EdgeCommon/pkg/rpc/protos/service_ssl_cert.proto

syntax = "proto3";
option go_package = "./pb";

package pb;

import "models/rpc_messages.proto";
import "models/model_ssl_cert.proto";

// SSL证书管理服务
service SSLCertService {
	// 创建证书
	rpc createSSLCert (CreateSSLCertRequest) returns (CreateSSLCertResponse);

	// 创建一组证书
	rpc createSSLCerts(CreateSSLCertsRequest) returns (CreateSSLCertsResponse);

	// 修改证书
	rpc updateSSLCert (UpdateSSLCertRequest) returns (RPCSuccess);

	// 删除证书
	rpc deleteSSLCert (DeleteSSLCertRequest) returns (RPCSuccess);

	// 查找证书配置
	rpc findEnabledSSLCertConfig (FindEnabledSSLCertConfigRequest) returns (FindEnabledSSLCertConfigResponse);

	// 计算匹配的证书数量
	rpc countSSLCerts (CountSSLCertRequest) returns (RPCCountResponse);

	// 列出单页匹配的证书
	rpc listSSLCerts (ListSSLCertsRequest) returns (ListSSLCertsResponse);

	// 计算有OCSP错误的证书数量
	rpc countAllSSLCertsWithOCSPError (CountAllSSLCertsWithOCSPErrorRequest) returns (RPCCountResponse);

	// 列出有OCSP错误的证书
	rpc listSSLCertsWithOCSPError (ListSSLCertsWithOCSPErrorRequest) returns (ListSSLCertsWithOCSPErrorResponse);

	// 忽略一组OCSP证书错误
	rpc ignoreSSLCertsWithOCSPError (IgnoreSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);

	// 重置一组证书OCSP错误状态
	rpc resetSSLCertsWithOCSPError (ResetSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);

	// 重置所有证书OCSP错误状态
	rpc resetAllSSLCertsWithOCSPError (ResetAllSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);

	// 读取证书的OCSP
	rpc listUpdatedSSLCertOCSP(ListUpdatedSSLCertOCSPRequest) returns (ListUpdatedSSLCertOCSPResponse);
}

// 创建证书
message CreateSSLCertRequest {
	bool isOn = 1;
	int64 userId = 12; // 所属用户，仅管理员才能指定
	string name = 2;
	string description = 3;
	string serverName = 4;
	bool isCA = 5;
	bytes certData = 6;
	bytes keyData = 7;
	int64 timeBeginAt = 8;
	int64 timeEndAt = 9;
	repeated string dnsNames = 10;
	repeated string commonNames = 11;
}

message CreateSSLCertResponse {
	int64 sslCertId = 1;
}

// 创建一组证书
message CreateSSLCertsRequest {
	repeated cert SSLCerts = 1; // 证书信息
	int64 userId = 2; // 用户ID

	message cert {
		bool isOn = 1;
		string name = 2;
		string description = 3;
		string serverName = 4;
		bool isCA = 5;
		bytes certData = 6;
		bytes keyData = 7;
		int64 timeBeginAt = 8;
		int64 timeEndAt = 9;
		repeated string dnsNames = 10;
		repeated string commonNames = 11;
	}
}

message CreateSSLCertsResponse {
	repeated int64 sslCertIds = 1;
}

// 修改证书
message UpdateSSLCertRequest {
	int64 sslCertId = 1;
	bool isOn = 2;
	string name = 3;
	string description = 4;
	string serverName = 5;
	bool isCA = 6;
	bytes certData = 7;
	bytes keyData = 8;
	int64 timeBeginAt = 9;
	int64 timeEndAt = 10;
	repeated string dnsNames = 11;
	repeated string commonNames = 12;
}

// 查找证书配置
message FindEnabledSSLCertConfigRequest {
	int64 sslCertId = 1;
}

message FindEnabledSSLCertConfigResponse {
	bytes sslCertJSON = 1;
}

// 删除证书
message DeleteSSLCertRequest {
	int64 sslCertId = 1;
}

// 计算匹配的证书数量
message CountSSLCertRequest {
	bool isCA = 1; // 是否为CA证书
	bool isAvailable = 2; // 是否可用（在有效期内）
	bool isExpired = 3; // 是否已过期
	int32 expiringDays = 4; // 离过期日的天数
	string keyword = 5; // 关键词
	int64 userId = 6; // 用户ID
	repeated string domains = 7; // 搜索使用的域名列表
}

// 列出单页匹配的证书
message ListSSLCertsRequest {
	bool isCA = 1; // 是否为CA证书
	bool isAvailable = 2; // 是否可用（在有效期内）
	bool isExpired = 3; // 是否已过期
	int32 expiringDays = 4; // 离过期日的天数
	string keyword = 5; // 关键词
	int64 userId = 8; // 用户ID
	repeated string domains = 9; // 搜索使用的域名列表
	int64 offset = 6; // 读取位置
	int64 size = 7; // 读取长度
}

message ListSSLCertsResponse {
	bytes sslCertsJSON = 1;
}

// 计算有OCSP错误的证书数量
message CountAllSSLCertsWithOCSPErrorRequest {
	string keyword = 1;
}

// 列出有OCSP错误的证书
message ListSSLCertsWithOCSPErrorRequest {
	string keyword = 1;
	int64 offset = 2;
	int64 size = 3;
}

message ListSSLCertsWithOCSPErrorResponse {
	repeated SSLCert sslCerts = 1;
}

// 忽略一组OCSP证书错误
message IgnoreSSLCertsWithOCSPErrorRequest {
	repeated int64 sslCertIds = 1;
}

// 重置一组证书OCSP错误状态
message ResetSSLCertsWithOCSPErrorRequest {
	repeated int64 sslCertIds = 1;
}

// 重置所有证书OCSP错误状态
message ResetAllSSLCertsWithOCSPErrorRequest {

}

// 读取证书的OCSP
message ListUpdatedSSLCertOCSPRequest {
	int64 version = 1;
	int32 size = 2;
}

message ListUpdatedSSLCertOCSPResponse {
	repeated SSLCertOCSP sslCertOCSP = 1;

	message SSLCertOCSP {
		int64 sslCertId = 1;
		bytes data = 2;
		int64 version = 3;
		int64 expiresAt = 4;
	}
}
实现证书管理 2020-09-30 17:46:33 +08:00			`syntax = "proto3";`
			`option go_package = "./pb";`

			`package pb;`

对服务增加基础的数据统计/部分代码分Package 2021-01-25 16:41:30 +08:00			`import "models/rpc_messages.proto";`
增加证书OCSP错误日志管理 2022-03-11 20:27:57 +08:00			`import "models/model_ssl_cert.proto";`
实现证书管理 2020-09-30 17:46:33 +08:00
增加修改服务所在分组API/proto文件增加若干注释 2022-06-25 19:22:19 +08:00			`// SSL证书管理服务`
实现证书管理 2020-09-30 17:46:33 +08:00			`service SSLCertService {`
增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 创建证书`
实现证书管理 2020-09-30 17:46:33 +08:00			`rpc createSSLCert (CreateSSLCertRequest) returns (CreateSSLCertResponse);`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 创建一组证书`
			`rpc createSSLCerts(CreateSSLCertsRequest) returns (CreateSSLCertsResponse);`

			`// 修改证书`
实现基本的集群DNS列表、设置、简单数据同步 2020-11-13 18:23:06 +08:00			`rpc updateSSLCert (UpdateSSLCertRequest) returns (RPCSuccess);`
实现证书管理 2020-09-30 17:46:33 +08:00
增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 删除证书`
实现基本的集群DNS列表、设置、简单数据同步 2020-11-13 18:23:06 +08:00			`rpc deleteSSLCert (DeleteSSLCertRequest) returns (RPCSuccess);`
实现证书管理 2020-09-30 17:46:33 +08:00
			`// 查找证书配置`
			`rpc findEnabledSSLCertConfig (FindEnabledSSLCertConfigRequest) returns (FindEnabledSSLCertConfigResponse);`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 计算匹配的证书数量`
增加DNS域名管理 2020-11-12 14:41:23 +08:00			`rpc countSSLCerts (CountSSLCertRequest) returns (RPCCountResponse);`
实现证书管理 2020-09-30 17:46:33 +08:00
增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 列出单页匹配的证书`
实现证书管理 2020-09-30 17:46:33 +08:00			`rpc listSSLCerts (ListSSLCertsRequest) returns (ListSSLCertsResponse);`
增加证书OCSP错误日志管理 2022-03-11 20:27:57 +08:00
			`// 计算有OCSP错误的证书数量`
			`rpc countAllSSLCertsWithOCSPError (CountAllSSLCertsWithOCSPErrorRequest) returns (RPCCountResponse);`

			`// 列出有OCSP错误的证书`
			`rpc listSSLCertsWithOCSPError (ListSSLCertsWithOCSPErrorRequest) returns (ListSSLCertsWithOCSPErrorResponse);`

			`// 忽略一组OCSP证书错误`
			`rpc ignoreSSLCertsWithOCSPError (IgnoreSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);`

			`// 重置一组证书OCSP错误状态`
			`rpc resetSSLCertsWithOCSPError (ResetSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);`

			`// 重置所有证书OCSP错误状态`
			`rpc resetAllSSLCertsWithOCSPError (ResetAllSSLCertsWithOCSPErrorRequest) returns (RPCSuccess);`
动态更新OCSP 2022-03-18 17:04:53 +08:00
			`// 读取证书的OCSP`
			`rpc listUpdatedSSLCertOCSP(ListUpdatedSSLCertOCSPRequest) returns (ListUpdatedSSLCertOCSPResponse);`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 创建证书`
实现证书管理 2020-09-30 17:46:33 +08:00			`message CreateSSLCertRequest {`
			`bool isOn = 1;`
上传单个证书时可以选择所属用户 2023-03-26 12:24:58 +08:00			`int64 userId = 12; // 所属用户，仅管理员才能指定`
实现证书管理 2020-09-30 17:46:33 +08:00			`string name = 2;`
			`string description = 3;`
			`string serverName = 4;`
			`bool isCA = 5;`
			`bytes certData = 6;`
			`bytes keyData = 7;`
			`int64 timeBeginAt = 8;`
			`int64 timeEndAt = 9;`
			`repeated string dnsNames = 10;`
			`repeated string commonNames = 11;`
			`}`

			`message CreateSSLCertResponse {`
优化代码 2020-12-18 21:19:25 +08:00			`int64 sslCertId = 1;`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 创建一组证书`
			`message CreateSSLCertsRequest {`
			`repeated cert SSLCerts = 1; // 证书信息`
			`int64 userId = 2; // 用户ID`

			`message cert {`
			`bool isOn = 1;`
			`string name = 2;`
			`string description = 3;`
			`string serverName = 4;`
			`bool isCA = 5;`
			`bytes certData = 6;`
			`bytes keyData = 7;`
			`int64 timeBeginAt = 8;`
			`int64 timeEndAt = 9;`
			`repeated string dnsNames = 10;`
			`repeated string commonNames = 11;`
			`}`
			`}`

			`message CreateSSLCertsResponse {`
			`repeated int64 sslCertIds = 1;`
			`}`

			`// 修改证书`
实现证书管理 2020-09-30 17:46:33 +08:00			`message UpdateSSLCertRequest {`
优化代码 2020-12-18 21:19:25 +08:00			`int64 sslCertId = 1;`
实现证书管理 2020-09-30 17:46:33 +08:00			`bool isOn = 2;`
			`string name = 3;`
			`string description = 4;`
			`string serverName = 5;`
			`bool isCA = 6;`
			`bytes certData = 7;`
			`bytes keyData = 8;`
			`int64 timeBeginAt = 9;`
			`int64 timeEndAt = 10;`
			`repeated string dnsNames = 11;`
			`repeated string commonNames = 12;`
			`}`

			`// 查找证书配置`
			`message FindEnabledSSLCertConfigRequest {`
优化代码 2020-12-18 21:19:25 +08:00			`int64 sslCertId = 1;`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

			`message FindEnabledSSLCertConfigResponse {`
优化代码 2020-12-18 21:19:25 +08:00			`bytes sslCertJSON = 1;`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

			`// 删除证书`
			`message DeleteSSLCertRequest {`
优化代码 2020-12-18 21:19:25 +08:00			`int64 sslCertId = 1;`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 计算匹配的证书数量`
实现证书管理 2020-09-30 17:46:33 +08:00			`message CountSSLCertRequest {`
增加多个接口定义 2023-03-24 19:07:04 +08:00			`bool isCA = 1; // 是否为CA证书`
			`bool isAvailable = 2; // 是否可用（在有效期内）`
			`bool isExpired = 3; // 是否已过期`
			`int32 expiringDays = 4; // 离过期日的天数`
			`string keyword = 5; // 关键词`
			`int64 userId = 6; // 用户ID`
			`repeated string domains = 7; // 搜索使用的域名列表`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

增加多个接口定义 2023-03-24 19:07:04 +08:00			`// 列出单页匹配的证书`
实现证书管理 2020-09-30 17:46:33 +08:00			`message ListSSLCertsRequest {`
增加多个接口定义 2023-03-24 19:07:04 +08:00			`bool isCA = 1; // 是否为CA证书`
			`bool isAvailable = 2; // 是否可用（在有效期内）`
			`bool isExpired = 3; // 是否已过期`
			`int32 expiringDays = 4; // 离过期日的天数`
			`string keyword = 5; // 关键词`
			`int64 userId = 8; // 用户ID`
			`repeated string domains = 9; // 搜索使用的域名列表`
			`int64 offset = 6; // 读取位置`
			`int64 size = 7; // 读取长度`
实现证书管理 2020-09-30 17:46:33 +08:00			`}`

			`message ListSSLCertsResponse {`
优化代码 2020-12-18 21:19:25 +08:00			`bytes sslCertsJSON = 1;`
实现对ACME用户的增删改 2020-11-24 17:36:51 +08:00			`}`
增加证书OCSP错误日志管理 2022-03-11 20:27:57 +08:00
			`// 计算有OCSP错误的证书数量`
			`message CountAllSSLCertsWithOCSPErrorRequest {`
			`string keyword = 1;`
			`}`

			`// 列出有OCSP错误的证书`
			`message ListSSLCertsWithOCSPErrorRequest {`
			`string keyword = 1;`
			`int64 offset = 2;`
			`int64 size = 3;`
			`}`

			`message ListSSLCertsWithOCSPErrorResponse {`
			`repeated SSLCert sslCerts = 1;`
			`}`

			`// 忽略一组OCSP证书错误`
			`message IgnoreSSLCertsWithOCSPErrorRequest {`
			`repeated int64 sslCertIds = 1;`
			`}`

			`// 重置一组证书OCSP错误状态`
			`message ResetSSLCertsWithOCSPErrorRequest {`
			`repeated int64 sslCertIds = 1;`
			`}`

			`// 重置所有证书OCSP错误状态`
			`message ResetAllSSLCertsWithOCSPErrorRequest {`

动态更新OCSP 2022-03-18 17:04:53 +08:00			`}`

			`// 读取证书的OCSP`
			`message ListUpdatedSSLCertOCSPRequest {`
			`int64 version = 1;`
			`int32 size = 2;`
			`}`

			`message ListUpdatedSSLCertOCSPResponse {`
			`repeated SSLCertOCSP sslCertOCSP = 1;`

			`message SSLCertOCSP {`
			`int64 sslCertId = 1;`
OCSP支持过期时间 2022-03-18 20:20:28 +08:00			`bytes data = 2;`
动态更新OCSP 2022-03-18 17:04:53 +08:00			`int64 version = 3;`
OCSP支持过期时间 2022-03-18 20:20:28 +08:00			`int64 expiresAt = 4;`
动态更新OCSP 2022-03-18 17:04:53 +08:00			`}`
增加证书OCSP错误日志管理 2022-03-11 20:27:57 +08:00			`}`