lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-24 20:57:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

perf: 支持letencrypt测试环境,支持IP证书?

Browse Source
This commit is contained in:
xiaojunnuo
2025-11-11 00:32:43 +08:00
parent aac569a925
commit 1462cddd1e
4 changed files with 13 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/core/acme-client/src/index.js
+3
View File
@@ -21,6 +21,9 @@ export const directory = {
staging: 'https://acme-staging-v02.api.letsencrypt.org/directory', staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
production: 'https://acme-v02.api.letsencrypt.org/directory', production: 'https://acme-v02.api.letsencrypt.org/directory',
}, },
letsencrypt_staging: {
production: 'https://acme-staging-v02.api.letsencrypt.org/directory',
},
zerossl: { zerossl: {
staging: 'https://acme.zerossl.com/v2/DV90', staging: 'https://acme.zerossl.com/v2/DV90',
production: 'https://acme.zerossl.com/v2/DV90', production: 'https://acme.zerossl.com/v2/DV90',
packages/core/acme-client/types/index.d.ts
Vendored
+3
View File
@@ -108,6 +108,9 @@ export const directory: {
staging: string, staging: string,
production: string production: string
}, },
letsencrypt_staging: {
production: string
},
zerossl: { zerossl: {
staging: string, staging: string,
production: string production: string
packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+5 -11
View File
@@ -50,7 +50,7 @@ export type CertInfo = {
one?: string; one?: string;
p7b?: string; p7b?: string;
}; };
export type SSLProvider = "letsencrypt" | "google" | "zerossl" | "sslcom"; export type SSLProvider = "letsencrypt" | "google" | "zerossl" | "sslcom" | "letsencrypt_staging";
export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521"; export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
type AcmeServiceOptions = { type AcmeServiceOptions = {
userContext: IContext; userContext: IContext;
@@ -111,7 +111,7 @@ export class AcmeService {
await this.userContext.setObj(this.buildAccountKey(email), conf); await this.userContext.setObj(this.buildAccountKey(email), conf);
} }
async getAcmeClient(email: string, isTest = false): Promise<acme.Client> { async getAcmeClient(email: string): Promise<acme.Client> {
const mappings = {}; const mappings = {};
if (this.sslProvider === "letsencrypt") { if (this.sslProvider === "letsencrypt") {
mappings["acme-v02.api.letsencrypt.org"] = this.options.reverseProxy || "le.px.certd.handfree.work"; mappings["acme-v02.api.letsencrypt.org"] = this.options.reverseProxy || "le.px.certd.handfree.work";
@@ -128,12 +128,7 @@ export class AcmeService {
await this.saveAccountConfig(email, conf); await this.saveAccountConfig(email, conf);
this.logger.info(`创建新的Accountkey:${email}`); this.logger.info(`创建新的Accountkey:${email}`);
} }
let directoryUrl = ""; const directoryUrl = acme.directory[this.sslProvider].production;
if (isTest) {
directoryUrl = acme.directory[this.sslProvider].staging;
} else {
directoryUrl = acme.directory[this.sslProvider].production;
}
if (this.options.useMappingProxy) { if (this.options.useMappingProxy) {
urlMapping.enabled = true; urlMapping.enabled = true;
} else { } else {
@@ -327,13 +322,12 @@ export class AcmeService {
domainsVerifyPlan?: DomainsVerifyPlan; domainsVerifyPlan?: DomainsVerifyPlan;
httpUploader?: any; httpUploader?: any;
csrInfo: any; csrInfo: any;
isTest?: boolean;
privateKeyType?: string; privateKeyType?: string;
profile?: string; profile?: string;
preferredChain?: string; preferredChain?: string;
}): Promise<CertInfo> { }): Promise<CertInfo> {
const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options; const { email, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options;
const client: acme.Client = await this.getAcmeClient(email, isTest); const client: acme.Client = await this.getAcmeClient(email);
let domains = options.domains; let domains = options.domains;
const encodingDomains = []; const encodingDomains = [];
packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+2 -2
View File
@@ -137,6 +137,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
{ value: "google", label: "Google(免费)", icon: "flat-color-icons:google" }, { value: "google", label: "Google(免费)", icon: "flat-color-icons:google" },
{ value: "zerossl", label: "ZeroSSL(免费)", icon: "emojione:digit-zero" }, { value: "zerossl", label: "ZeroSSL(免费)", icon: "emojione:digit-zero" },
{ value: "sslcom", label: "SSL.com(仅主域名和www免费)", icon: "la:expeditedssl" }, { value: "sslcom", label: "SSL.com(仅主域名和www免费)", icon: "la:expeditedssl" },
{ value: "letsencrypt_staging", label: "Let's Encrypt测试环境(IP证书)", icon: "simple-icons:letsencrypt" },
], ],
}, },
helper: "Let's Encrypt:申请最简单\nGoogle:大厂光环,兼容性好,仅首次需要翻墙获取EAB授权\nZeroSSL:需要EAB授权,无需翻墙\nSSL.com:仅主域名和www免费,必须设置CAA记录", helper: "Let's Encrypt:申请最简单\nGoogle:大厂光环,兼容性好,仅首次需要翻墙获取EAB授权\nZeroSSL:需要EAB授权,无需翻墙\nSSL.com:仅主域名和www免费,必须设置CAA记录",
@@ -412,7 +413,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
async onInit() { async onInit() {
let eab: EabAccess = null; let eab: EabAccess = null;
if (this.sslProvider && this.sslProvider !== "letsencrypt") { if (this.sslProvider && !this.sslProvider.startsWith("letsencrypt")) {
if (this.sslProvider === "google" && this.googleAccessId) { if (this.sslProvider === "google" && this.googleAccessId) {
this.logger.info("当前正在使用 google服务账号授权获取EAB"); this.logger.info("当前正在使用 google服务账号授权获取EAB");
const googleAccess = await this.getAccess(this.googleAccessId); const googleAccess = await this.getAccess(this.googleAccessId);
@@ -495,7 +496,6 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
dnsProvider, dnsProvider,
domainsVerifyPlan, domainsVerifyPlan,
csrInfo, csrInfo,
isTest: false,
privateKeyType: this.privateKeyType, privateKeyType: this.privateKeyType,
profile: this.certProfile, profile: this.certProfile,
preferredChain: this.preferredChain, preferredChain: this.preferredChain,