Merge branch 'sync-upstream'
This commit is contained in:
Fu Diwei
@@ -1,4 +1,4 @@
|
||||
package onepanelssl
|
||||
package onepanelssl
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
opsdk "github.com/usual2970/certimate/internal/pkg/vendors/1panel-sdk"
|
||||
opsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/1panel"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -56,9 +56,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 遍历证书列表,避免重复上传
|
||||
if res, err := u.getCertIfExists(ctx, certPem, privkeyPem); err != nil {
|
||||
if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res != nil {
|
||||
u.logger.Info("ssl certificate already exists")
|
||||
@@ -72,8 +72,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
uploadWebsiteSSLReq := &opsdk.UploadWebsiteSSLRequest{
|
||||
Type: "paste",
|
||||
Description: certName,
|
||||
Certificate: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadWebsiteSSLResp, err := u.sdkClient.UploadWebsiteSSL(uploadWebsiteSSLReq)
|
||||
u.logger.Debug("sdk request '1panel.UploadWebsiteSSL'", slog.Any("request", uploadWebsiteSSLReq), slog.Any("response", uploadWebsiteSSLResp))
|
||||
@@ -82,7 +82,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
|
||||
// 遍历证书列表,获取刚刚上传证书 ID
|
||||
if res, err := u.getCertIfExists(ctx, certPem, privkeyPem); err != nil {
|
||||
if res, err := u.getCertIfExists(ctx, certPEM, privkeyPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res == nil {
|
||||
return nil, fmt.Errorf("no ssl certificate found, may be upload failed (code: %d, message: %s)", uploadWebsiteSSLResp.GetCode(), uploadWebsiteSSLResp.GetMessage())
|
||||
@@ -91,7 +91,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
searchWebsiteSSLPageNumber := int32(1)
|
||||
searchWebsiteSSLPageSize := int32(100)
|
||||
for {
|
||||
@@ -106,8 +106,8 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string,
|
||||
}
|
||||
|
||||
for _, sslItem := range searchWebsiteSSLResp.Data.Items {
|
||||
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPem) &&
|
||||
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPem) {
|
||||
if strings.TrimSpace(sslItem.PEM) == strings.TrimSpace(certPEM) &&
|
||||
strings.TrimSpace(sslItem.PrivateKey) == strings.TrimSpace(privkeyPEM) {
|
||||
// 如果已存在相同证书,直接返回
|
||||
return &uploader.UploadResult{
|
||||
CertId: fmt.Sprintf("%d", sslItem.ID),
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package onepanelssl_test
|
||||
package onepanelssl_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package aliyuncas
|
||||
package aliyuncas
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -13,7 +13,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -59,9 +59,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -99,7 +99,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
|
||||
var isSameCert bool
|
||||
if *getUserCertificateDetailResp.Body.Cert == certPem {
|
||||
if *getUserCertificateDetailResp.Body.Cert == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(*getUserCertificateDetailResp.Body.Cert)
|
||||
@@ -139,8 +139,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// REF: https://help.aliyun.com/zh/ssl-certificate/developer-reference/api-cas-2020-04-07-uploadusercertificate
|
||||
uploadUserCertificateReq := &alicas.UploadUserCertificateRequest{
|
||||
Name: tea.String(certName),
|
||||
Cert: tea.String(certPem),
|
||||
Key: tea.String(privkeyPem),
|
||||
Cert: tea.String(certPEM),
|
||||
Key: tea.String(privkeyPEM),
|
||||
}
|
||||
uploadUserCertificateResp, err := u.sdkClient.UploadUserCertificate(uploadUserCertificateReq)
|
||||
u.logger.Debug("sdk request 'cas.UploadUserCertificate'", slog.Any("request", uploadUserCertificateReq), slog.Any("response", uploadUserCertificateResp))
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package aliyunslb
|
||||
package aliyunslb
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -16,7 +16,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -62,9 +62,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -105,16 +105,16 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// 去除证书和私钥内容中的空白行,以符合阿里云 API 要求
|
||||
// REF: https://github.com/usual2970/certimate/issues/326
|
||||
re := regexp.MustCompile(`(?m)^\s*$\n?`)
|
||||
certPem = strings.TrimSpace(re.ReplaceAllString(certPem, ""))
|
||||
privkeyPem = strings.TrimSpace(re.ReplaceAllString(privkeyPem, ""))
|
||||
certPEM = strings.TrimSpace(re.ReplaceAllString(certPEM, ""))
|
||||
privkeyPEM = strings.TrimSpace(re.ReplaceAllString(privkeyPEM, ""))
|
||||
|
||||
// 上传新证书
|
||||
// REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate
|
||||
uploadServerCertificateReq := &alislb.UploadServerCertificateRequest{
|
||||
RegionId: tea.String(u.config.Region),
|
||||
ServerCertificateName: tea.String(certName),
|
||||
ServerCertificate: tea.String(certPem),
|
||||
PrivateKey: tea.String(privkeyPem),
|
||||
ServerCertificate: tea.String(certPEM),
|
||||
PrivateKey: tea.String(privkeyPEM),
|
||||
}
|
||||
uploadServerCertificateResp, err := u.sdkClient.UploadServerCertificate(uploadServerCertificateReq)
|
||||
u.logger.Debug("sdk request 'slb.UploadServerCertificate'", slog.Any("request", uploadServerCertificateReq), slog.Any("response", uploadServerCertificateResp))
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package awsacm
|
||||
package awsacm
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
"golang.org/x/exp/slices"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -58,16 +58,16 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// 生成 AWS 业务参数
|
||||
scertPem, _ := certutil.ConvertCertificateToPEM(certX509)
|
||||
bcertPem := certPem
|
||||
scertPEM, _ := certutil.ConvertCertificateToPEM(certX509)
|
||||
bcertPEM := certPEM
|
||||
|
||||
// 获取证书列表,避免重复上传
|
||||
// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ListCertificates.html
|
||||
@@ -107,12 +107,12 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
if err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'acm.GetCertificate'")
|
||||
} else {
|
||||
oldCertPem := aws.ToString(getCertificateResp.CertificateChain)
|
||||
if oldCertPem == "" {
|
||||
oldCertPem = aws.ToString(getCertificateResp.Certificate)
|
||||
oldCertPEM := aws.ToString(getCertificateResp.CertificateChain)
|
||||
if oldCertPEM == "" {
|
||||
oldCertPEM = aws.ToString(getCertificateResp.Certificate)
|
||||
}
|
||||
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPem)
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(oldCertPEM)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
@@ -139,9 +139,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// 导入证书
|
||||
// REF: https://docs.aws.amazon.com/en_us/acm/latest/APIReference/API_ImportCertificate.html
|
||||
importCertificateReq := &awsacm.ImportCertificateInput{
|
||||
Certificate: ([]byte)(scertPem),
|
||||
CertificateChain: ([]byte)(bcertPem),
|
||||
PrivateKey: ([]byte)(privkeyPem),
|
||||
Certificate: ([]byte)(scertPEM),
|
||||
CertificateChain: ([]byte)(bcertPEM),
|
||||
PrivateKey: ([]byte)(privkeyPEM),
|
||||
}
|
||||
importCertificateResp, err := u.sdkClient.ImportCertificate(context.TODO(), importCertificateReq)
|
||||
u.logger.Debug("sdk request 'acm.ImportCertificate'", slog.Any("request", importCertificateReq), slog.Any("response", importCertificateResp))
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package azurekeyvault
|
||||
package azurekeyvault
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -15,8 +15,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
azcommon "github.com/usual2970/certimate/internal/pkg/vendors/azure-sdk/common"
|
||||
azcommon "github.com/usual2970/certimate/internal/pkg/sdk3rd/azure/common"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -66,9 +66,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -145,7 +145,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// Azure Key Vault 不支持导入带有 Certificiate Chain 的 PEM 证书。
|
||||
// Issue Link: https://github.com/Azure/azure-cli/issues/19017
|
||||
// 暂时的解决方法是,将 PEM 证书转换成 PFX 格式,然后再导入。
|
||||
certPfx, err := certutil.TransformCertificateFromPEMToPFX(certPem, privkeyPem, "")
|
||||
certPFX, err := certutil.TransformCertificateFromPEMToPFX(certPEM, privkeyPEM, "")
|
||||
if err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to transform certificate from PEM to PFX")
|
||||
}
|
||||
@@ -153,7 +153,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// 导入证书
|
||||
// REF: https://learn.microsoft.com/en-us/rest/api/keyvault/certificates/import-certificate/import-certificate
|
||||
importCertificateParams := azcertificates.ImportCertificateParameters{
|
||||
Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPfx)),
|
||||
Base64EncodedCertificate: to.Ptr(base64.StdEncoding.EncodeToString(certPFX)),
|
||||
CertificatePolicy: &azcertificates.CertificatePolicy{
|
||||
SecretProperties: &azcertificates.SecretProperties{
|
||||
ContentType: to.Ptr("application/x-pkcs12"),
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package azurekeyvault_test
|
||||
package azurekeyvault_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package baiducloudcert
|
||||
package baiducloudcert
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -10,8 +10,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
bdsdk "github.com/usual2970/certimate/internal/pkg/vendors/baiducloud-sdk/cert"
|
||||
bdsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/baiducloud/cert"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -55,9 +55,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -115,8 +115,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// REF: https://cloud.baidu.com/doc/Reference/s/Gjwvz27xu#31-%E5%88%9B%E5%BB%BA%E8%AF%81%E4%B9%A6
|
||||
createCertReq := &bdsdk.CreateCertArgs{}
|
||||
createCertReq.CertName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
|
||||
createCertReq.CertServerData = certPem
|
||||
createCertReq.CertPrivateData = privkeyPem
|
||||
createCertReq.CertServerData = certPEM
|
||||
createCertReq.CertPrivateData = privkeyPEM
|
||||
createCertResp, err := u.sdkClient.CreateCert(createCertReq)
|
||||
u.logger.Debug("sdk request 'cert.CreateCert'", slog.Any("request", createCertReq), slog.Any("response", createCertResp))
|
||||
if err != nil {
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package baiducloudcert_test
|
||||
package baiducloudcert_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -14,7 +14,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -57,9 +57,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -114,8 +114,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// 上传新证书
|
||||
// REF: https://docs.byteplus.com/en/docs/byteplus-cdn/reference-addcertificate
|
||||
addCertificateReq := &bytepluscdn.AddCertificateRequest{
|
||||
Certificate: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
Source: bytepluscdn.GetStrPtr("cert_center"),
|
||||
Desc: bytepluscdn.GetStrPtr(certName),
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package dogecloud
|
||||
package dogecloud
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -9,7 +9,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
dogesdk "github.com/usual2970/certimate/internal/pkg/vendors/dogecloud-sdk"
|
||||
dogesdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/dogecloud"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -53,14 +53,14 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 生成新证书名(需符合多吉云命名规则)
|
||||
var certId, certName string
|
||||
certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
|
||||
|
||||
// 上传新证书
|
||||
// REF: https://docs.dogecloud.com/cdn/api-cert-upload
|
||||
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPem, privkeyPem)
|
||||
uploadSslCertResp, err := u.sdkClient.UploadCdnCert(certName, certPEM, privkeyPEM)
|
||||
u.logger.Debug("sdk request 'cdn.UploadCdnCert'", slog.Any("response", uploadSslCertResp))
|
||||
if err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadCdnCert'")
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package gcorecdn
|
||||
package gcorecdn
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
gcoresdk "github.com/usual2970/certimate/internal/pkg/vendors/gcore-sdk/common"
|
||||
gcoresdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/gcore/common"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -54,7 +54,7 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 生成新证书名(需符合 Gcore 命名规则)
|
||||
var certId, certName string
|
||||
certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli())
|
||||
@@ -63,8 +63,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// REF: https://api.gcore.com/docs/cdn#tag/CA-certificates/operation/ca_certificates-add
|
||||
createCertificateReq := &gsslcerts.CreateRequest{
|
||||
Name: certName,
|
||||
Cert: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Cert: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
Automated: false,
|
||||
ValidateRootCA: false,
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package huaweicloudelb
|
||||
package huaweicloudelb
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -18,8 +18,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -65,9 +65,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -91,7 +91,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
if listCertificatesResp.Certificates != nil {
|
||||
for _, certDetail := range *listCertificatesResp.Certificates {
|
||||
var isSameCert bool
|
||||
if certDetail.Certificate == certPem {
|
||||
if certDetail.Certificate == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(certDetail.Certificate)
|
||||
@@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
Certificate: &hcelbmodel.CreateCertificateOption{
|
||||
ProjectId: hwsdk.StringPtr(projectId),
|
||||
Name: hwsdk.StringPtr(certName),
|
||||
Certificate: hwsdk.StringPtr(certPem),
|
||||
PrivateKey: hwsdk.StringPtr(privkeyPem),
|
||||
Certificate: hwsdk.StringPtr(certPEM),
|
||||
PrivateKey: hwsdk.StringPtr(privkeyPEM),
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package huaweicloudscm
|
||||
package huaweicloudscm
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -13,8 +13,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -60,9 +60,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -100,7 +100,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
|
||||
var isSameCert bool
|
||||
if *exportCertificateResp.Certificate == certPem {
|
||||
if *exportCertificateResp.Certificate == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(*exportCertificateResp.Certificate)
|
||||
@@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
importCertificateReq := &hcscmmodel.ImportCertificateRequest{
|
||||
Body: &hcscmmodel.ImportCertificateRequestBody{
|
||||
Name: certName,
|
||||
Certificate: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
},
|
||||
}
|
||||
importCertificateResp, err := u.sdkClient.ImportCertificate(importCertificateReq)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package huaweicloudwaf
|
||||
package huaweicloudwaf
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -18,8 +18,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/vendors/huaweicloud-sdk"
|
||||
hwsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/huaweicloud"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -65,9 +65,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -100,7 +100,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
|
||||
var isSameCert bool
|
||||
if *showCertificateResp.Content == certPem {
|
||||
if *showCertificateResp.Content == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(*showCertificateResp.Content)
|
||||
@@ -138,8 +138,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
createCertificateReq := &hcwafmodel.CreateCertificateRequest{
|
||||
Body: &hcwafmodel.CreateCertificateRequestBody{
|
||||
Name: certName,
|
||||
Content: certPem,
|
||||
Key: privkeyPem,
|
||||
Content: certPEM,
|
||||
Key: privkeyPEM,
|
||||
},
|
||||
}
|
||||
createCertificateResp, err := u.sdkClient.CreateCertificate(createCertificateReq)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package jdcloudssl
|
||||
package jdcloudssl
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -16,7 +16,7 @@ import (
|
||||
"golang.org/x/exp/slices"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -60,18 +60,18 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// 格式化私钥内容,以便后续计算私钥摘要
|
||||
privkeyPem = strings.TrimSpace(privkeyPem)
|
||||
privkeyPem = strings.ReplaceAll(privkeyPem, "\r", "")
|
||||
privkeyPem = strings.ReplaceAll(privkeyPem, "\n", "\r\n")
|
||||
privkeyPem = privkeyPem + "\r\n"
|
||||
privkeyPEM = strings.TrimSpace(privkeyPEM)
|
||||
privkeyPEM = strings.ReplaceAll(privkeyPEM, "\r", "")
|
||||
privkeyPEM = strings.ReplaceAll(privkeyPEM, "\n", "\r\n")
|
||||
privkeyPEM = privkeyPEM + "\r\n"
|
||||
|
||||
// 遍历查看证书列表,避免重复上传
|
||||
// REF: https://docs.jdcloud.com/cn/ssl-certificate/api/describecerts
|
||||
@@ -107,7 +107,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
|
||||
// 最后对比私钥摘要
|
||||
newKeyDigest := sha256.Sum256([]byte(privkeyPem))
|
||||
newKeyDigest := sha256.Sum256([]byte(privkeyPEM))
|
||||
newKeyDigestHex := hex.EncodeToString(newKeyDigest[:])
|
||||
if !strings.EqualFold(newKeyDigestHex, certDetail.Digest) {
|
||||
continue
|
||||
@@ -133,7 +133,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
|
||||
// 上传证书
|
||||
// REF: https://docs.jdcloud.com/cn/ssl-certificate/api/uploadcert
|
||||
uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPem, certPem)
|
||||
uploadCertReq := jdsslapi.NewUploadCertRequest(certName, privkeyPEM, certPEM)
|
||||
uploadCertResp, err := u.sdkClient.UploadCert(uploadCertReq)
|
||||
u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertReq), slog.Any("response", uploadCertResp))
|
||||
if err != nil {
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package jdcloudssl_test
|
||||
package jdcloudssl_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package qiniusslcert
|
||||
package qiniusslcert
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -11,8 +11,8 @@ import (
|
||||
"github.com/qiniu/go-sdk/v7/auth"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
qiniusdk "github.com/usual2970/certimate/internal/pkg/vendors/qiniu-sdk"
|
||||
qiniusdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/qiniu"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -56,9 +56,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -69,7 +69,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
|
||||
// 上传新证书
|
||||
// REF: https://developer.qiniu.com/fusion/8593/interface-related-certificate
|
||||
uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPem, privkeyPem)
|
||||
uploadSslCertResp, err := u.sdkClient.UploadSslCert(context.TODO(), certName, certX509.Subject.CommonName, certPEM, privkeyPEM)
|
||||
u.logger.Debug("sdk request 'cdn.UploadSslCert'", slog.Any("response", uploadSslCertResp))
|
||||
if err != nil {
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'cdn.UploadSslCert'")
|
||||
|
||||
@@ -10,8 +10,8 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
rainyunsdk "github.com/usual2970/certimate/internal/pkg/vendors/rainyun-sdk"
|
||||
rainyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/rainyun"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -53,8 +53,8 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
if res, err := u.getCertIfExists(ctx, certPem); err != nil {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
if res, err := u.getCertIfExists(ctx, certPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res != nil {
|
||||
u.logger.Info("ssl certificate already exists")
|
||||
@@ -64,8 +64,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// SSL 证书上传
|
||||
// REF: https://apifox.com/apidoc/shared/a4595cc8-44c5-4678-a2a3-eed7738dab03/api-69943046
|
||||
sslCenterCreateReq := &rainyunsdk.SslCenterCreateRequest{
|
||||
Cert: certPem,
|
||||
Key: privkeyPem,
|
||||
Cert: certPEM,
|
||||
Key: privkeyPEM,
|
||||
}
|
||||
sslCenterCreateResp, err := u.sdkClient.SslCenterCreate(sslCenterCreateReq)
|
||||
u.logger.Debug("sdk request 'sslcenter.Create'", slog.Any("request", sslCenterCreateReq), slog.Any("response", sslCenterCreateResp))
|
||||
@@ -73,7 +73,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
return nil, xerrors.Wrap(err, "failed to execute sdk request 'sslcenter.Create'")
|
||||
}
|
||||
|
||||
if res, err := u.getCertIfExists(ctx, certPem); err != nil {
|
||||
if res, err := u.getCertIfExists(ctx, certPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res == nil {
|
||||
return nil, errors.New("rainyun sslcenter: no certificate found")
|
||||
@@ -82,9 +82,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -128,7 +128,7 @@ func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string)
|
||||
|
||||
var isSameCert bool
|
||||
if sslCenterGetResp.Data != nil {
|
||||
if sslCenterGetResp.Data.Cert == certPem {
|
||||
if sslCenterGetResp.Data.Cert == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(sslCenterGetResp.Data.Cert)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package rainyunsslcenter_test
|
||||
package rainyunsslcenter_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package tencentcloudssl
|
||||
package tencentcloudssl
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -53,12 +53,12 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 上传新证书
|
||||
// REF: https://cloud.tencent.com/document/product/400/41665
|
||||
uploadCertificateReq := tcssl.NewUploadCertificateRequest()
|
||||
uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPem)
|
||||
uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPem)
|
||||
uploadCertificateReq.CertificatePublicKey = common.StringPtr(certPEM)
|
||||
uploadCertificateReq.CertificatePrivateKey = common.StringPtr(privkeyPEM)
|
||||
uploadCertificateReq.Repeatable = common.BoolPtr(false)
|
||||
uploadCertificateResp, err := u.sdkClient.UploadCertificate(uploadCertificateReq)
|
||||
u.logger.Debug("sdk request 'ssl.UploadCertificate'", slog.Any("request", uploadCertificateReq), slog.Any("response", uploadCertificateResp))
|
||||
|
||||
@@ -17,8 +17,8 @@ import (
|
||||
ucloudauth "github.com/ucloud/ucloud-sdk-go/ucloud/auth"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
usslsdk "github.com/usual2970/certimate/internal/pkg/vendors/ucloud-sdk/ussl"
|
||||
usslsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/ucloud/ussl"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -64,23 +64,23 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 生成新证书名(需符合优刻得命名规则)
|
||||
var certId, certName string
|
||||
certName = fmt.Sprintf("certimate-%d", time.Now().UnixMilli())
|
||||
|
||||
// 生成优刻得所需的证书参数
|
||||
certPemBase64 := base64.StdEncoding.EncodeToString([]byte(certPem))
|
||||
privkeyPemBase64 := base64.StdEncoding.EncodeToString([]byte(privkeyPem))
|
||||
certMd5 := md5.Sum([]byte(certPemBase64 + privkeyPemBase64))
|
||||
certPEMBase64 := base64.StdEncoding.EncodeToString([]byte(certPEM))
|
||||
privkeyPEMBase64 := base64.StdEncoding.EncodeToString([]byte(privkeyPEM))
|
||||
certMd5 := md5.Sum([]byte(certPEMBase64 + privkeyPEMBase64))
|
||||
certMd5Hex := hex.EncodeToString(certMd5[:])
|
||||
|
||||
// 上传托管证书
|
||||
// REF: https://docs.ucloud.cn/api/usslcertificate-api/upload_normal_certificate
|
||||
uploadNormalCertificateReq := u.sdkClient.NewUploadNormalCertificateRequest()
|
||||
uploadNormalCertificateReq.CertificateName = ucloud.String(certName)
|
||||
uploadNormalCertificateReq.SslPublicKey = ucloud.String(certPemBase64)
|
||||
uploadNormalCertificateReq.SslPrivateKey = ucloud.String(privkeyPemBase64)
|
||||
uploadNormalCertificateReq.SslPublicKey = ucloud.String(certPEMBase64)
|
||||
uploadNormalCertificateReq.SslPrivateKey = ucloud.String(privkeyPEMBase64)
|
||||
uploadNormalCertificateReq.SslMD5 = ucloud.String(certMd5Hex)
|
||||
if u.config.ProjectId != "" {
|
||||
uploadNormalCertificateReq.ProjectId = ucloud.String(u.config.ProjectId)
|
||||
@@ -89,7 +89,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
u.logger.Debug("sdk request 'ussl.UploadNormalCertificate'", slog.Any("request", uploadNormalCertificateReq), slog.Any("response", uploadNormalCertificateResp))
|
||||
if err != nil {
|
||||
if uploadNormalCertificateResp != nil && uploadNormalCertificateResp.GetRetCode() == 80035 {
|
||||
if res, err := u.getCertIfExists(ctx, certPem); err != nil {
|
||||
if res, err := u.getCertIfExists(ctx, certPEM); err != nil {
|
||||
return nil, err
|
||||
} else if res == nil {
|
||||
return nil, errors.New("ucloud ssl: no certificate found")
|
||||
@@ -112,9 +112,9 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) getCertIfExists(ctx context.Context, certPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package ucloudussl_test
|
||||
package ucloudussl_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package upyunssl
|
||||
package upyunssl
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -8,7 +8,7 @@ import (
|
||||
xerrors "github.com/pkg/errors"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
upyunsdk "github.com/usual2970/certimate/internal/pkg/vendors/upyun-sdk/console"
|
||||
upyunsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/upyun/console"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -52,11 +52,11 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 上传证书
|
||||
uploadHttpsCertificateReq := &upyunsdk.UploadHttpsCertificateRequest{
|
||||
Certificate: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
}
|
||||
uploadHttpsCertificateResp, err := u.sdkClient.UploadHttpsCertificate(uploadHttpsCertificateReq)
|
||||
u.logger.Debug("sdk request 'console.UploadHttpsCertificate'", slog.Any("response", uploadHttpsCertificateResp))
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package upyunssl_test
|
||||
package upyunssl_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -15,7 +15,7 @@ import (
|
||||
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -58,9 +58,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -115,8 +115,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
// 上传新证书
|
||||
// REF: https://www.volcengine.com/docs/6454/1245763
|
||||
addCertificateReq := &vecdn.AddCertificateRequest{
|
||||
Certificate: certPem,
|
||||
PrivateKey: privkeyPem,
|
||||
Certificate: certPEM,
|
||||
PrivateKey: privkeyPEM,
|
||||
Source: ve.String("volc_cert_center"),
|
||||
Desc: ve.String(certName),
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ import (
|
||||
vesession "github.com/volcengine/volcengine-go-sdk/volcengine/session"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
veccsdk "github.com/usual2970/certimate/internal/pkg/vendors/volcengine-sdk/certcenter"
|
||||
veccsdk "github.com/usual2970/certimate/internal/pkg/sdk3rd/volcengine/certcenter"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -55,13 +55,13 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 上传证书
|
||||
// REF: https://www.volcengine.com/docs/6638/1365580
|
||||
importCertificateReq := &veccsdk.ImportCertificateInput{
|
||||
CertificateInfo: &veccsdk.ImportCertificateInputCertificateInfo{
|
||||
CertificateChain: ve.String(certPem),
|
||||
PrivateKey: ve.String(privkeyPem),
|
||||
CertificateChain: ve.String(certPEM),
|
||||
PrivateKey: ve.String(privkeyPEM),
|
||||
},
|
||||
Repeatable: ve.Bool(false),
|
||||
}
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package volcenginecertcenter_test
|
||||
package volcenginecertcenter_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
ve "github.com/volcengine/volcengine-go-sdk/volcengine"
|
||||
|
||||
"github.com/usual2970/certimate/internal/pkg/core/uploader"
|
||||
"github.com/usual2970/certimate/internal/pkg/utils/certutil"
|
||||
certutil "github.com/usual2970/certimate/internal/pkg/utils/cert"
|
||||
)
|
||||
|
||||
type UploaderConfig struct {
|
||||
@@ -55,9 +55,9 @@ func (u *UploaderProvider) WithLogger(logger *slog.Logger) uploader.Uploader {
|
||||
return u
|
||||
}
|
||||
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPem string) (res *uploader.UploadResult, err error) {
|
||||
func (u *UploaderProvider) Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *uploader.UploadResult, err error) {
|
||||
// 解析证书内容
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPem)
|
||||
certX509, err := certutil.ParseCertificateFromPEM(certPEM)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -85,7 +85,7 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
|
||||
var isSameCert bool
|
||||
certificate := strings.Join(describeCertDetailSecretResp.Result.SSL.Chain, "\n\n")
|
||||
if certificate == certPem {
|
||||
if certificate == certPEM {
|
||||
isSameCert = true
|
||||
} else {
|
||||
oldCertX509, err := certutil.ParseCertificateFromPEM(certificate)
|
||||
@@ -118,8 +118,8 @@ func (u *UploaderProvider) Upload(ctx context.Context, certPem string, privkeyPe
|
||||
UseWay: "https",
|
||||
ProjectName: ve.String("default"),
|
||||
Rsa: velive.CreateCertBodyRsa{
|
||||
Prikey: privkeyPem,
|
||||
Pubkey: certPem,
|
||||
Prikey: privkeyPEM,
|
||||
Pubkey: certPEM,
|
||||
},
|
||||
}
|
||||
createCertResp, err := u.sdkClient.CreateCert(ctx, createCertReq)
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package uploader
|
||||
package uploader
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -15,13 +15,13 @@ type Uploader interface {
|
||||
//
|
||||
// 入参:
|
||||
// - ctx:上下文。
|
||||
// - certPem:证书 PEM 内容。
|
||||
// - privkeyPem:私钥 PEM 内容。
|
||||
// - certPEM:证书 PEM 内容。
|
||||
// - privkeyPEM:私钥 PEM 内容。
|
||||
//
|
||||
// 出参:
|
||||
// - res:上传结果。
|
||||
// - err: 错误。
|
||||
Upload(ctx context.Context, certPem string, privkeyPem string) (res *UploadResult, err error)
|
||||
Upload(ctx context.Context, certPEM string, privkeyPEM string) (res *UploadResult, err error)
|
||||
}
|
||||
|
||||
// 表示证书上传结果的数据结构,包含上传后的证书 ID、名称和其他数据。
|
||||
|
||||
Reference in New Issue
Block a user