v0.1.18

add feat: support for tencent cdn extensive domain

README.md

@@ -32,6 +32,11 @@ Certimate 旨在为用户提供一个安全、简便的 SSL 证书管理解决
 ./certimate serve
 ```
 
+或运行以下命令自动给 Certimate 自身添加证书
+```bash
+./certimate serve 你的域名
+```
+
 > [!NOTE]
 > MacOS 在执行二进制文件时会提示：无法打开“certimate”，因为Apple无法检查其是否包含恶意软件。可在系统设置> 隐私与安全性> 安全性 中点击 "仍然允许"，然后再次尝试执行二进制文件。
 

README_EN.md

@@ -32,6 +32,12 @@ You can download the precompiled binary files directly from the [Releases page](
 ./certimate serve
 ```
 
+Or run the following command to automatically add a certificate to Certimate itself.
+
+```bash
+./certimate serve yourDomain
+```
+
 > [!NOTE]
 > When executing the binary file on macOS, you may see a prompt saying: “Cannot open ‘certimate’ because Apple cannot check it for malicious software.” You can go to System Preferences > Security & Privacy > General, then click “Allow Anyway,” and try executing the binary file again.
 

go.mod

@@ -18,7 +18,8 @@ require (
 	github.com/pocketbase/dbx v1.10.1
 	github.com/pocketbase/pocketbase v0.22.18
 	github.com/qiniu/go-sdk/v7 v7.22.0
-	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017
+	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017
 	github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.992
 	golang.org/x/crypto v0.26.0
 )

go.sum

@@ -381,9 +381,12 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/technoweenie/multipartstreamer v1.0.1 h1:XRztA5MXiR1TIRHxH2uNxXxaIkKQDeX7m2XsSOlQEnM=
 github.com/technoweenie/multipartstreamer v1.0.1/go.mod h1:jNVxdtShOxzAsukZwTSw6MDx5eUJoiEBsSvzDU9uzog=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017 h1:OymmfmyFkvHirY3WHsoRT3cdTEsqygLbMn8jM41erK4=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn v1.0.1017/go.mod h1:gnLxGXlLmF+jDqWR1/RVoF/UUwxQxomQhkc0oN7KeuI=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.898/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
-github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992 h1:266lOve+E8vzhnrb/Mr05Ee+oxXD9C82JiusY/AZqXw=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.992/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017 h1:SXrldOXwgomYuATVAuz5ofpTjB+99qVELgdy5R5kMgI=
+github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common v1.0.1017/go.mod h1:r5r4xbfxSaeR04b166HGsBa/R4U3SueirEUpXGuw+Q0=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.898 h1:LoYv5u+gUoFpU/AmIuTRG/2KiEkdm9gCC0dTvk8WITQ=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/dnspod v1.0.898/go.mod h1:c1j6YQ+vCbeA8kJ59Im4UnMd1GxovlpPBDhGZoewfn8=
 github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl v1.0.992 h1:A6O89OlCJQUpNxGqC/E5By04UNKBryIt5olQIGOx8mg=

internal/deployer/tencent_cdn.go

@@ -5,11 +5,14 @@ import (
 	"certimate/internal/utils/rand"
 	"context"
 	"encoding/json"
+	"encoding/base64"
 	"fmt"
+	"strings"
 
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common"
 	"github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/common/profile"
 	ssl "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/ssl/v20191205"
+	cdn "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/cdn/v20180606"
 )
 
 type tencentCdn struct {
@@ -89,14 +92,29 @@ func (t *tencentCdn) deploy(certId string) error {
 	// 实例化要请求产品的client对象,clientProfile是可选的
 	client, _ := ssl.NewClient(t.credential, "", cpf)
 
+
+
 	// 实例化一个请求对象,每个接口都会对应一个request对象
 	request := ssl.NewDeployCertificateInstanceRequest()
 
 	request.CertificateId = common.StringPtr(certId)
-	request.InstanceIdList = common.StringPtrs([]string{t.option.Domain})
 	request.ResourceType = common.StringPtr("cdn")
 	request.Status = common.Int64Ptr(1)
 
+	// 如果是泛域名就从cdn列表下获取SSL证书中的可用域名
+	if(strings.Contains(t.option.Domain, "*")){
+		list, errGetList := t.getDomainList()
+		if errGetList != nil {
+			return fmt.Errorf("failed to get certificate domain list: %w", errGetList)
+		}
+		if list == nil || len(list) == 0 {
+			return fmt.Errorf("failed to get certificate domain list: empty list.")
+		}
+		request.InstanceIdList = common.StringPtrs(list)
+	}else{ // 否则直接使用传入的域名
+		request.InstanceIdList = common.StringPtrs([]string{t.option.Domain})
+	}
+
 	// 返回的resp是一个DeployCertificateInstanceResponse的实例，与请求对象对应
 	resp, err := client.DeployCertificateInstance(request)
 
@@ -106,3 +124,27 @@ func (t *tencentCdn) deploy(certId string) error {
 	t.infos = append(t.infos, toStr("部署证书", resp.Response))
 	return nil
 }
+
+func (t *tencentCdn) getDomainList() ([]string, error) {
+	cpf := profile.NewClientProfile()
+	cpf.HttpProfile.Endpoint = "cdn.tencentcloudapi.com"
+	client, _ := cdn.NewClient(t.credential, "", cpf)
+
+	request := cdn.NewDescribeCertDomainsRequest()
+
+	cert := base64.StdEncoding.EncodeToString([]byte(t.option.Certificate.Certificate))
+	request.Cert = &cert
+	
+
+	response, err := client.DescribeCertDomains(request)
+	if err != nil {
+		return nil, fmt.Errorf("failed to get domain list: %w", err)
+	}
+
+	domains := make([]string, 0)
+	for _, domain := range response.Response.Domains {
+		domains = append(domains, *domain)
+	}
+
+	return domains, nil
+}

ui/dist/index.html

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="/vite.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>Certimate - Your Trusted SSL Automation Partner</title>
-    <script type="module" crossorigin src="/assets/index-8E76olt7.js"></script>
+    <script type="module" crossorigin src="/assets/index-DOR0Uh6g.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-DOft-CKV.css">
   </head>
   <body class="bg-background">

ui/src/domain/version.ts

@@ -1 +1 @@
-export const version = "Certimate v0.1.17";
+export const version = "Certimate v0.1.18";