search

yourivw / LEClient

An easy-to-use PHP ACME v2 client library, designed to be used with LetsEncrypt.
MIT License
204 stars 98 forks source link

New problem, there is a timeout error! #68

Closed wuknet closed 4 years ago

wuknet commented 5 years ago

The following code, Step = 1, has an error 504 Gateway Time-out ///////////////////////////////////////////////////////////////////////////// `<?php header("Content-type: text/html; charset=utf-8"); ini_set('max_execution_time', 120); include DIR.'/LEClient/vendor/autoload.php';

// Importing the classes. use LEClient\LEClient; use LEClient\LEOrder;

session_start(); $userid = $_SESSION['userid']; $myemail = $_SESSION['email']; $mydomain = $_SESSION['domain'];

if($userid==0) { die('请先登录!'); }

echo "信息>UserID:".$userid.",邮箱:".$myemail.",域名:".$mydomain."
";

$email = array($myemail); $basename = $mydomain; $domains = array($basename,'*.'.$basename);

//$domains = array('*.887d.com');

//https://acme-v02.api.letsencrypt.org //第二参数true是测试,false是正式使用 $client = new LEClient($email, false, LECLient::LOG_STATUS, "cert/$basename/");//第二参数true是测试,false是正式使用,第四个参数是路径 //$client = new LEClient($email, true, LECLient::LOG_DEBUG);

//获取或创建订单。基本名称最好是顶级域名。这将是存储密钥的目录。提供一组字符串域名来为其创建证书。 $order = $client->getOrCreateOrder($basename, $domains); //var_dump($order);

$step = get_(0,"step");

if(!$order->allAuthorizationsValid())//检查此订单实例中的所有授权是否有效。 { $pending = $order->getPendingAuthorizations(LEOrder::CHALLENGE_TYPE_DNS);//获取dns验证记录 //var_dump($pending);

echo "<font color=\"red\">请将以下二条记录值分别域名解析成TXT的内容,设置记录名称为(_acme-challenge)。二条记录分二次解析,二次分别验证。注意解析生效后点击底部的验证,二次验证通过后便可获取SSL证书</font><br />";
echo "<table border=\"1\">";
echo "<tr><td>名称</td><td>记录值</td></tr>";
foreach ($pending as $value)
{
    echo "<tr><td>".$value['identifier']."</td><td>".$value['DNSDigest']."</td></tr>";
}
echo "</table>";
echo "<br />";

switch($step)
{
case 0:
{
    if(!empty($pending))
    {
        foreach($pending as $challenge)
        {
            // For the purpose of this example, a fictitious functions creates or updates the ACME challenge DNS record for this domain. 
            //setDNSRecord($challenge['identifier'], $challenge['DNSDigest']);
        }
    }
    else
        echo "获取授权码无效<br />";

    echo "<a href=\"?step=1\">开始验证</a><br />";
    break;
}
case 1:
{
    if(!empty($pending))
    {
        echo "开始验证:<br />";
        foreach($pending as $challenge)
        {
            // For the purpose of this example, a fictitious functions creates or updates the ACME challenge DNS record for this domain.
            $order->verifyPendingOrderAuthorization($challenge['identifier'], LEOrder::CHALLENGE_TYPE_DNS);
            echo "验证成功<br />";
        }
    }
    else
        echo "获取授权码无效<br />";

    if($order->allAuthorizationsValid())
    {
        getcert($order);//获取证书
    }
    else
        echo "<a href=\"?step=0\">返回</a>&nbsp;|&nbsp;<a href=\"?step=1\">继续验证</a><br />";

    break;
}
}

} else //所有授权有效了,就获取证书 { getcert($order);//获取证书 } // Check once more whether all authorizations are valid before we can finalize the order.

function getcert($order) { global $userid,$myemail,$mydomain; // Finalize the order first, if that is not yet done. if(!$order->isFinalized()) $order->finalizeOrder(); // Check whether the order has been finalized before we can get the certificate. If finalized, get the certificate. if($order->isFinalized()) {
$order->getCertificate(); echo "开始保存数据库
"; include("../config_database.php"); include("../conn.php"); $expiretime = date('Y-m-d H:i:s',strtotime("+3 month")); $result = $db->prepare("select sslid,userid,email,basename,domains,signtime,expiretime from wuk_ssl where basename=?"); $result->bindParam(1,$mydomain); $result->execute(); if($rs=$result->fetch(PDO::FETCH_ASSOC)) { $db->exec("update wuk_ssl set signtime='".gettime()."',expiretime='".$expiretime."' where basename='".$mydomain."'"); echo "成功完成SSL证书的续期。
"; } else { $db->exec("insert into wuk_ssl(userid,email,basename,domains,signtime,expiretime) values (".$userid.",'".$myemail."','".$mydomain."','".$mydomain.",*.".$mydomain."','".gettime()."','".$expiretime."')");//添加进数据库 echo "成功完成SSL证书的申请。
"; } echo "<a href=\"/ssl.php\" target=\"_top\">返回证书管理查看";

    //域名验证
    $result = $db->prepare("select ckdomain_id,userid,domainname,crtime from wuk_check_domain where domainname=?");
    $result->bindParam(1,$mydomain);
    $result->execute();
    $countnum = $result->rowCount();
    if($countnum==0)
    {
        $db->exec("insert into wuk_check_domain(userid,domainname,crtime) values (".$userid.",'".$mydomain."','".gettime()."')");//添加进数据库
    }

    $db=null;
}

} ////////////////////////////////////////////////////// function gettime() //获取时间 { ini_set('date.timezone','Asia/Shanghai'); return date("Y-m-d H:i:s",time()); }

function get_($datatype,$getvalue) { if($datatype==0) { if (isset($_GET[$getvalue])) $revalue=intval($_GET[$getvalue]); else $revalue=0; } else { if (isset($_GET[$getvalue])) $revalue=$_GET[$getvalue]; else $revalue=""; } return $revalue; }

function post_($datatype,$getvalue) { if($datatype==0) { if (isset($_POST[$getvalue])) $revalue=intval($_POST[$getvalue]); else $revalue=0; } else { if (isset($_POST[$getvalue])) $revalue=$_POST[$getvalue]; else $revalue=""; } return $revalue; } ?>`

yourivw commented 5 years ago

I am not sure what the cause is of the HTTP 504 in this case. I haven't seen it. Have you had it as well with the example code including your own domains/data?

P.s. your code is hardly readable without code tags

mvorisek commented 4 years ago

@yourivw Should be probably closed, issue is hard to read.

yourivw commented 4 years ago

@mvorisek Agree, closing it, thanks.