8x48/acme.sh
1
0
Fork 0
mirror of https://github.com/acmesh-official/acme.sh.git synced 2026-05-18 11:53:56 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update deploy/byteplus_alb.sh

Browse Source 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
ACHMAD ALIF NASRULLOH
2026-04-09 13:42:55 +07:00
committed by neil
parent 75642a1252
commit a739bf3e3a
1 changed files with 4 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
deploy/byteplus_alb.sh
View File

@@ -213,43 +213,10 @@ _byteplus_first_time_deploy() {
_byteplus_renewal_deploy() {
_info "Replacing old certificate '$_old_cert_id' (UpdateMode=new)..."
if [ -n "$BYTEPLUS_PROJECT_NAME" ]; then
_replace_response=$(_byteplus_alb_api "ReplaceCertificate" \
"OldCertificateId=${_old_cert_id}" \
"UpdateMode=new" \
"CertificateName=${BYTEPLUS_CERT_NAME}" \
"ProjectName=${BYTEPLUS_PROJECT_NAME}" \
"PublicKey=${_public_key}" \
"PrivateKey=${_private_key}")
else
_replace_response=$(_byteplus_alb_api "ReplaceCertificate" \
"OldCertificateId=${_old_cert_id}" \
"UpdateMode=new" \
"CertificateName=${BYTEPLUS_CERT_NAME}" \
"PublicKey=${_public_key}" \
"PrivateKey=${_private_key}")
fi
_debug2 _replace_response "$_replace_response"
_new_cert_id=$(_byteplus_extract_cert_id "$_replace_response")
if [ -z "$_new_cert_id" ]; then
_err "ReplaceCertificate failed: $(_byteplus_extract_error "$_replace_response")"
_debug2 "Full response" "$_replace_response"
return 1
fi
_info "Certificate replaced successfully on all attached listeners."
_info "New CertificateId: $_new_cert_id"
# Auto-cleanup old certificate
if [ "$BYTEPLUS_DELETE_OLD_CERT" = "true" ]; then
_byteplus_delete_old_cert "$_old_cert_id"
else
_info "Auto-delete disabled. Old certificate '$_old_cert_id' kept in inventory."
fi
_err "Refusing to replace certificate material because this hook passes PublicKey/PrivateKey as request parameters."
_err "Uploading a private key in the request URL can leak it via logs, proxies, and process listings."
_err "Please replace the certificate in BytePlus manually for renewal until this hook is updated to send PublicKey and PrivateKey in a POST body safely."
return 1
}
# ══════════════════════════════════════════════════════════════════════════════