实现对ACME用户的增删改

2025-12-15 04:26:36 +08:00 · 2020-11-24 17:36:42 +08:00
parent 8e97b5f512
commit e2a415faa3
84 changed files with 497 additions and 174 deletions
--- a/internal/web/actions/default/servers/components/componentutils/component_helper.go
+++ b/internal/web/actions/default/servers/components/componentutils/component_helper.go
@@ -52,11 +52,6 @@ func (this *ComponentHelper) createLeftMenus(secondMenuItem string) (items []map
 		"url":      "/servers/components/log",
 		"isActive": secondMenuItem == "log",
 	})
-	items = append(items, maps.Map{
-		"name":     "SSL证书管理",
-		"url":      "/servers/components/ssl",
-		"isActive": secondMenuItem == "ssl",
-	})
 	items = append(items, maps.Map{
 		"name":     "IP库",
 		"url":      "/servers/components/ip-library",
--- a/internal/web/actions/default/servers/components/ssl/certPopup.go
+++ b/internal/web/actions/default/servers/components/ssl/certPopup.go
@@ -1,77 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"github.com/iwind/TeaGo/maps"
-	timeutil "github.com/iwind/TeaGo/utils/time"
-	"time"
-)
-
-type CertPopupAction struct {
-	actionutils.ParentAction
-}
-
-func (this *CertPopupAction) Init() {
-}
-
-func (this *CertPopupAction) RunGet(params struct {
-	CertId int64
-}) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	reverseCommonNames := []string{}
-	for i := len(certConfig.CommonNames) - 1; i >= 0; i-- {
-		reverseCommonNames = append(reverseCommonNames, certConfig.CommonNames[i])
-	}
-
-	this.Data["info"] = maps.Map{
-		"id":          certConfig.Id,
-		"name":        certConfig.Name,
-		"description": certConfig.Description,
-		"isOn":        certConfig.IsOn,
-		"isAvailable": certConfig.TimeEndAt >= time.Now().Unix(),
-		"commonNames": reverseCommonNames,
-		"dnsNames":    certConfig.DNSNames,
-
-		// TODO 检查是否为7天或30天内过期
-		"beginTime": timeutil.FormatTime("Y-m-d H:i:s", certConfig.TimeBeginAt),
-		"endTime":   timeutil.FormatTime("Y-m-d H:i:s", certConfig.TimeEndAt),
-
-		"isCA":       certConfig.IsCA,
-		"certString": string(certConfig.CertData),
-		"keyString":  string(certConfig.KeyData),
-	}
-
-	// 引入的服务
-	serversResp, err := this.RPC().ServerRPC().FindAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.FindAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	serverMaps := []maps.Map{}
-	for _, server := range serversResp.Servers {
-		serverMaps = append(serverMaps, maps.Map{
-			"id":   server.Id,
-			"isOn": server.IsOn,
-			"name": server.Name,
-			"type": server.Type,
-		})
-	}
-	this.Data["servers"] = serverMaps
-
-	this.Show()
-}
--- a/internal/web/actions/default/servers/components/ssl/datajs.go
+++ b/internal/web/actions/default/servers/components/ssl/datajs.go
@@ -1,60 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-)
-
-// 所有相关数据
-type DatajsAction struct {
-	actionutils.ParentAction
-}
-
-func (this *DatajsAction) Init() {
-}
-
-func (this *DatajsAction) RunGet(params struct{}) {
-	this.AddHeader("Content-Type", "text/javascript; charset=utf-8")
-
-	{
-		cipherSuitesJSON, err := json.Marshal(sslconfigs.AllTLSCipherSuites)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		this.WriteString("window.SSL_ALL_CIPHER_SUITES = " + string(cipherSuitesJSON) + ";\n")
-	}
-	{
-		modernCipherSuitesJSON, err := json.Marshal(sslconfigs.TLSModernCipherSuites)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		this.WriteString("window.SSL_MODERN_CIPHER_SUITES = " + string(modernCipherSuitesJSON) + ";\n")
-	}
-	{
-		intermediateCipherSuitesJSON, err := json.Marshal(sslconfigs.TLSIntermediateCipherSuites)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		this.WriteString("window.SSL_INTERMEDIATE_CIPHER_SUITES = " + string(intermediateCipherSuitesJSON) + ";\n")
-	}
-	{
-		sslVersionsJSON, err := json.Marshal(sslconfigs.AllTlsVersions)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		this.WriteString("window.SSL_ALL_VERSIONS = " + string(sslVersionsJSON) + ";\n")
-	}
-	{
-		clientAuthTypesJSON, err := json.Marshal(sslconfigs.AllSSLClientAuthTypes())
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		this.WriteString("window.SSL_ALL_CLIENT_AUTH_TYPES = " + string(clientAuthTypesJSON) + ";\n")
-	}
-}
--- a/internal/web/actions/default/servers/components/ssl/delete.go
+++ b/internal/web/actions/default/servers/components/ssl/delete.go
@@ -1,36 +0,0 @@
-package ssl
-
-import (
-	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-)
-
-type DeleteAction struct {
-	actionutils.ParentAction
-}
-
-func (this *DeleteAction) RunPost(params struct {
-	CertId int64
-}) {
-	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "删除SSL证书 %d", params.CertId)
-
-	// 是否正在被使用
-	countResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	if countResp.Count > 0 {
-		this.Fail("此证书正在被某些服务引用，请先修改服务后再删除。")
-	}
-
-	_, err = this.RPC().SSLCertRPC().DeleteSSLCert(this.AdminContext(), &pb.DeleteSSLCertRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	this.Success()
-}
--- a/internal/web/actions/default/servers/components/ssl/downloadCert.go
+++ b/internal/web/actions/default/servers/components/ssl/downloadCert.go
@@ -1,39 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"strconv"
-)
-
-type DownloadCertAction struct {
-	actionutils.ParentAction
-}
-
-func (this *DownloadCertAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *DownloadCertAction) RunGet(params struct {
-	CertId int64
-}) {
-	defer this.CreateLogInfo("下载SSL证书 %d", params.CertId)
-
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	this.AddHeader("Content-Disposition", "attachment; filename=\"cert-"+strconv.FormatInt(params.CertId, 10)+".pem\";")
-	this.Write(certConfig.CertData)
-}
--- a/internal/web/actions/default/servers/components/ssl/downloadKey.go
+++ b/internal/web/actions/default/servers/components/ssl/downloadKey.go
@@ -1,39 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"strconv"
-)
-
-type DownloadKeyAction struct {
-	actionutils.ParentAction
-}
-
-func (this *DownloadKeyAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *DownloadKeyAction) RunGet(params struct {
-	CertId int64
-}) {
-	defer this.CreateLogInfo("下载SSL密钥 %d", params.CertId)
-
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	this.AddHeader("Content-Disposition", "attachment; filename=\"key-"+strconv.FormatInt(params.CertId, 10)+".pem\";")
-	this.Write(certConfig.KeyData)
-}
--- a/internal/web/actions/default/servers/components/ssl/downloadZip.go
+++ b/internal/web/actions/default/servers/components/ssl/downloadZip.go
@@ -1,82 +0,0 @@
-package ssl
-
-import (
-	"archive/zip"
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"strconv"
-)
-
-type DownloadZipAction struct {
-	actionutils.ParentAction
-}
-
-func (this *DownloadZipAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *DownloadZipAction) RunGet(params struct {
-	CertId int64
-}) {
-	defer this.CreateLogInfo("下载SSL证书压缩包 %d", params.CertId)
-
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	z := zip.NewWriter(this.ResponseWriter)
-	defer func() {
-		_ = z.Close()
-	}()
-
-	this.AddHeader("Content-Disposition", "attachment; filename=\"cert-"+strconv.FormatInt(params.CertId, 10)+".zip\";")
-
-	// cert
-	{
-		w, err := z.Create("cert.pem")
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		_, err = w.Write(certConfig.CertData)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		err = z.Flush()
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-	}
-
-	// key
-	if !certConfig.IsCA {
-		w, err := z.Create("key.pem")
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		_, err = w.Write(certConfig.KeyData)
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		err = z.Flush()
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-	}
-}
--- a/internal/web/actions/default/servers/components/ssl/helper.go
+++ b/internal/web/actions/default/servers/components/ssl/helper.go
@@ -1,22 +0,0 @@
-package ssl
-
-import (
-	"github.com/iwind/TeaGo/actions"
-	"net/http"
-)
-
-type Helper struct {
-}
-
-func NewHelper() *Helper {
-	return &Helper{}
-}
-
-func (this *Helper) BeforeAction(action *actions.ActionObject) {
-	if action.Request.Method != http.MethodGet {
-		return
-	}
-
-	action.Data["mainTab"] = "component"
-	action.Data["secondMenuItem"] = "ssl"
-}
--- a/internal/web/actions/default/servers/components/ssl/index.go
+++ b/internal/web/actions/default/servers/components/ssl/index.go
@@ -1,164 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"github.com/iwind/TeaGo/maps"
-	timeutil "github.com/iwind/TeaGo/utils/time"
-	"time"
-)
-
-type IndexAction struct {
-	actionutils.ParentAction
-}
-
-func (this *IndexAction) Init() {
-	this.FirstMenu("index")
-}
-
-func (this *IndexAction) RunGet(params struct {
-	Type string
-}) {
-	this.Data["type"] = params.Type
-
-	countAll := int64(0)
-	countCA := int64(0)
-	countAvailable := int64(0)
-	countExpired := int64(0)
-	count7Days := int64(0)
-	count30Days := int64(0)
-
-	// 计算数量
-	{
-		// all
-		resp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		countAll = resp.Count
-
-		// CA
-		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
-			IsCA: true,
-		})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		countCA = resp.Count
-
-		// available
-		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
-			IsAvailable: true,
-		})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		countAvailable = resp.Count
-
-		// expired
-		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
-			IsExpired: true,
-		})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		countExpired = resp.Count
-
-		// expire in 7 days
-		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
-			ExpiringDays: 7,
-		})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		count7Days = resp.Count
-
-		// expire in 30 days
-		resp, err = this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{
-			ExpiringDays: 30,
-		})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-		count30Days = resp.Count
-	}
-
-	this.Data["countAll"] = countAll
-	this.Data["countCA"] = countCA
-	this.Data["countAvailable"] = countAvailable
-	this.Data["countExpired"] = countExpired
-	this.Data["count7Days"] = count7Days
-	this.Data["count30Days"] = count30Days
-
-	// 分页
-	var page *actionutils.Page
-	var listResp *pb.ListSSLCertsResponse
-	var err error
-	switch params.Type {
-	case "":
-		page = this.NewPage(countAll)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{Offset: page.Offset, Size: page.Size})
-	case "ca":
-		page = this.NewPage(countCA)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsCA: true, Offset: page.Offset, Size: page.Size})
-	case "available":
-		page = this.NewPage(countAvailable)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsAvailable: true, Offset: page.Offset, Size: page.Size})
-	case "expired":
-		page = this.NewPage(countExpired)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{IsExpired: true, Offset: page.Offset, Size: page.Size})
-	case "7days":
-		page = this.NewPage(count7Days)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{ExpiringDays: 7, Offset: page.Offset, Size: page.Size})
-	case "30days":
-		page = this.NewPage(count30Days)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{ExpiringDays: 30, Offset: page.Offset, Size: page.Size})
-	default:
-		page = this.NewPage(countAll)
-		listResp, err = this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{})
-	}
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	this.Data["certs"] = certConfigs
-
-	certMaps := []maps.Map{}
-	nowTime := time.Now().Unix()
-	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-
-		certMaps = append(certMaps, maps.Map{
-			"isOn":         certConfig.IsOn,
-			"beginDay":     timeutil.FormatTime("Y-m-d", certConfig.TimeBeginAt),
-			"endDay":       timeutil.FormatTime("Y-m-d", certConfig.TimeEndAt),
-			"isExpired":    nowTime > certConfig.TimeEndAt,
-			"isAvailable":  nowTime <= certConfig.TimeEndAt,
-			"countServers": countServersResp.Count,
-		})
-	}
-	this.Data["certInfos"] = certMaps
-
-	this.Data["page"] = page.AsHTML()
-
-	this.Show()
-}
--- a/internal/web/actions/default/servers/components/ssl/init.go
+++ b/internal/web/actions/default/servers/components/ssl/init.go
@@ -1,30 +0,0 @@
-package ssl
-
-import (
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/default/servers/components/componentutils"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/helpers"
-	"github.com/iwind/TeaGo"
-)
-
-func init() {
-	TeaGo.BeforeStart(func(server *TeaGo.Server) {
-		server.
-			Helper(helpers.NewUserMustAuth()).
-			Helper(NewHelper()).
-			Helper(componentutils.NewComponentHelper()).
-			Prefix("/servers/components/ssl").
-			Get("", new(IndexAction)).
-			GetPost("/uploadPopup", new(UploadPopupAction)).
-			Post("/delete", new(DeleteAction)).
-			GetPost("/updatePopup", new(UpdatePopupAction)).
-			Get("/certPopup", new(CertPopupAction)).
-			Get("/viewKey", new(ViewKeyAction)).
-			Get("/viewCert", new(ViewCertAction)).
-			Get("/downloadKey", new(DownloadKeyAction)).
-			Get("/downloadCert", new(DownloadCertAction)).
-			Get("/downloadZip", new(DownloadZipAction)).
-			Get("/selectPopup", new(SelectPopupAction)).
-			Get("/datajs", new(DatajsAction)).
-			EndAll()
-	})
-}
--- a/internal/web/actions/default/servers/components/ssl/selectPopup.go
+++ b/internal/web/actions/default/servers/components/ssl/selectPopup.go
@@ -1,75 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"github.com/iwind/TeaGo/maps"
-	timeutil "github.com/iwind/TeaGo/utils/time"
-	"time"
-)
-
-// 选择证书
-type SelectPopupAction struct {
-	actionutils.ParentAction
-}
-
-func (this *SelectPopupAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *SelectPopupAction) RunGet(params struct {
-	ViewSize string
-}) {
-	// TODO 支持关键词搜索
-	// TODO 列出常用的证书供用户选择
-
-	if len(params.ViewSize) == 0 {
-		params.ViewSize = "normal"
-	}
-	this.Data["viewSize"] = params.ViewSize
-
-	countResp, err := this.RPC().SSLCertRPC().CountSSLCerts(this.AdminContext(), &pb.CountSSLCertRequest{})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	page := this.NewPage(countResp.Count)
-	this.Data["page"] = page.AsHTML()
-
-	listResp, err := this.RPC().SSLCertRPC().ListSSLCerts(this.AdminContext(), &pb.ListSSLCertsRequest{
-		Offset: page.Offset,
-		Size:   page.Size,
-	})
-
-	certConfigs := []*sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(listResp.CertsJSON, &certConfigs)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	this.Data["certs"] = certConfigs
-
-	certMaps := []maps.Map{}
-	nowTime := time.Now().Unix()
-	for _, certConfig := range certConfigs {
-		countServersResp, err := this.RPC().ServerRPC().CountAllEnabledServersWithSSLCertId(this.AdminContext(), &pb.CountAllEnabledServersWithSSLCertIdRequest{CertId: certConfig.Id})
-		if err != nil {
-			this.ErrorPage(err)
-			return
-		}
-
-		certMaps = append(certMaps, maps.Map{
-			"beginDay":     timeutil.FormatTime("Y-m-d", certConfig.TimeBeginAt),
-			"endDay":       timeutil.FormatTime("Y-m-d", certConfig.TimeEndAt),
-			"isExpired":    nowTime > certConfig.TimeEndAt,
-			"isAvailable":  nowTime <= certConfig.TimeEndAt,
-			"countServers": countServersResp.Count,
-		})
-	}
-	this.Data["certInfos"] = certMaps
-
-	this.Show()
-}
--- a/internal/web/actions/default/servers/components/ssl/updatePopup.go
+++ b/internal/web/actions/default/servers/components/ssl/updatePopup.go
@@ -1,133 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"github.com/iwind/TeaGo/actions"
-)
-
-type UpdatePopupAction struct {
-	actionutils.ParentAction
-}
-
-func (this *UpdatePopupAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *UpdatePopupAction) RunGet(params struct {
-	CertId int64
-}) {
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	certConfigJSON := certConfigResp.CertJSON
-	if len(certConfigJSON) == 0 {
-		this.NotFound("cert", params.CertId)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certConfigJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	this.Data["certConfig"] = certConfig
-
-	this.Show()
-}
-
-func (this *UpdatePopupAction) RunPost(params struct {
-	CertId int64
-
-	Name        string
-	IsCA        bool
-	Description string
-	IsOn        bool
-
-	CertFile *actions.File
-	KeyFile  *actions.File
-
-	Must *actions.Must
-}) {
-	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "修改SSL证书 %d", params.CertId)
-
-	// 查询Cert
-	certConfigResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	certConfigJSON := certConfigResp.CertJSON
-	if len(certConfigJSON) == 0 {
-		this.NotFound("cert", params.CertId)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certConfigJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	// 校验参数
-	params.Must.
-		Field("name", params.Name).
-		Require("请输入证书说明")
-
-	if params.CertFile != nil {
-		certConfig.CertData, err = params.CertFile.Read()
-		if err != nil {
-			this.Fail("读取证书文件内容错误，请重新上传")
-		}
-	}
-
-	if !params.IsCA {
-		if params.KeyFile != nil {
-			certConfig.KeyData, err = params.KeyFile.Read()
-			if err != nil {
-				this.Fail("读取密钥文件内容错误，请重新上传")
-			}
-		}
-	}
-
-	// 校验
-	certConfig.IsCA = params.IsCA
-	err = certConfig.Init()
-	if err != nil {
-		if params.IsCA {
-			this.Fail("证书校验错误：" + err.Error())
-		} else {
-			this.Fail("证书或密钥校验错误：" + err.Error())
-		}
-	}
-
-	// 保存
-	_, err = this.RPC().SSLCertRPC().UpdateSSLCert(this.AdminContext(), &pb.UpdateSSLCertRequest{
-		CertId:      params.CertId,
-		IsOn:        params.IsOn,
-		Name:        params.Name,
-		Description: params.Description,
-		ServerName:  "",
-		IsCA:        params.IsCA,
-		CertData:    certConfig.CertData,
-		KeyData:     certConfig.KeyData,
-		TimeBeginAt: certConfig.TimeBeginAt,
-		TimeEndAt:   certConfig.TimeEndAt,
-		DnsNames:    certConfig.DNSNames,
-		CommonNames: certConfig.CommonNames,
-	})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	this.Success()
-}
--- a/internal/web/actions/default/servers/components/ssl/uploadPopup.go
+++ b/internal/web/actions/default/servers/components/ssl/uploadPopup.go
@@ -1,121 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/oplogs"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-	"github.com/iwind/TeaGo/actions"
-)
-
-type UploadPopupAction struct {
-	actionutils.ParentAction
-}
-
-func (this *UploadPopupAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *UploadPopupAction) RunGet(params struct{}) {
-	this.Show()
-}
-
-func (this *UploadPopupAction) RunPost(params struct {
-	Name        string
-	IsCA        bool
-	Description string
-	IsOn        bool
-
-	CertFile *actions.File
-	KeyFile  *actions.File
-
-	Must *actions.Must
-}) {
-	params.Must.
-		Field("name", params.Name).
-		Require("请输入证书说明")
-
-	certData := []byte{}
-	keyData := []byte{}
-
-	if params.CertFile == nil {
-		this.Fail("请选择要上传的证书文件")
-	}
-	var err error
-	certData, err = params.CertFile.Read()
-	if err != nil {
-		this.Fail("读取证书文件内容错误，请重新上传")
-	}
-
-	if !params.IsCA {
-		if params.KeyFile == nil {
-			this.Fail("请选择要上传的私钥文件")
-		} else {
-			keyData, err = params.KeyFile.Read()
-			if err != nil {
-				this.Fail("读取密钥文件内容错误，请重新上传")
-			}
-		}
-	}
-
-	// 校验
-	sslConfig := &sslconfigs.SSLCertConfig{
-		IsCA:     params.IsCA,
-		CertData: certData,
-		KeyData:  keyData,
-	}
-	err = sslConfig.Init()
-	if err != nil {
-		if params.IsCA {
-			this.Fail("证书校验错误：" + err.Error())
-		} else {
-			this.Fail("证书或密钥校验错误：" + err.Error())
-		}
-	}
-
-	// 保存
-	createResp, err := this.RPC().SSLCertRPC().CreateSSLCert(this.AdminContext(), &pb.CreateSSLCertRequest{
-		IsOn:        params.IsOn,
-		Name:        params.Name,
-		Description: params.Description,
-		ServerName:  "",
-		IsCA:        params.IsCA,
-		CertData:    certData,
-		KeyData:     keyData,
-		TimeBeginAt: sslConfig.TimeBeginAt,
-		TimeEndAt:   sslConfig.TimeEndAt,
-		DnsNames:    sslConfig.DNSNames,
-		CommonNames: sslConfig.CommonNames,
-	})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	// 查询已创建的证书并返回，方便调用者进行后续处理
-	certId := createResp.CertId
-	configResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: certId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(configResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	certConfig.CertData = nil // 去掉不必要的数据
-	certConfig.KeyData = nil  // 去掉不必要的数据
-	this.Data["cert"] = certConfig
-	this.Data["certRef"] = &sslconfigs.SSLCertRef{
-		IsOn:   true,
-		CertId: certId,
-	}
-
-	// 创建日志
-	defer this.CreateLog(oplogs.LevelInfo, "上传SSL证书 %d", certId)
-
-	this.Success()
-}
--- a/internal/web/actions/default/servers/components/ssl/viewCert.go
+++ b/internal/web/actions/default/servers/components/ssl/viewCert.go
@@ -1,34 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-)
-
-type ViewCertAction struct {
-	actionutils.ParentAction
-}
-
-func (this *ViewCertAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *ViewCertAction) RunGet(params struct {
-	CertId int64
-}) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	this.Write(certConfig.CertData)
-}
--- a/internal/web/actions/default/servers/components/ssl/viewKey.go
+++ b/internal/web/actions/default/servers/components/ssl/viewKey.go
@@ -1,34 +0,0 @@
-package ssl
-
-import (
-	"encoding/json"
-	"github.com/TeaOSLab/EdgeAdmin/internal/web/actions/actionutils"
-	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
-	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/sslconfigs"
-)
-
-type ViewKeyAction struct {
-	actionutils.ParentAction
-}
-
-func (this *ViewKeyAction) Init() {
-	this.Nav("", "", "")
-}
-
-func (this *ViewKeyAction) RunGet(params struct {
-	CertId int64
-}) {
-	certResp, err := this.RPC().SSLCertRPC().FindEnabledSSLCertConfig(this.AdminContext(), &pb.FindEnabledSSLCertConfigRequest{CertId: params.CertId})
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-
-	certConfig := &sslconfigs.SSLCertConfig{}
-	err = json.Unmarshal(certResp.CertJSON, certConfig)
-	if err != nil {
-		this.ErrorPage(err)
-		return
-	}
-	this.Write(certConfig.KeyData)
-}