lkddi/certd
1
0
Fork 0
mirror of https://github.com/certd/certd.git synced 2026-04-24 20:57:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

docs: 证书说明

Browse Source
This commit is contained in:
xiaojunnuo
2024-12-12 16:45:40 +08:00
parent f6fa830ffe
commit ea8fdb120c
3 changed files with 41 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+5 -4
View File
@@ -24,10 +24,11 @@ export type DomainsVerifyPlan = {
}; };
export type CertInfo = { export type CertInfo = {
crt: string; crt: string; //fullchain证书
key: string; key: string; //私钥
csr: string; csr: string; //csr
ic?: string; oc?: string; //仅证书,非fullchain证书
ic?: string; //中间证书
pfx?: string; pfx?: string;
der?: string; der?: string;
jks?: string; jks?: string;
packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
+15 -1
View File
@@ -191,7 +191,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
zip.file("cert.crt", cert.crt); zip.file("cert.crt", cert.crt);
zip.file("cert.key", cert.key); zip.file("cert.key", cert.key);
zip.file("intermediate.crt", cert.ic); zip.file("intermediate.crt", cert.ic);
zip.file("origin.crt", cert.oc);
if (cert.pfx) { if (cert.pfx) {
zip.file("cert.pfx", Buffer.from(cert.pfx, "base64")); zip.file("cert.pfx", Buffer.from(cert.pfx, "base64"));
} }
@@ -201,6 +201,20 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
if (cert.jks) { if (cert.jks) {
zip.file("cert.jks", Buffer.from(cert.jks, "base64")); zip.file("cert.jks", Buffer.from(cert.jks, "base64"));
} }
zip.file(
"说明.txt",
`证书文件说明
cert.crt:证书文件,包含证书链,pem格式
cert.key:私钥文件,pem格式
intermediate.crt:中间证书文件,pem格式
origin.crt:原始证书文件,不含证书链,pem格式
cert.pfxpfx格式证书文件,iis服务器使用
cert.derder格式证书文件
cert.jksjks格式证书文件,java服务器使用
`
);
const content = await zip.generateAsync({ type: "nodebuffer" }); const content = await zip.generateAsync({ type: "nodebuffer" });
this.saveFile(filename, content); this.saveFile(filename, content);
this.logger.info(`已保存文件:${filename}`); this.logger.info(`已保存文件:${filename}`);
packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
+21 -3
View File
@@ -10,6 +10,7 @@ export type CertReaderHandleContext = {
reader: CertReader; reader: CertReader;
tmpCrtPath: string; tmpCrtPath: string;
tmpKeyPath: string; tmpKeyPath: string;
tmpOcPath?: string;
tmpPfxPath?: string; tmpPfxPath?: string;
tmpDerPath?: string; tmpDerPath?: string;
tmpIcPath?: string; tmpIcPath?: string;
@@ -19,6 +20,7 @@ export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
export type HandleOpts = { logger: ILogger; handle: CertReaderHandle }; export type HandleOpts = { logger: ILogger; handle: CertReaderHandle };
export class CertReader { export class CertReader {
cert: CertInfo; cert: CertInfo;
oc: string; //仅证书,非fullchain证书
crt: string; crt: string;
key: string; key: string;
csr: string; csr: string;
@@ -38,6 +40,12 @@ export class CertReader {
this.cert.ic = this.ic; this.cert.ic = this.ic;
} }
this.oc = certInfo.oc;
if (!this.oc) {
this.oc = this.getOc();
this.cert.oc = this.oc;
}
const { detail, expires } = this.getCrtDetail(this.cert.crt); const { detail, expires } = this.getCrtDetail(this.cert.crt);
this.detail = detail; this.detail = detail;
this.expires = expires.getTime(); this.expires = expires.getTime();
@@ -56,6 +64,13 @@ export class CertReader {
return ic.trim(); return ic.trim();
} }
getOc() {
//原始证书 就是crt的第一个 -----END CERTIFICATE----- 之前的内容
const endStr = "-----END CERTIFICATE-----";
const arr = this.crt.split(endStr);
return arr[0] + endStr;
}
toCertInfo(): CertInfo { toCertInfo(): CertInfo {
return this.cert; return this.cert;
} }
@@ -73,7 +88,7 @@ export class CertReader {
return domains; return domains;
} }
saveToFile(type: "crt" | "key" | "pfx" | "der" | "ic" | "jks", filepath?: string) { saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "ic" | "jks", filepath?: string) {
if (!this.cert[type]) { if (!this.cert[type]) {
return; return;
} }
@@ -87,7 +102,7 @@ export class CertReader {
if (!fs.existsSync(dir)) { if (!fs.existsSync(dir)) {
fs.mkdirSync(dir, { recursive: true }); fs.mkdirSync(dir, { recursive: true });
} }
if (type === "crt" || type === "key" || type === "ic") { if (type === "crt" || type === "key" || type === "ic" || type === "oc") {
fs.writeFileSync(filepath, this.cert[type]); fs.writeFileSync(filepath, this.cert[type]);
} else { } else {
fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64")); fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64"));
@@ -102,9 +117,10 @@ export class CertReader {
const tmpKeyPath = this.saveToFile("key"); const tmpKeyPath = this.saveToFile("key");
const tmpPfxPath = this.saveToFile("pfx"); const tmpPfxPath = this.saveToFile("pfx");
const tmpIcPath = this.saveToFile("ic"); const tmpIcPath = this.saveToFile("ic");
logger.info("本地文件写入成功"); const tmpOcPath = this.saveToFile("oc");
const tmpDerPath = this.saveToFile("der"); const tmpDerPath = this.saveToFile("der");
const tmpJksPath = this.saveToFile("jks"); const tmpJksPath = this.saveToFile("jks");
logger.info("本地文件写入成功");
try { try {
return await opts.handle({ return await opts.handle({
reader: this, reader: this,
@@ -114,6 +130,7 @@ export class CertReader {
tmpDerPath: tmpDerPath, tmpDerPath: tmpDerPath,
tmpIcPath: tmpIcPath, tmpIcPath: tmpIcPath,
tmpJksPath: tmpJksPath, tmpJksPath: tmpJksPath,
tmpOcPath: tmpOcPath,
}); });
} catch (err) { } catch (err) {
throw err; throw err;
@@ -128,6 +145,7 @@ export class CertReader {
removeFile(tmpCrtPath); removeFile(tmpCrtPath);
removeFile(tmpKeyPath); removeFile(tmpKeyPath);
removeFile(tmpPfxPath); removeFile(tmpPfxPath);
removeFile(tmpOcPath);
removeFile(tmpDerPath); removeFile(tmpDerPath);
removeFile(tmpIcPath); removeFile(tmpIcPath);
removeFile(tmpJksPath); removeFile(tmpJksPath);