mirror of
https://github.com/certd/certd.git
synced 2026-04-14 20:40:53 +08:00
docs: 证书说明
This commit is contained in:
xiaojunnuo
@@ -24,10 +24,11 @@ export type DomainsVerifyPlan = {
|
||||
};
|
||||
|
||||
export type CertInfo = {
|
||||
crt: string;
|
||||
key: string;
|
||||
csr: string;
|
||||
ic?: string;
|
||||
crt: string; //fullchain证书
|
||||
key: string; //私钥
|
||||
csr: string; //csr
|
||||
oc?: string; //仅证书,非fullchain证书
|
||||
ic?: string; //中间证书
|
||||
pfx?: string;
|
||||
der?: string;
|
||||
jks?: string;
|
||||
|
||||
@@ -191,7 +191,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
|
||||
zip.file("cert.crt", cert.crt);
|
||||
zip.file("cert.key", cert.key);
|
||||
zip.file("intermediate.crt", cert.ic);
|
||||
|
||||
zip.file("origin.crt", cert.oc);
|
||||
if (cert.pfx) {
|
||||
zip.file("cert.pfx", Buffer.from(cert.pfx, "base64"));
|
||||
}
|
||||
@@ -201,6 +201,20 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
|
||||
if (cert.jks) {
|
||||
zip.file("cert.jks", Buffer.from(cert.jks, "base64"));
|
||||
}
|
||||
|
||||
zip.file(
|
||||
"说明.txt",
|
||||
`证书文件说明
|
||||
cert.crt:证书文件,包含证书链,pem格式
|
||||
cert.key:私钥文件,pem格式
|
||||
intermediate.crt:中间证书文件,pem格式
|
||||
origin.crt:原始证书文件,不含证书链,pem格式
|
||||
cert.pfx:pfx格式证书文件,iis服务器使用
|
||||
cert.der:der格式证书文件
|
||||
cert.jks:jks格式证书文件,java服务器使用
|
||||
`
|
||||
);
|
||||
|
||||
const content = await zip.generateAsync({ type: "nodebuffer" });
|
||||
this.saveFile(filename, content);
|
||||
this.logger.info(`已保存文件:${filename}`);
|
||||
|
||||
@@ -10,6 +10,7 @@ export type CertReaderHandleContext = {
|
||||
reader: CertReader;
|
||||
tmpCrtPath: string;
|
||||
tmpKeyPath: string;
|
||||
tmpOcPath?: string;
|
||||
tmpPfxPath?: string;
|
||||
tmpDerPath?: string;
|
||||
tmpIcPath?: string;
|
||||
@@ -19,6 +20,7 @@ export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
|
||||
export type HandleOpts = { logger: ILogger; handle: CertReaderHandle };
|
||||
export class CertReader {
|
||||
cert: CertInfo;
|
||||
oc: string; //仅证书,非fullchain证书
|
||||
crt: string;
|
||||
key: string;
|
||||
csr: string;
|
||||
@@ -38,6 +40,12 @@ export class CertReader {
|
||||
this.cert.ic = this.ic;
|
||||
}
|
||||
|
||||
this.oc = certInfo.oc;
|
||||
if (!this.oc) {
|
||||
this.oc = this.getOc();
|
||||
this.cert.oc = this.oc;
|
||||
}
|
||||
|
||||
const { detail, expires } = this.getCrtDetail(this.cert.crt);
|
||||
this.detail = detail;
|
||||
this.expires = expires.getTime();
|
||||
@@ -56,6 +64,13 @@ export class CertReader {
|
||||
return ic.trim();
|
||||
}
|
||||
|
||||
getOc() {
|
||||
//原始证书 就是crt的第一个 -----END CERTIFICATE----- 之前的内容
|
||||
const endStr = "-----END CERTIFICATE-----";
|
||||
const arr = this.crt.split(endStr);
|
||||
return arr[0] + endStr;
|
||||
}
|
||||
|
||||
toCertInfo(): CertInfo {
|
||||
return this.cert;
|
||||
}
|
||||
@@ -73,7 +88,7 @@ export class CertReader {
|
||||
return domains;
|
||||
}
|
||||
|
||||
saveToFile(type: "crt" | "key" | "pfx" | "der" | "ic" | "jks", filepath?: string) {
|
||||
saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "ic" | "jks", filepath?: string) {
|
||||
if (!this.cert[type]) {
|
||||
return;
|
||||
}
|
||||
@@ -87,7 +102,7 @@ export class CertReader {
|
||||
if (!fs.existsSync(dir)) {
|
||||
fs.mkdirSync(dir, { recursive: true });
|
||||
}
|
||||
if (type === "crt" || type === "key" || type === "ic") {
|
||||
if (type === "crt" || type === "key" || type === "ic" || type === "oc") {
|
||||
fs.writeFileSync(filepath, this.cert[type]);
|
||||
} else {
|
||||
fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64"));
|
||||
@@ -102,9 +117,10 @@ export class CertReader {
|
||||
const tmpKeyPath = this.saveToFile("key");
|
||||
const tmpPfxPath = this.saveToFile("pfx");
|
||||
const tmpIcPath = this.saveToFile("ic");
|
||||
logger.info("本地文件写入成功");
|
||||
const tmpOcPath = this.saveToFile("oc");
|
||||
const tmpDerPath = this.saveToFile("der");
|
||||
const tmpJksPath = this.saveToFile("jks");
|
||||
logger.info("本地文件写入成功");
|
||||
try {
|
||||
return await opts.handle({
|
||||
reader: this,
|
||||
@@ -114,6 +130,7 @@ export class CertReader {
|
||||
tmpDerPath: tmpDerPath,
|
||||
tmpIcPath: tmpIcPath,
|
||||
tmpJksPath: tmpJksPath,
|
||||
tmpOcPath: tmpOcPath,
|
||||
});
|
||||
} catch (err) {
|
||||
throw err;
|
||||
@@ -128,6 +145,7 @@ export class CertReader {
|
||||
removeFile(tmpCrtPath);
|
||||
removeFile(tmpKeyPath);
|
||||
removeFile(tmpPfxPath);
|
||||
removeFile(tmpOcPath);
|
||||
removeFile(tmpDerPath);
|
||||
removeFile(tmpIcPath);
|
||||
removeFile(tmpJksPath);
|
||||
|
||||
Reference in New Issue
Block a user