wood/certimate
1
0
Fork 0
mirror of https://github.com/woodchen-ink/certimate.git synced 2025-07-19 09:51:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: uploading certificates duplicated to aliyun cas

Browse Source
This commit is contained in:
Fu Diwei 2025-06-27 13:30:01 +08:00 committed by RHQYZ
parent f29cdae648
commit d6882cbc4f
3 changed files with 94 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas.go
View File

@ -94,10 +94,20 @@ func (m *SSLManagerProvider) Upload(ctx context.Context, certPEM string, privkey
if listUserCertificateOrderResp.Body.CertificateOrderList != nil { if listUserCertificateOrderResp.Body.CertificateOrderList != nil {
for _, certOrder := range listUserCertificateOrderResp.Body.CertificateOrderList { for _, certOrder := range listUserCertificateOrderResp.Body.CertificateOrderList {
if !strings.EqualFold(certX509.SerialNumber.Text(16), *certOrder.SerialNo) { // 先对比证书通用名称
if !strings.EqualFold(certX509.Subject.CommonName, tea.StringValue(certOrder.CommonName)) {
continue continue
} }
// 再对比证书序列号
// 注意阿里云 CAS 会在序列号前补零,需去除后再比较
oldCertSN := strings.TrimLeft(tea.StringValue(certOrder.SerialNo), "0")
newCertSN := strings.TrimLeft(certX509.SerialNumber.Text(16), "0")
if !strings.EqualFold(newCertSN, oldCertSN) {
continue
}
// 最后对比证书内容
getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{ getUserCertificateDetailReq := &alicas.GetUserCertificateDetailRequest{
CertId: certOrder.CertificateId, CertId: certOrder.CertificateId,
} }

77
pkg/core/ssl-manager/providers/aliyun-cas/aliyun_cas_test.go Normal file
View File

@ -0,0 +1,77 @@
package aliyuncas_test
import (
"context"
"encoding/json"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/certimate-go/certimate/pkg/core/ssl-manager/providers/aliyun-cas"
)
var (
fInputCertPath string
fInputKeyPath string
fAccessKeyId string
fAccessKeySecret string
fRegion string
)
func init() {
argsPrefix := "CERTIMATE_SSLMANAGER_ALIYUNCAS_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fAccessKeyId, argsPrefix+"ACCESSKEYID", "", "")
flag.StringVar(&fAccessKeySecret, argsPrefix+"ACCESSKEYSECRET", "", "")
flag.StringVar(&fRegion, argsPrefix+"REGION", "", "")
}
/*
Shell command to run this test:
go test -v ./aliyun_cas_test.go -args \
--CERTIMATE_SSLMANAGER_ALIYUNCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_SSLMANAGER_ALIYUNCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_SSLMANAGER_ALIYUNCAS_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_SSLMANAGER_ALIYUNCAS_ACCESSKEYSECRET="your-access-key-secret" \
--CERTIMATE_SSLMANAGER_ALIYUNCAS_REGION="cn-hangzhou"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("ACCESSKEYID: %v", fAccessKeyId),
fmt.Sprintf("ACCESSKEYSECRET: %v", fAccessKeySecret),
fmt.Sprintf("REGION: %v", fRegion),
}, "\n"))
sslmanager, err := provider.NewSSLManagerProvider(&provider.SSLManagerProviderConfig{
AccessKeyId: fAccessKeyId,
AccessKeySecret: fAccessKeySecret,
Region: fRegion,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := sslmanager.Upload(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
sres, _ := json.Marshal(res)
t.Logf("ok: %s", string(sres))
})
}

12
pkg/core/ssl-manager/providers/baiducloud-cert/baiducloud_cert_test.go
View File

@ -20,7 +20,7 @@ var (
) )
func init() { func init() {
argsPrefix := "CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_" argsPrefix := "CERTIMATE_SSLMANAGER_BAIDUCLOUDCERT_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "") flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "") flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
@ -31,11 +31,11 @@ func init() {
/* /*
Shell command to run this test: Shell command to run this test:
go test -v ./baiducloud_cas_test.go -args \ go test -v ./baiducloud_cert_test.go -args \
--CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTCERTPATH="/path/to/your-input-cert.pem" \ --CERTIMATE_SSLMANAGER_BAIDUCLOUDCERT_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_INPUTKEYPATH="/path/to/your-input-key.pem" \ --CERTIMATE_SSLMANAGER_BAIDUCLOUDCERT_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_ACCESSKEYID="your-access-key-id" \ --CERTIMATE_SSLMANAGER_BAIDUCLOUDCERT_ACCESSKEYID="your-access-key-id" \
--CERTIMATE_SSLMANAGER_BAIDUCLOUDCAS_SECRETACCESSKEY="your-access-key-secret" --CERTIMATE_SSLMANAGER_BAIDUCLOUDCERT_SECRETACCESSKEY="your-access-key-secret"
*/ */
func TestDeploy(t *testing.T) { func TestDeploy(t *testing.T) {
flag.Parse() flag.Parse()