mirror of https://github.com/allinssl/allinssl
【新增】宝塔dns
【修复】查看证书于下载证书内容不一致 【修复】多个ca无法选中 【修复】创建中间证书私有ca加密算法没有默认继承 【调整】下载自签证书附带pfx1.1.0
v-me-50
parent
e16d0b748b
commit
5b7245a78d
|
|
@ -162,6 +162,10 @@ func DownloadCert(c *gin.Context) {
|
||||||
public.FailMsg(c, err.Error())
|
public.FailMsg(c, err.Error())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if certData == nil {
|
||||||
|
public.FailMsg(c, "证书不存在")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
// 构建 zip 包(内存中)
|
// 构建 zip 包(内存中)
|
||||||
buf := new(bytes.Buffer)
|
buf := new(bytes.Buffer)
|
||||||
|
|
@ -213,6 +217,32 @@ func DownloadCert(c *gin.Context) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if certData["algorithm"] == "ecdsa" || certData["algorithm"] == "rsa" {
|
||||||
|
// cert.pfx
|
||||||
|
pfxPassword := "allinssl"
|
||||||
|
pfxData, err := public.PEMToPFX(certStr, keyStr, pfxPassword)
|
||||||
|
if err == nil && len(pfxData) > 0 {
|
||||||
|
pfxWriter, err := zipWriter.Create("IIS/cert.pfx")
|
||||||
|
if err != nil {
|
||||||
|
public.FailMsg(c, err.Error())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if _, err := pfxWriter.Write(pfxData); err != nil {
|
||||||
|
public.FailMsg(c, err.Error())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
txtWriter, err := zipWriter.Create("IIS/passwd.txt")
|
||||||
|
if err != nil {
|
||||||
|
public.FailMsg(c, err.Error())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if _, err := txtWriter.Write([]byte(pfxPassword)); err != nil {
|
||||||
|
public.FailMsg(c, err.Error())
|
||||||
|
return
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// 关闭 zipWriter
|
// 关闭 zipWriter
|
||||||
if err := zipWriter.Close(); err != nil {
|
if err := zipWriter.Close(); err != nil {
|
||||||
public.FailMsg(c, err.Error())
|
public.FailMsg(c, err.Error())
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package apply
|
||||||
import (
|
import (
|
||||||
"ALLinSSL/backend/internal/access"
|
"ALLinSSL/backend/internal/access"
|
||||||
"ALLinSSL/backend/internal/cert"
|
"ALLinSSL/backend/internal/cert"
|
||||||
|
"ALLinSSL/backend/internal/cert/apply/lego/bt"
|
||||||
"ALLinSSL/backend/internal/cert/apply/lego/jdcloud"
|
"ALLinSSL/backend/internal/cert/apply/lego/jdcloud"
|
||||||
"ALLinSSL/backend/internal/cert/apply/lego/webhook"
|
"ALLinSSL/backend/internal/cert/apply/lego/webhook"
|
||||||
"ALLinSSL/backend/public"
|
"ALLinSSL/backend/public"
|
||||||
|
|
@ -216,6 +217,16 @@ func GetDNSProvider(providerName string, creds map[string]string, httpClient *ht
|
||||||
config.APISecret = creds["api_secret"]
|
config.APISecret = creds["api_secret"]
|
||||||
config.PropagationTimeout = maxWait
|
config.PropagationTimeout = maxWait
|
||||||
return spaceship.NewDNSProviderConfig(config)
|
return spaceship.NewDNSProviderConfig(config)
|
||||||
|
case "btdomain":
|
||||||
|
config := bt.NewDefaultConfig()
|
||||||
|
config.AccountID = creds["account_id"]
|
||||||
|
config.AccessKey = creds["access_key"]
|
||||||
|
config.SecretKey = creds["secret_key"]
|
||||||
|
if creds["base_url"] != "" {
|
||||||
|
config.BaseURL = creds["base_url"]
|
||||||
|
}
|
||||||
|
config.PropagationTimeout = maxWait
|
||||||
|
return bt.NewDNSProviderConfig(config)
|
||||||
//case "edgeone":
|
//case "edgeone":
|
||||||
//config :=
|
//config :=
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -190,6 +190,8 @@ func init() {
|
||||||
InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "dns"}, []string{"name", "type"}, []any{"webhook", "dns"})
|
InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "dns"}, []string{"name", "type"}, []any{"webhook", "dns"})
|
||||||
InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "host"}, []string{"name", "type"}, []any{"webhook", "host"})
|
InsertIfNotExists(db, "access_type", map[string]any{"name": "webhook", "type": "host"}, []string{"name", "type"}, []any{"webhook", "host"})
|
||||||
|
|
||||||
|
InsertIfNotExists(db, "access_type", map[string]any{"name": "btdomain", "type": "dns"}, []string{"name", "type"}, []any{"btdomain", "dns"})
|
||||||
|
|
||||||
err = sqlite_migrate.EnsureDatabaseWithTables(
|
err = sqlite_migrate.EnsureDatabaseWithTables(
|
||||||
"data/site_monitor.db",
|
"data/site_monitor.db",
|
||||||
"data/data.db",
|
"data/data.db",
|
||||||
|
|
|
||||||
|
|
@ -168,18 +168,21 @@ func PEMToPFX(certPEM, keyPEM, pfxPassword string) ([]byte, error) {
|
||||||
return nil, fmt.Errorf("解析证书失败: %v", err)
|
return nil, fmt.Errorf("解析证书失败: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// 尝试解析私钥(PKCS8或PKCS1格式)
|
// 尝试解析私钥(PKCS8、PKCS1 或 EC 格式)
|
||||||
var privKey interface{}
|
var privKey interface{}
|
||||||
privKey, err = x509.ParsePKCS8PrivateKey(keyBlock.Bytes)
|
privKey, err = x509.ParsePKCS8PrivateKey(keyBlock.Bytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
privKey, err = x509.ParsePKCS1PrivateKey(keyBlock.Bytes)
|
privKey, err = x509.ParsePKCS1PrivateKey(keyBlock.Bytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("解析私钥失败: %v", err)
|
privKey, err = x509.ParseECPrivateKey(keyBlock.Bytes)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("解析私钥失败: %v", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// 编码为PFX格式
|
// 编码为PFX格式
|
||||||
pfxData, err := pkcs12.Encode(rand.Reader, privKey, cert, nil, pfxPassword)
|
pfxData, err := pkcs12.LegacyRC2.WithRand(rand.Reader).Encode(privKey, cert, nil, pfxPassword)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, fmt.Errorf("编码PFX失败: %v", err)
|
return nil, fmt.Errorf("编码PFX失败: %v", err)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue