feat: add ssl.com ca

2025-03-30 21:46:59 +08:00
parent a72737fdd5
commit f77c2dae23
19 changed files with 285 additions and 96 deletions
--- a/internal/applicant/acme_ca.go
+++ b/internal/applicant/acme_ca.go
@@ -6,6 +6,7 @@ const (
 	sslProviderLetsEncrypt         = string(domain.ApplyCAProviderTypeLetsEncrypt)
 	sslProviderLetsEncryptStaging  = string(domain.ApplyCAProviderTypeLetsEncryptStaging)
 	sslProviderGoogleTrustServices = string(domain.ApplyCAProviderTypeGoogleTrustServices)
+	sslProviderSSLCom              = string(domain.ApplyCAProviderTypeSSLCom)
 	sslProviderZeroSSL             = string(domain.ApplyCAProviderTypeZeroSSL)

 	sslProviderDefault = sslProviderLetsEncrypt
@@ -15,6 +16,7 @@ var sslProviderUrls = map[string]string{
 	sslProviderLetsEncrypt:         "https://acme-v02.api.letsencrypt.org/directory",
 	sslProviderLetsEncryptStaging:  "https://acme-staging-v02.api.letsencrypt.org/directory",
 	sslProviderGoogleTrustServices: "https://dv.acme-v02.api.pki.goog/directory",
+	sslProviderSSLCom:              "https://acme.ssl.com/sslcom-dv-ecc",
 	sslProviderZeroSSL:             "https://acme.zerossl.com/v2/DV90",
 }

--- a/internal/applicant/acme_user.go
+++ b/internal/applicant/acme_user.go
@@ -112,6 +112,20 @@ func registerAcmeUser(client *lego.Client, user *acmeUser, userRegisterOptions m
 			})
 		}

+	case sslProviderSSLCom:
+		{
+			access := domain.AccessConfigForSSLCom{}
+			if err := maputil.Populate(userRegisterOptions, &access); err != nil {
+				return nil, fmt.Errorf("failed to populate provider access config: %w", err)
+			}
+
+			reg, err = client.Registration.RegisterWithExternalAccountBinding(registration.RegisterEABOptions{
+				TermsOfServiceAgreed: true,
+				Kid:                  access.EabKid,
+				HmacEncoded:          access.EabHmacKey,
+			})
+		}
+
 	case sslProviderZeroSSL:
 		{
 			access := domain.AccessConfigForZeroSSL{}
--- a/internal/domain/access.go
+++ b/internal/domain/access.go
@@ -196,6 +196,11 @@ type AccessConfigForSSH struct {
 	KeyPassphrase string `json:"keyPassphrase,omitempty"`
 }

+type AccessConfigForSSLCom struct {
+	EabKid     string `json:"eabKid"`
+	EabHmacKey string `json:"eabHmacKey"`
+}
+
 type AccessConfigForTencentCloud struct {
 	SecretId  string `json:"secretId"`
 	SecretKey string `json:"secretKey"`
--- a/internal/domain/provider.go
+++ b/internal/domain/provider.go
@@ -54,6 +54,7 @@ const (
 	AccessProviderTypeRainYun             = AccessProviderType("rainyun")
 	AccessProviderTypeSafeLine            = AccessProviderType("safeline")
 	AccessProviderTypeSSH                 = AccessProviderType("ssh")
+	AccessProviderTypeSSLCOM              = AccessProviderType("sslcom")
 	AccessProviderTypeTencentCloud        = AccessProviderType("tencentcloud")
 	AccessProviderTypeUCloud              = AccessProviderType("ucloud")
 	AccessProviderTypeUpyun               = AccessProviderType("upyun")
@@ -74,10 +75,11 @@ type ApplyCAProviderType string
 	NOTICE: If you add new constant, please keep ASCII order.
 */
 const (
-	ApplyCAProviderTypeGoogleTrustServices = ApplyCAProviderType("googletrustservices")
-	ApplyCAProviderTypeLetsEncrypt         = ApplyCAProviderType("letsencrypt")
-	ApplyCAProviderTypeLetsEncryptStaging  = ApplyCAProviderType("letsencryptstaging")
-	ApplyCAProviderTypeZeroSSL             = ApplyCAProviderType("zerossl")
+	ApplyCAProviderTypeGoogleTrustServices = ApplyCAProviderType(string(AccessProviderTypeGoogleTrustServices))
+	ApplyCAProviderTypeLetsEncrypt         = ApplyCAProviderType(string(AccessProviderTypeLetsEncrypt))
+	ApplyCAProviderTypeLetsEncryptStaging  = ApplyCAProviderType(string(AccessProviderTypeLetsEncryptStaging))
+	ApplyCAProviderTypeSSLCom              = ApplyCAProviderType(string(AccessProviderTypeSSLCOM))
+	ApplyCAProviderTypeZeroSSL             = ApplyCAProviderType(string(AccessProviderTypeZeroSSL))
 )

 type ApplyDNSProviderType string