[SSL证书]实现基本的自动申请证书流程

2025-11-03 20:40:25 +08:00 · 2020-11-26 16:39:11 +08:00
parent 0bf0d6b840
commit d57b829f4f
5 changed files with 47 additions and 34 deletions
--- a/pkg/rpc/pb/model_acme_task.pb.go
+++ b/pkg/rpc/pb/model_acme_task.pb.go
@@ -35,8 +35,7 @@ type ACMETask struct {
 	DnsDomain   string       `protobuf:"bytes,3,opt,name=dnsDomain,proto3" json:"dnsDomain,omitempty"`
 	Domains     []string     `protobuf:"bytes,4,rep,name=domains,proto3" json:"domains,omitempty"`
 	CreatedAt   int64        `protobuf:"varint,5,opt,name=createdAt,proto3" json:"createdAt,omitempty"`
-	IsOk        bool         `protobuf:"varint,6,opt,name=isOk,proto3" json:"isOk,omitempty"`
-	AutoRenew   bool         `protobuf:"varint,7,opt,name=autoRenew,proto3" json:"autoRenew,omitempty"`
+	AutoRenew   bool         `protobuf:"varint,6,opt,name=autoRenew,proto3" json:"autoRenew,omitempty"`
 	AcmeUser    *ACMEUser    `protobuf:"bytes,30,opt,name=acmeUser,proto3" json:"acmeUser,omitempty"`
 	DnsProvider *DNSProvider `protobuf:"bytes,31,opt,name=dnsProvider,proto3" json:"dnsProvider,omitempty"`
 	SslCert     *SSLCert     `protobuf:"bytes,32,opt,name=sslCert,proto3" json:"sslCert,omitempty"`
@@ -109,13 +108,6 @@ func (x *ACMETask) GetCreatedAt() int64 {
 	return 0
 }

-func (x *ACMETask) GetIsOk() bool {
-	if x != nil {
-		return x.IsOk
-	}
-	return false
-}
-
 func (x *ACMETask) GetAutoRenew() bool {
 	if x != nil {
 		return x.AutoRenew
@@ -153,7 +145,7 @@ var file_model_acme_task_proto_rawDesc = []byte{
 	0x74, 0x6f, 0x1a, 0x18, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x5f, 0x64, 0x6e, 0x73, 0x5f, 0x70, 0x72,
 	0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x14, 0x6d, 0x6f,
 	0x64, 0x65, 0x6c, 0x5f, 0x73, 0x73, 0x6c, 0x5f, 0x63, 0x65, 0x72, 0x74, 0x2e, 0x70, 0x72, 0x6f,
-	0x74, 0x6f, 0x22, 0xba, 0x02, 0x0a, 0x08, 0x41, 0x43, 0x4d, 0x45, 0x54, 0x61, 0x73, 0x6b, 0x12,
+	0x74, 0x6f, 0x22, 0xa6, 0x02, 0x0a, 0x08, 0x41, 0x43, 0x4d, 0x45, 0x54, 0x61, 0x73, 0x6b, 0x12,
 	0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12,
 	0x12, 0x0a, 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x69,
 	0x73, 0x4f, 0x6e, 0x12, 0x1c, 0x0a, 0x09, 0x64, 0x6e, 0x73, 0x44, 0x6f, 0x6d, 0x61, 0x69, 0x6e,
@@ -161,19 +153,18 @@ var file_model_acme_task_proto_rawDesc = []byte{
 	0x6e, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x18, 0x04, 0x20, 0x03,
 	0x28, 0x09, 0x52, 0x07, 0x64, 0x6f, 0x6d, 0x61, 0x69, 0x6e, 0x73, 0x12, 0x1c, 0x0a, 0x09, 0x63,
 	0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x18, 0x05, 0x20, 0x01, 0x28, 0x03, 0x52, 0x09,
-	0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x12, 0x0a, 0x04, 0x69, 0x73, 0x4f,
-	0x6b, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x69, 0x73, 0x4f, 0x6b, 0x12, 0x1c, 0x0a,
-	0x09, 0x61, 0x75, 0x74, 0x6f, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x18, 0x07, 0x20, 0x01, 0x28, 0x08,
-	0x52, 0x09, 0x61, 0x75, 0x74, 0x6f, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x12, 0x28, 0x0a, 0x08, 0x61,
-	0x63, 0x6d, 0x65, 0x55, 0x73, 0x65, 0x72, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0c, 0x2e,
-	0x70, 0x62, 0x2e, 0x41, 0x43, 0x4d, 0x45, 0x55, 0x73, 0x65, 0x72, 0x52, 0x08, 0x61, 0x63, 0x6d,
-	0x65, 0x55, 0x73, 0x65, 0x72, 0x12, 0x31, 0x0a, 0x0b, 0x64, 0x6e, 0x73, 0x50, 0x72, 0x6f, 0x76,
-	0x69, 0x64, 0x65, 0x72, 0x18, 0x1f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x70, 0x62, 0x2e,
-	0x44, 0x4e, 0x53, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x52, 0x0b, 0x64, 0x6e, 0x73,
-	0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x12, 0x25, 0x0a, 0x07, 0x73, 0x73, 0x6c, 0x43,
-	0x65, 0x72, 0x74, 0x18, 0x20, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0b, 0x2e, 0x70, 0x62, 0x2e, 0x53,
-	0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x52, 0x07, 0x73, 0x73, 0x6c, 0x43, 0x65, 0x72, 0x74, 0x42,
-	0x06, 0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x64, 0x41, 0x74, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x75, 0x74,
+	0x6f, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x18, 0x06, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x61, 0x75,
+	0x74, 0x6f, 0x52, 0x65, 0x6e, 0x65, 0x77, 0x12, 0x28, 0x0a, 0x08, 0x61, 0x63, 0x6d, 0x65, 0x55,
+	0x73, 0x65, 0x72, 0x18, 0x1e, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0c, 0x2e, 0x70, 0x62, 0x2e, 0x41,
+	0x43, 0x4d, 0x45, 0x55, 0x73, 0x65, 0x72, 0x52, 0x08, 0x61, 0x63, 0x6d, 0x65, 0x55, 0x73, 0x65,
+	0x72, 0x12, 0x31, 0x0a, 0x0b, 0x64, 0x6e, 0x73, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72,
+	0x18, 0x1f, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0f, 0x2e, 0x70, 0x62, 0x2e, 0x44, 0x4e, 0x53, 0x50,
+	0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x52, 0x0b, 0x64, 0x6e, 0x73, 0x50, 0x72, 0x6f, 0x76,
+	0x69, 0x64, 0x65, 0x72, 0x12, 0x25, 0x0a, 0x07, 0x73, 0x73, 0x6c, 0x43, 0x65, 0x72, 0x74, 0x18,
+	0x20, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x0b, 0x2e, 0x70, 0x62, 0x2e, 0x53, 0x53, 0x4c, 0x43, 0x65,
+	0x72, 0x74, 0x52, 0x07, 0x73, 0x73, 0x6c, 0x43, 0x65, 0x72, 0x74, 0x42, 0x06, 0x5a, 0x04, 0x2e,
+	0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }

 var (
--- a/pkg/rpc/pb/model_ssl_cert.pb.go
+++ b/pkg/rpc/pb/model_ssl_cert.pb.go
@@ -30,9 +30,11 @@ type SSLCert struct {
 	sizeCache     protoimpl.SizeCache
 	unknownFields protoimpl.UnknownFields

-	Id   int64  `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
-	IsOn bool   `protobuf:"varint,2,opt,name=isOn,proto3" json:"isOn,omitempty"`
-	Name string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+	Id          int64  `protobuf:"varint,1,opt,name=id,proto3" json:"id,omitempty"`
+	IsOn        bool   `protobuf:"varint,2,opt,name=isOn,proto3" json:"isOn,omitempty"`
+	Name        string `protobuf:"bytes,3,opt,name=name,proto3" json:"name,omitempty"`
+	TimeBeginAt int64  `protobuf:"varint,4,opt,name=timeBeginAt,proto3" json:"timeBeginAt,omitempty"`
+	TimeEndAt   int64  `protobuf:"varint,5,opt,name=timeEndAt,proto3" json:"timeEndAt,omitempty"`
 }

 func (x *SSLCert) Reset() {
@@ -88,16 +90,34 @@ func (x *SSLCert) GetName() string {
 	return ""
 }

+func (x *SSLCert) GetTimeBeginAt() int64 {
+	if x != nil {
+		return x.TimeBeginAt
+	}
+	return 0
+}
+
+func (x *SSLCert) GetTimeEndAt() int64 {
+	if x != nil {
+		return x.TimeEndAt
+	}
+	return 0
+}
+
 var File_model_ssl_cert_proto protoreflect.FileDescriptor

 var file_model_ssl_cert_proto_rawDesc = []byte{
 	0x0a, 0x14, 0x6d, 0x6f, 0x64, 0x65, 0x6c, 0x5f, 0x73, 0x73, 0x6c, 0x5f, 0x63, 0x65, 0x72, 0x74,
-	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x02, 0x70, 0x62, 0x22, 0x41, 0x0a, 0x07, 0x53, 0x53,
-	0x4c, 0x43, 0x65, 0x72, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28,
-	0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x08, 0x52, 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61, 0x6d,
-	0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x42, 0x06, 0x5a,
-	0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x02, 0x70, 0x62, 0x22, 0x81, 0x01, 0x0a, 0x07, 0x53,
+	0x53, 0x4c, 0x43, 0x65, 0x72, 0x74, 0x12, 0x0e, 0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01,
+	0x28, 0x03, 0x52, 0x02, 0x69, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x18, 0x02,
+	0x20, 0x01, 0x28, 0x08, 0x52, 0x04, 0x69, 0x73, 0x4f, 0x6e, 0x12, 0x12, 0x0a, 0x04, 0x6e, 0x61,
+	0x6d, 0x65, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x20,
+	0x0a, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x42, 0x65, 0x67, 0x69, 0x6e, 0x41, 0x74, 0x18, 0x04, 0x20,
+	0x01, 0x28, 0x03, 0x52, 0x0b, 0x74, 0x69, 0x6d, 0x65, 0x42, 0x65, 0x67, 0x69, 0x6e, 0x41, 0x74,
+	0x12, 0x1c, 0x0a, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x45, 0x6e, 0x64, 0x41, 0x74, 0x18, 0x05, 0x20,
+	0x01, 0x28, 0x03, 0x52, 0x09, 0x74, 0x69, 0x6d, 0x65, 0x45, 0x6e, 0x64, 0x41, 0x74, 0x42, 0x06,
+	0x5a, 0x04, 0x2e, 0x2f, 0x70, 0x62, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }

 var (
--- a/pkg/rpc/protos/model_acme_task.proto
+++ b/pkg/rpc/protos/model_acme_task.proto
@@ -13,8 +13,7 @@ message ACMETask {
 	string dnsDomain = 3;
 	repeated string domains = 4;
 	int64 createdAt = 5;
-	bool isOk = 6;
-	bool autoRenew = 7;
+	bool autoRenew = 6;

 	ACMEUser acmeUser = 30;
 	DNSProvider dnsProvider = 31;
--- a/pkg/rpc/protos/model_ssl_cert.proto
+++ b/pkg/rpc/protos/model_ssl_cert.proto
@@ -7,4 +7,6 @@ message SSLCert {
 	int64 id = 1;
 	bool isOn = 2;
 	string name = 3;
+	int64 timeBeginAt = 4;
+	int64 timeEndAt = 5;
 }
--- a/pkg/serverconfigs/sslconfigs/ssl_cert_config.go
+++ b/pkg/serverconfigs/sslconfigs/ssl_cert_config.go
@@ -21,6 +21,7 @@ type SSLCertConfig struct {
 	KeyData     []byte `yaml:"keyData" json:"keyData"`         // 密钥数据
 	ServerName  string `yaml:"serverName" json:"serverName"`   // 证书使用的主机名，在请求TLS服务器时需要
 	IsCA        bool   `yaml:"isCA" json:"isCA"`               // 是否为CA证书
+	IsACME      bool   `yaml:"isACME" json:"isACME"`           // 是否通过ACME协议免费申请

 	// 以下是从证书中分析所得
 	TimeBeginAt int64    `yaml:"timeBeginAt" json:"timeBeginAt"`