mirror of
https://github.com/acmesh-official/acme.sh.git
synced 2026-01-03 03:09:41 +08:00
Compare commits
13 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
045e4dee2e | ||
|
|
06d9ca61a3 | ||
|
|
dc6a996cc3 | ||
|
|
b08bb2ef69 | ||
|
|
2ad984d8ad | ||
|
|
e260b86414 | ||
|
|
d795cb4850 | ||
|
|
10126410b6 | ||
|
|
f4a575fee1 | ||
|
|
ee661e5d71 | ||
|
|
5ddffc9172 | ||
|
|
40dd085ef8 | ||
|
|
d5b5bcef56 |
2
.github/workflows/DNS.yml
vendored
2
.github/workflows/DNS.yml
vendored
@@ -539,7 +539,7 @@ jobs:
|
|||||||
- uses: actions/checkout@v4
|
- uses: actions/checkout@v4
|
||||||
- name: Clone acmetest
|
- name: Clone acmetest
|
||||||
run: cd .. && git clone --depth=1 https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/
|
run: cd .. && git clone --depth=1 https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/
|
||||||
- uses: vmactions/openindiana-vm@v0
|
- uses: vmactions/openindiana-vm@v1
|
||||||
with:
|
with:
|
||||||
envs: 'TEST_DNS TestingDomain TEST_DNS_NO_WILDCARD TEST_DNS_NO_SUBDOMAIN TEST_DNS_SLEEP CASE TEST_LOCAL DEBUG http_proxy https_proxy HTTPS_INSECURE TokenName1 TokenName2 TokenName3 TokenName4 TokenName5 ${{ secrets.TokenName1}} ${{ secrets.TokenName2}} ${{ secrets.TokenName3}} ${{ secrets.TokenName4}} ${{ secrets.TokenName5}}'
|
envs: 'TEST_DNS TestingDomain TEST_DNS_NO_WILDCARD TEST_DNS_NO_SUBDOMAIN TEST_DNS_SLEEP CASE TEST_LOCAL DEBUG http_proxy https_proxy HTTPS_INSECURE TokenName1 TokenName2 TokenName3 TokenName4 TokenName5 ${{ secrets.TokenName1}} ${{ secrets.TokenName2}} ${{ secrets.TokenName3}} ${{ secrets.TokenName4}} ${{ secrets.TokenName5}}'
|
||||||
sync: nfs
|
sync: nfs
|
||||||
|
|||||||
2
.github/workflows/OpenIndiana.yml
vendored
2
.github/workflows/OpenIndiana.yml
vendored
@@ -61,7 +61,7 @@ jobs:
|
|||||||
run: echo "TestingDomain=${{steps.tunnel.outputs.server}}" >> $GITHUB_ENV
|
run: echo "TestingDomain=${{steps.tunnel.outputs.server}}" >> $GITHUB_ENV
|
||||||
- name: Clone acmetest
|
- name: Clone acmetest
|
||||||
run: cd .. && git clone --depth=1 https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/
|
run: cd .. && git clone --depth=1 https://github.com/acmesh-official/acmetest.git && cp -r acme.sh acmetest/
|
||||||
- uses: vmactions/openindiana-vm@v0
|
- uses: vmactions/openindiana-vm@v1
|
||||||
with:
|
with:
|
||||||
envs: 'TEST_LOCAL TestingDomain TEST_ACME_Server CA_ECDSA CA CA_EMAIL TEST_PREFERRED_CHAIN ACME_USE_WGET'
|
envs: 'TEST_LOCAL TestingDomain TEST_ACME_Server CA_ECDSA CA CA_EMAIL TEST_PREFERRED_CHAIN ACME_USE_WGET'
|
||||||
nat: |
|
nat: |
|
||||||
|
|||||||
38
acme.sh
38
acme.sh
@@ -2783,6 +2783,7 @@ _clearAPI() {
|
|||||||
ACME_REVOKE_CERT=""
|
ACME_REVOKE_CERT=""
|
||||||
ACME_NEW_NONCE=""
|
ACME_NEW_NONCE=""
|
||||||
ACME_AGREEMENT=""
|
ACME_AGREEMENT=""
|
||||||
|
ACME_RENEWAL_INFO=""
|
||||||
}
|
}
|
||||||
|
|
||||||
#server
|
#server
|
||||||
@@ -2827,6 +2828,9 @@ _initAPI() {
|
|||||||
ACME_AGREEMENT=$(echo "$response" | _egrep_o 'termsOfService" *: *"[^"]*"' | cut -d '"' -f 3)
|
ACME_AGREEMENT=$(echo "$response" | _egrep_o 'termsOfService" *: *"[^"]*"' | cut -d '"' -f 3)
|
||||||
export ACME_AGREEMENT
|
export ACME_AGREEMENT
|
||||||
|
|
||||||
|
ACME_RENEWAL_INFO=$(echo "$response" | _egrep_o 'renewalInfo" *: *"[^"]*"' | cut -d '"' -f 3)
|
||||||
|
export ACME_RENEWAL_INFO
|
||||||
|
|
||||||
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
|
_debug "ACME_KEY_CHANGE" "$ACME_KEY_CHANGE"
|
||||||
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
|
_debug "ACME_NEW_AUTHZ" "$ACME_NEW_AUTHZ"
|
||||||
_debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
|
_debug "ACME_NEW_ORDER" "$ACME_NEW_ORDER"
|
||||||
@@ -2834,6 +2838,7 @@ _initAPI() {
|
|||||||
_debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT"
|
_debug "ACME_REVOKE_CERT" "$ACME_REVOKE_CERT"
|
||||||
_debug "ACME_AGREEMENT" "$ACME_AGREEMENT"
|
_debug "ACME_AGREEMENT" "$ACME_AGREEMENT"
|
||||||
_debug "ACME_NEW_NONCE" "$ACME_NEW_NONCE"
|
_debug "ACME_NEW_NONCE" "$ACME_NEW_NONCE"
|
||||||
|
_debug "ACME_RENEWAL_INFO" "$ACME_RENEWAL_INFO"
|
||||||
if [ "$ACME_NEW_ACCOUNT" ] && [ "$ACME_NEW_ORDER" ]; then
|
if [ "$ACME_NEW_ACCOUNT" ] && [ "$ACME_NEW_ORDER" ]; then
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
@@ -5840,7 +5845,8 @@ list() {
|
|||||||
if [ -z "$_domain" ]; then
|
if [ -z "$_domain" ]; then
|
||||||
printf "%s\n" "Main_Domain${_sep}KeyLength${_sep}SAN_Domains${_sep}Profile${_sep}CA${_sep}Created${_sep}Renew"
|
printf "%s\n" "Main_Domain${_sep}KeyLength${_sep}SAN_Domains${_sep}Profile${_sep}CA${_sep}Created${_sep}Renew"
|
||||||
fi
|
fi
|
||||||
for di in "${CERT_HOME}"/{*.*,*:*}/; do
|
for di in "${CERT_HOME}"/*.* "${CERT_HOME}"/*:*; do
|
||||||
|
[ -d "$di" ] || continue
|
||||||
d=$(basename "$di")
|
d=$(basename "$di")
|
||||||
_debug d "$d"
|
_debug d "$d"
|
||||||
(
|
(
|
||||||
@@ -6537,6 +6543,36 @@ deactivate() {
|
|||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#cert
|
||||||
|
_getAKI() {
|
||||||
|
_cert="$1"
|
||||||
|
openssl x509 -in "$_cert" -text -noout | grep "X509v3 Authority Key Identifier" -A 1 | _tail_n 1 | tr -d ' :'
|
||||||
|
}
|
||||||
|
|
||||||
|
#cert
|
||||||
|
_getSerial() {
|
||||||
|
_cert="$1"
|
||||||
|
openssl x509 -in "$_cert" -serial -noout | cut -d = -f 2
|
||||||
|
}
|
||||||
|
|
||||||
|
#cert
|
||||||
|
_get_ARI() {
|
||||||
|
_cert="$1"
|
||||||
|
_aki=$(_getAKI "$_cert")
|
||||||
|
_ser=$(_getSerial "$_cert")
|
||||||
|
_debug2 "_aki" "$_aki"
|
||||||
|
_debug2 "_ser" "$_ser"
|
||||||
|
|
||||||
|
_akiurl="$(echo "$_aki" | _h2b | _base64 | tr -d = | _url_encode)"
|
||||||
|
_debug2 "_akiurl" "$_akiurl"
|
||||||
|
_serurl="$(echo "$_ser" | _h2b | _base64 | tr -d = | _url_encode)"
|
||||||
|
_debug2 "_serurl" "$_serurl"
|
||||||
|
|
||||||
|
_ARI_URL="$ACME_RENEWAL_INFO/$_akiurl.$_serurl"
|
||||||
|
_get "$_ARI_URL"
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
# Detect profile file if not specified as environment variable
|
# Detect profile file if not specified as environment variable
|
||||||
_detect_profile() {
|
_detect_profile() {
|
||||||
if [ -n "$PROFILE" -a -f "$PROFILE" ]; then
|
if [ -n "$PROFILE" -a -f "$PROFILE" ]; then
|
||||||
|
|||||||
@@ -8,6 +8,8 @@
|
|||||||
# export QINIU_CDN_DOMAIN="cdn.example.com"
|
# export QINIU_CDN_DOMAIN="cdn.example.com"
|
||||||
# If you have more than one domain, just
|
# If you have more than one domain, just
|
||||||
# export QINIU_CDN_DOMAIN="cdn1.example.com cdn2.example.com"
|
# export QINIU_CDN_DOMAIN="cdn1.example.com cdn2.example.com"
|
||||||
|
# Optional: force HTTPS redirect (default: false)
|
||||||
|
# export QINIU_FORCE_HTTPS="true"
|
||||||
|
|
||||||
QINIU_API_BASE="https://api.qiniu.com"
|
QINIU_API_BASE="https://api.qiniu.com"
|
||||||
|
|
||||||
@@ -44,6 +46,12 @@ qiniu_deploy() {
|
|||||||
QINIU_CDN_DOMAIN="$_cdomain"
|
QINIU_CDN_DOMAIN="$_cdomain"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -z "$QINIU_FORCE_HTTPS" ]; then
|
||||||
|
QINIU_FORCE_HTTPS="false"
|
||||||
|
else
|
||||||
|
_savedomainconf QINIU_FORCE_HTTPS "$QINIU_FORCE_HTTPS"
|
||||||
|
fi
|
||||||
|
|
||||||
## upload certificate
|
## upload certificate
|
||||||
string_fullchain=$(sed 's/$/\\n/' "$_cfullchain" | tr -d '\n')
|
string_fullchain=$(sed 's/$/\\n/' "$_cfullchain" | tr -d '\n')
|
||||||
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n')
|
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n')
|
||||||
@@ -69,7 +77,7 @@ qiniu_deploy() {
|
|||||||
_debug certId "$_certId"
|
_debug certId "$_certId"
|
||||||
|
|
||||||
## update domain ssl config
|
## update domain ssl config
|
||||||
update_body="{\"certid\":$_certId,\"forceHttps\":false}"
|
update_body="{\"certid\":$_certId,\"forceHttps\":$QINIU_FORCE_HTTPS}"
|
||||||
for domain in $QINIU_CDN_DOMAIN; do
|
for domain in $QINIU_CDN_DOMAIN; do
|
||||||
update_path="/domain/$domain/httpsconf"
|
update_path="/domain/$domain/httpsconf"
|
||||||
update_access_token="$(_make_access_token "$update_path")"
|
update_access_token="$(_make_access_token "$update_path")"
|
||||||
|
|||||||
Reference in New Issue
Block a user