feat: support SAN certification #49

2025-05-12 02:45:49 +02:00 · 2023-01-01 13:13:35 +08:00 · 2023-01-01 13:13:35 +08:00 · 42d832cd9f
commit 42d832cd9f
parent e9f0835aea
4 changed files with 376 additions and 369 deletions
--- a/server/api/cert.go
+++ b/server/api/cert.go
@ -98,7 +98,7 @@ func IssueCert(c *gin.Context) {
 		})

 		if err != nil {
-            log.Println(err)
+			log.Println("Error WriteJSON", err)
 			return
 		}

@ -108,13 +108,12 @@ func IssueCert(c *gin.Context) {
 	close(logChan)

 	sslCertificatePath := nginx.GetNginxConfPath("ssl/" + domain + "/fullchain.cer")
-    sslCertificateKeyPath := nginx.GetNginxConfPath("ssl/" + domain + "/" + domain + ".key")
+	sslCertificateKeyPath := nginx.GetNginxConfPath("ssl/" + domain + "/private.key")

-    certModel, err := model.FirstCert(domain)
+	certModel, err := model.FirstOrCreateCert(domain)

 	if err != nil {
 		log.Println(err)
-        return
 	}

 	err = certModel.Updates(&model.Cert{
@ -123,7 +122,6 @@ func IssueCert(c *gin.Context) {

 	if err != nil {
 		log.Println(err)
-        return
 	}

 	err = ws.WriteJSON(IssueCertResponse{
--- a/server/api/domain.go
+++ b/server/api/domain.go
@ -101,8 +101,15 @@ func GetDomain(c *gin.Context) {
 	}

 	certInfoMap := make(map[int]CertificateInfo)
+	var serverName string
 	for serverIdx, server := range config.Servers {
 		for _, directive := range server.Directives {
+
+			if directive.Directive == "server_name" {
+				serverName = strings.ReplaceAll(directive.Params, " ", "_")
+				continue
+			}
+
 			if directive.Directive == "ssl_certificate" {

 				pubKey, err := cert.GetCertInfo(directive.Params)
@ -124,7 +131,7 @@ func GetDomain(c *gin.Context) {
 		}
 	}

-    _, err = model.FirstCert(name)
+	_, err = model.FirstCert(serverName)

 	c.JSON(http.StatusOK, gin.H{
 		"enabled":   enabled,
--- a/server/pkg/cert/auto_cert.go
+++ b/server/pkg/cert/auto_cert.go
@ -3,6 +3,7 @@ package cert
 import (
 	"github.com/0xJacky/Nginx-UI/server/model"
 	"log"
+	"strings"
 	"time"
 )

@ -56,7 +57,8 @@ func AutoCert() {
 		logChan := make(chan string, 1)
 		errChan := make(chan error, 1)

-		go IssueCert([]string{domain}, logChan, errChan)
+		// support SAN certification
+		go IssueCert(strings.Split(domain, "_"), logChan, errChan)

 		go handleIssueCertLogChan(logChan)

--- a/server/pkg/cert/cert.go
+++ b/server/pkg/cert/cert.go
@ -105,7 +105,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
 		errChan <- errors.Wrap(err, "issue cert fail to obtain")
 		return
 	}
-	name := strings.Join(domain, "_")
+	name := strings.Join(domain, " ")
 	saveDir := nginx.GetNginxConfPath("ssl/" + name)
 	if _, err = os.Stat(saveDir); os.IsNotExist(err) {
 		err = os.MkdirAll(saveDir, 0755)
@ -127,7 +127,7 @@ func IssueCert(domain []string, logChan chan string, errChan chan error) {
 	}

 	logChan <- "Writing certificate private key to disk"
-	err = os.WriteFile(filepath.Join(saveDir, name+".key"),
+	err = os.WriteFile(filepath.Join(saveDir, "private.key"),
 		certificates.PrivateKey, 0644)

 	if err != nil {