foot.inc");