(http *gin.Context)
| 245 | } |
| 246 | |
| 247 | func (self SiteCert) Import(http *gin.Context) { |
| 248 | type ParamsValidate struct { |
| 249 | SslKeyContent string `json:"sslKeyContent" binding:"required"` |
| 250 | SslCrtContent string `json:"sslCrtContent" binding:"required"` |
| 251 | } |
| 252 | params := ParamsValidate{} |
| 253 | if !self.Validate(http, ¶ms) { |
| 254 | return |
| 255 | } |
| 256 | var errInvalidCertFile = errors.New("invalid cert file") |
| 257 | |
| 258 | // 遍历 PEM 数据块 |
| 259 | var block *pem.Block |
| 260 | block, _ = pem.Decode([]byte(params.SslCrtContent)) |
| 261 | if block == nil || block.Type != "CERTIFICATE" { |
| 262 | self.JsonResponseWithError(http, errInvalidCertFile, 500) |
| 263 | return |
| 264 | } |
| 265 | cert, err := x509.ParseCertificate(block.Bytes) |
| 266 | if err != nil { |
| 267 | self.JsonResponseWithError(http, err, 500) |
| 268 | return |
| 269 | } |
| 270 | keyAlgorithm := "unknown" |
| 271 | switch cert.PublicKey.(type) { |
| 272 | case *rsa.PublicKey: |
| 273 | keyAlgorithm = "rsa-2048" |
| 274 | break |
| 275 | case *ecdsa.PublicKey: |
| 276 | keyAlgorithm = "ec-256" |
| 277 | break |
| 278 | } |
| 279 | if len(cert.DNSNames) <= 0 { |
| 280 | self.JsonResponseWithError(http, function.ErrorMessage(define.ErrorMessageSiteDomainCertHasNotDNSName), 500) |
| 281 | return |
| 282 | } |
| 283 | mainDomain := cert.DNSNames[0] |
| 284 | sanDomain := "no" |
| 285 | if len(cert.DNSNames) > 1 { |
| 286 | sanDomain = strings.Join(function.PluckArrayWalk(cert.DNSNames, func(i string) (string, bool) { |
| 287 | if i == mainDomain { |
| 288 | return "", false |
| 289 | } |
| 290 | return i, true |
| 291 | }), ",") |
| 292 | } |
| 293 | // 创建单个证书的配置 map |
| 294 | certConfig := []string{ |
| 295 | fmt.Sprintf("Le_Domain='%s'", mainDomain), |
| 296 | fmt.Sprintf("Le_Alt='%s'", sanDomain), |
| 297 | fmt.Sprintf("Le_API='import'"), |
| 298 | fmt.Sprintf("Le_Keylength='%s'", keyAlgorithm), |
| 299 | fmt.Sprintf("Le_CertCreateTime='%d'", cert.NotBefore.Unix()), |
| 300 | fmt.Sprintf("Le_CertCreateTimeStr='%s'", cert.NotBefore.Format(time.RFC3339)), |
| 301 | fmt.Sprintf("Le_NextRenewTime='%d'", cert.NotAfter.Unix()), |
| 302 | fmt.Sprintf("Le_NextRenewTimeStr='%s'", cert.NotAfter.Format(time.RFC3339)), |
| 303 | fmt.Sprintf("Le_SerialNumber='%s'", cert.SerialNumber.String()), |
| 304 | } |
nothing calls this directly
no test coverage detected