Sirius2016
commented
2 years ago CDN_DOMAIN =“a.test.com b.test.com” 尝试这样不成功
Closed Sirius2016 closed 2 years ago
Sirius2016
commented
2 years ago CDN_DOMAIN =“a.test.com b.test.com” 尝试这样不成功
zfb132
commented
2 years ago CDN_DOMAIN =“a.test.com b.test.com” 尝试这样不成功
@Sirius2016 当时写代码未考虑这种情况,现在已经更新代码,你可以下载最新版代码测试一下
新版代码主要修改: 添加多个CDN域名的支持
Sirius2016
commented
2 years ago 好的,谢谢大佬
Sirius2016
commented
2 years ago 
提示: code:InvalidParameter message:参数 Domain 取值类型错误
Sirius2016
commented
2 years ago 
脚本执行多次,会在腾讯云后台生成多个证书,能不能在上传前或者上传后,把旧的同域名证书删除。
zfb132
commented
2 years ago
Domain取值类型错误
@Sirius2016 代码已更新,因为有一行代码没有删除
Sirius2016
commented
2 years ago 好的,我更新下,谢谢大佬
Sirius2016
commented
2 years ago 泛域名证书绑定多域名的功能,可以了。
Sirius2016
commented
2 years ago 用默认配置文件,执行多次脚本,还是会上传多份相同的证书到腾讯云后台,因为上传证书后,域名会绑定最新的证书,可以把未关联的旧证书删除吗?
zfb132
commented
2 years ago 用默认配置文件,执行多次脚本,还是会上传多份相同的证书到腾讯云后台,因为上传证书后,域名会绑定最新的证书,可以把未关联的旧证书删除吗?
@Sirius2016 这个我在调试功能
Sirius2016
commented
2 years ago 好的,辛苦了,等你有空再弄吧,这么晚了。
Sirius2016
commented
2 years ago 大佬,建议你后续再出个上传证书到阿里云cdn的功能,那就更完美了。
zfb132
commented
2 years ago @Sirius2016 删除旧证书功能已经添加,阿里云cdn目前没有时间开发
Sirius2016
commented
2 years ago 大佬,你好,经测试,旧证书删除的功能不生效。 多次执行脚本,上次多个证书,绑定最新的证书,相同的旧证书不会删除。 最好控制台打印输出一下,已经删除的证书和删除的id.
mentalfl0w
commented
2 years ago @Sirius2016 我这边测试是生效的,我昨天在修改其他功能的时候顺便测试了一下,是正常的 但我的是泛域名证书,就不确定你的是不是单域名,单域名我没测试过 实际上是会打印删除证书的列表的
Sirius2016
commented
2 years ago 我的是泛域名证书,类似这样的:*.test.com
Sirius2016
commented
2 years ago 
Sirius2016
commented
2 years ago 大佬,你是运维还是开发啊,怎么学习python的啊,有推荐吗,我也想学,会编程的感觉好牛。
Sirius2016
commented
2 years ago 我是做服务器运维的,不会编程,感觉很难提升自己。
Sirius2016
commented
2 years ago 大佬我的好像没有执行,旧的域名证书删除操作。 下面是执行时,控制台输出:
实例化一个ssl_client成功 获取ssl证书列表成功 上传ssl证书成功 实例化cdn client成功 获取所有cdn详细信息成功 {"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj33nBa0", "CertName": ".onfirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 11:24:05", "Message": "Auto update by api at 2022-03-24 11:24:04"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}} {"RequestId": "461b63b6-8c65-4019-b701-ab6d2a18d063"} 成功更新域名为ptest.onfirst.com的CDN的ssl证书为uj4zBlP1 实例化一个ssl_client成功 获取ssl证书列表成功 获取ssl证书uj33nBa0的信息成功 获取ssl证书uiGSwm4O的信息成功 获取ssl证书uX6b1TV4的信息成功 获取ssl证书uX5ZXRzu的信息成功 获取ssl证书uWGdhqrb的信息成功 获取ssl证书uRYje1IJ的信息成功 获取ssl证书uI4fyw3u的信息成功 获取ssl证书tpyfqcG5的信息成功 获取ssl证书ssab94jj的信息成功 获取ssl证书shJOqwNg的信息成功 获取ssl证书shIu4uMD的信息成功 获取ssl证书sMacQQYx的信息成功 获取ssl证书rHLZJSwO的信息成功 获取ssl证书r7uvuBLw的信息成功 获取ssl证书r6GYq7Et的信息成功 获取ssl证书quwgLC3w的信息成功 获取ssl证书qX36ImVB的信息成功 获取ssl证书qX1J6vF5的信息成功 获取ssl证书qX16SEnX的信息成功 实例化cdn client成功 获取所有cdn详细信息成功 {"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj33nBa0", "CertName": ".onfirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 11:24:14", "Message": "Auto update by api at 2022-03-24 11:24:13"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}} {"RequestId": "dc726227-e0ab-4fd0-8388-0e3b82e654a5"} 成功更新域名为ptest2.onfirst.com的CDN的ssl证书为uj4zBlP1 实例化一个ssl_client成功 获取ssl证书列表成功 获取ssl证书uj33nBa0的信息成功 获取ssl证书uiGSwm4O的信息成功 获取ssl证书uX6b1TV4的信息成功 获取ssl证书uX5ZXRzu的信息成功 获取ssl证书uWGdhqrb的信息成功 获取ssl证书uRYje1IJ的信息成功 获取ssl证书uI4fyw3u的信息成功 获取ssl证书tpyfqcG5的信息成功 获取ssl证书ssab94jj的信息成功 获取ssl证书shJOqwNg的信息成功 获取ssl证书shIu4uMD的信息成功 获取ssl证书sMacQQYx的信息成功 获取ssl证书rHLZJSwO的信息成功 获取ssl证书r7uvuBLw的信息成功 获取ssl证书r6GYq7Et的信息成功 获取ssl证书quwgLC3w的信息成功 获取ssl证书qX36ImVB的信息成功 获取ssl证书qX1J6vF5的信息成功 获取ssl证书qX16SEnX的信息成功
mentalfl0w
commented
2 years ago @Sirius2016 我测试了一下程序的两个分支,无论是直接匹配或者是通配符匹配都是生效的:
我有一个猜想,就是因为你是在提出这个issue后才修改的程序,那么会不会有一种可能,你忘了git pull拉取一下最新更新,而是只修改了config.py呢? 如果已经git pull过的话,是否可以截张main.py中最底下的判断部分的图上来呢?
Sirius2016
commented
2 years ago 
Sirius2016
commented
2 years ago 这个是最新的吧
Sirius2016
commented
2 years ago config.py配置文件
mentalfl0w
commented
2 years ago @Sirius2016是的,这个是最新的,如果是这样的话,好奇怪的问题,你的证书是自己签名的还是通过CA获取的呢?
mentalfl0w
commented
2 years ago @Sirius2016
def delete_old_ssls(id, key, cdn_domain, ignore_id):
'''删除某个CDN的,除ignore_id以外的所有ssl证书
'''
ssl_client = ssl.get_ssl_client_instance(id, key)
cert_list = ssl.get_cert_list(ssl_client)
for cert in cert_list:
print('BP 0 PASS')
cert_id = cert.CertificateId
# 刚上传的这个证书不删除
if cert_id == ignore_id:
continue
cert_info = ssl.get_cert_info(ssl_client, cert_id)
cert_domain = cert_info.Domain
cert_subject_alt_name = cert_info.SubjectAltName
# 判断域名匹配
matched = False
if cert_domain == cdn_domain:
matched = True
print('BP 1 PASS')
else:
# 判断泛域名或多域名
print('BP 2 PASS')
for cert_sub_name in cert_subject_alt_name:
if cert_sub_name:
print('BP 3 PASS')
if cert_sub_name == cdn_domain:
print('BP 4 PASS')
matched = True
break
# 查看主域名是否匹配 m=['*','example.cn']
m = cert_sub_name.split('.', 1)
n = cdn_domain.split('.', 1)
if m[0] == "*" and m[1] == n[1]:
print('BP 5 PASS')
matched = True
break
# 根据结果删除证书
if matched:
print('BP 6 PASS')
ssl.delete_cert(ssl_client, cert_id)麻烦你将那个函数改成这样,然后运行一下,告诉我BP通过了哪一些可以吗?
Sirius2016
commented
2 years ago 好的,你太客气,是我找你帮忙啊,我马上试下。谢谢
Sirius2016
commented
2 years ago 实例化一个ssl_client成功
获取ssl证书列表成功
上传ssl证书成功
实例化cdn client成功
获取所有cdn详细信息成功
{"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj5SaSHf", "CertName": "*.onefirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 11:59:02", "Message": "Auto update by api at 2022-03-24 11:59:01"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}}
{"RequestId": "fa8e8144-7e0d-4a86-9383-6874775db5ed"}
成功更新域名为ptest.onefirst.com的CDN的ssl证书为uj951T7w
实例化一个ssl_client成功
获取ssl证书列表成功
BP 0 PASS
BP 0 PASS
获取ssl证书uj5SaSHf的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uj4zBlP1的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uj33nBa0的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uiGSwm4O的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uX6b1TV4的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uX5ZXRzu的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uWGdhqrb的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uRYje1IJ的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uI4fyw3u的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书tpyfqcG5的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书ssab94jj的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书shJOqwNg的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书shIu4uMD的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书sMacQQYx的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书rHLZJSwO的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书r7uvuBLw的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书r6GYq7Et的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书quwgLC3w的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书qX36ImVB的信息成功
BP 2 PASS
实例化cdn client成功
获取所有cdn详细信息成功
{"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj5SaSHf", "CertName": "*.onefirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 11:59:10", "Message": "Auto update by api at 2022-03-24 11:59:10"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}}
{"RequestId": "7a668a8e-fc6e-4d2d-9e24-1730c90d939b"}
成功更新域名为ptest2.onefirst.com的CDN的ssl证书为uj951T7w
实例化一个ssl_client成功
获取ssl证书列表成功
BP 0 PASS
BP 0 PASS
获取ssl证书uj5SaSHf的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uj4zBlP1的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uj33nBa0的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uiGSwm4O的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uX6b1TV4的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uX5ZXRzu的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uWGdhqrb的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书uRYje1IJ的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书uI4fyw3u的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书tpyfqcG5的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书ssab94jj的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书shJOqwNg的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书shIu4uMD的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书sMacQQYx的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书rHLZJSwO的信息成功
BP 2 PASS
BP 3 PASS
BP 0 PASS
获取ssl证书r7uvuBLw的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书r6GYq7Et的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书quwgLC3w的信息成功
BP 2 PASS
BP 0 PASS
获取ssl证书qX36ImVB的信息成功
BP 2 PASS上面的是更改代码之后,控制台输出的结果
Sirius2016
commented
2 years ago 腾讯云控制台证书列表:
mentalfl0w
commented
2 years ago @Sirius2016 好的,我大概定位到问题在哪个区域了,能否麻烦你在把代码换成这样:
def delete_old_ssls(id, key, cdn_domain, ignore_id):
'''删除某个CDN的,除ignore_id以外的所有ssl证书
'''
ssl_client = ssl.get_ssl_client_instance(id, key)
cert_list = ssl.get_cert_list(ssl_client)
for cert in cert_list:
cert_id = cert.CertificateId
# 刚上传的这个证书不删除
if cert_id == ignore_id:
continue
cert_info = ssl.get_cert_info(ssl_client, cert_id)
cert_domain = cert_info.Domain
cert_subject_alt_name = cert_info.SubjectAltName
# 判断域名匹配
matched = False
if cert_domain == cdn_domain:
matched = True
else:
# 判断泛域名或多域名
for cert_sub_name in cert_subject_alt_name:
if cert_sub_name:
print(f"CERT:{cert_sub_name}, CDN{cdn_domain}")
if cert_sub_name == cdn_domain:
matched = True
break
# 查看主域名是否匹配 m=['*','example.cn']
m = cert_sub_name.split('.', 1)
n = cdn_domain.split('.', 1)
print(f"m[0]:{m[0]}, m[1]:{m[1]}, n[1]:{n[1]}")
if m[0] == "*" and m[1] == n[1]:
matched = True
break
# 根据结果删除证书
if matched:
ssl.delete_cert(ssl_client, cert_id)我再看看代码终端输出呢?其他部分的就不需要截图了
Sirius2016
commented
2 years ago 实例化一个ssl_client成功
获取ssl证书列表成功
上传ssl证书成功
实例化cdn client成功
获取所有cdn详细信息成功
{"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj951T7w", "CertName": "*.onefirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 12:51:45", "Message": "Auto update by api at 2022-03-24 12:51:44"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}}
{"RequestId": "8ecb38cb-3d49-404b-90c4-eab0d2975db4"}
成功更新域名为ptest.onefirst.com的CDN的ssl证书为ujEVVo0f
实例化一个ssl_client成功
获取ssl证书列表成功
获取ssl证书uj951T7w的信息成功
CERT:onefirst.com, CDNptest.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj5SaSHf的信息成功
CERT:onefirst.com, CDNptest.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj4zBlP1的信息成功
CERT:onefirst.com, CDNptest.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj33nBa0的信息成功
CERT:onefirst.com, CDNptest.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uiGSwm4O的信息成功
获取ssl证书uX6b1TV4的信息成功
获取ssl证书uX5ZXRzu的信息成功
获取ssl证书uWGdhqrb的信息成功
获取ssl证书uRYje1IJ的信息成功
CERT:68622.com, CDNptest.onefirst.com
m[0]:68622, m[1]:com, n[1]:onefirst.com
获取ssl证书uI4fyw3u的信息成功
CERT:496913.com, CDNptest.onefirst.com
m[0]:496913, m[1]:com, n[1]:onefirst.com
获取ssl证书tpyfqcG5的信息成功
获取ssl证书ssab94jj的信息成功
获取ssl证书shJOqwNg的信息成功
获取ssl证书shIu4uMD的信息成功
获取ssl证书sMacQQYx的信息成功
获取ssl证书rHLZJSwO的信息成功
CERT:mersky.com, CDNptest.onefirst.com
m[0]:mersky, m[1]:com, n[1]:onefirst.com
获取ssl证书r7uvuBLw的信息成功
获取ssl证书r6GYq7Et的信息成功
获取ssl证书quwgLC3w的信息成功
实例化cdn client成功
获取所有cdn详细信息成功
{"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "uj951T7w", "CertName": "*.onefirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 12:51:58", "Message": "Auto update by api at 2022-03-24 12:51:57"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}}
{"RequestId": "5c2b55a5-333e-4a7c-809c-6f1eec844282"}
成功更新域名为ptest2.onefirst.com的CDN的ssl证书为ujEVVo0f
实例化一个ssl_client成功
获取ssl证书列表成功
获取ssl证书uj951T7w的信息成功
CERT:onefirst.com, CDNptest2.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj5SaSHf的信息成功
CERT:onefirst.com, CDNptest2.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj4zBlP1的信息成功
CERT:onefirst.com, CDNptest2.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uj33nBa0的信息成功
CERT:onefirst.com, CDNptest2.onefirst.com
m[0]:onefirst, m[1]:com, n[1]:onefirst.com
获取ssl证书uiGSwm4O的信息成功
获取ssl证书uX6b1TV4的信息成功
获取ssl证书uX5ZXRzu的信息成功
获取ssl证书uWGdhqrb的信息成功
获取ssl证书uRYje1IJ的信息成功
CERT:68622.com, CDNptest2.onefirst.com
m[0]:68622, m[1]:com, n[1]:onefirst.com
获取ssl证书uI4fyw3u的信息成功
CERT:496913.com, CDNptest2.onefirst.com
m[0]:496913, m[1]:com, n[1]:onefirst.com
获取ssl证书tpyfqcG5的信息成功
获取ssl证书ssab94jj的信息成功
获取ssl证书shJOqwNg的信息成功
获取ssl证书shIu4uMD的信息成功
获取ssl证书sMacQQYx的信息成功
获取ssl证书rHLZJSwO的信息成功
CERT:mersky.com, CDNptest2.onefirst.com
m[0]:mersky, m[1]:com, n[1]:onefirst.com
获取ssl证书r7uvuBLw的信息成功
获取ssl证书r6GYq7Et的信息成功
获取ssl证书quwgLC3w的信息成功
mentalfl0w
commented
2 years ago @Sirius2016 我知道问题是什么了,你是通过TrustAsia申请的证书,与我和作者本人使用的ACME申请的证书在domain的顺序上是不一样的,程序并没有考虑到这一点,我待会儿会写一个补丁,再发上来你测试一下
zfb132
commented
2 years ago @Sirius2016
大佬,你是运维还是开发啊,怎么学习python的啊,有推荐吗,我也想学,会编程的感觉好牛。
我目前还未参加工作,Python也没有专门学过,就是用到哪块就学一下
mentalfl0w
commented
2 years ago @Sirius2016 麻烦你测试一下下面的代码,如果和我想的一样,那么它应该可以正常工作了:
def delete_old_ssls(id, key, cdn_domain, ignore_id):
'''删除某个CDN的,除ignore_id以外的所有ssl证书
'''
ssl_client = ssl.get_ssl_client_instance(id, key)
cert_list = ssl.get_cert_list(ssl_client)
for cert in cert_list:
cert_id = cert.CertificateId
# 刚上传的这个证书不删除
if cert_id == ignore_id:
continue
cert_info = ssl.get_cert_info(ssl_client, cert_id)
cert_domain = cert_info.Domain
cert_subject_alt_name = cert_info.SubjectAltName
# 判断域名匹配
matched = False
m = cert_domain.split('.', 1)
if cert_domain == cdn_domain:
matched = True
elif m[0] == '*':
n = cdn_domain.split('.', 1)
print(f"m[0]:{m[0]}, m[1]:{m[1]}, n[1]:{n[1]}")
if m[1] == n[1]:
matched = True
else:
# 判断泛域名或多域名
for cert_sub_name in cert_subject_alt_name:
if cert_sub_name:
print(f"CERT:{cert_sub_name}, CDN:{cdn_domain}")
if cert_sub_name == cdn_domain:
matched = True
break
# 查看主域名是否匹配 m=['*','example.cn']
m = cert_sub_name.split('.', 1)
n = cdn_domain.split('.', 1)
print(f"m[0]:{m[0]}, m[1]:{m[1]}, n[1]:{n[1]}")
if m[0] == "*" and m[1] == n[1]:
matched = True
break
# 根据结果删除证书
if matched:
ssl.delete_cert(ssl_client, cert_id)@Dracanrage 感谢帮忙修复,你是猜测TrustAsia申请的证书里面的泛域名在Domain字段而不是SubjectAltName字段 ?
mentalfl0w
commented
2 years ago @Dracanrage 感谢帮忙修复,你是猜测TrustAsia申请的证书里面的泛域名在
Domain字段而不是SubjectAltName字段 ?
是的,我个人有一个腾讯云申请的单域名证书,它将二级域名放在了Domain字段中而不是SubjectAltName,我申请的三级域名反而被它放在SubjectAltName,因此我根据@Sirius2016 提供的错误日志猜测是否存在二级域名和泛域名字段存放空间调换的情况
Sirius2016
commented
2 years ago 实例化一个ssl_client成功
获取ssl证书列表成功
上传ssl证书成功
实例化cdn client成功
获取所有cdn详细信息成功
{"Switch": "on", "Http2": "off", "OcspStapling": "off", "VerifyClient": "off", "CertInfo": {"CertId": "ujEVVo0f", "CertName": "*.onefirst.com", "Certificate": null, "PrivateKey": null, "ExpireTime": "2022-06-22 07:59:59", "DeployTime": "2022-03-24 14:10:46", "Message": "Auto update by api at 2022-03-24 14:10:45"}, "ClientCertInfo": {"Certificate": null, "CertName": null, "ExpireTime": null, "DeployTime": null}, "Spdy": "off", "SslStatus": "deployed", "Hsts": {"Switch": "off", "MaxAge": 0, "IncludeSubDomains": "off"}}
{"RequestId": "f1da4810-d3db-4f5a-ac48-b20ffcb53728"}
成功更新域名为ptest.onefirst.com的CDN的ssl证书为ujLpaIAR
实例化一个ssl_client成功
获取ssl证书列表成功
获取ssl证书ujEVVo0f的信息成功
m[0]:*, m[1]:onefirst.com, n[1]:onefirst.com
删除ssl证书ujEVVo0f成功
获取ssl证书uj951T7w的信息成功
m[0]:*, m[1]:onefirst.com, n[1]:onefirst.com
删除ssl证书uj951T7w成功
获取ssl证书uj5SaSHf的信息成功
m[0]:*, m[1]:onefirst.com, n[1]:onefirst.com
删除ssl证书uj5SaSHf成功
获取ssl证书uj4zBlP1的信息成功
m[0]:*, m[1]:onefirst.com, n[1]:onefirst.com
删除ssl证书uj4zBlP1成功
获取ssl证书uj33nBa0的信息成功
m[0]:*, m[1]:onefirst.com, n[1]:onefirst.com
删除ssl证书uj33nBa0成功
获取ssl证书uiGSwm4O的信息成功
获取ssl证书uX6b1TV4的信息成功
获取ssl证书uX5ZXRzu的信息成功
获取ssl证书uWGdhqrb的信息成功
获取ssl证书uRYje1IJ的信息成功@Sirius2016
大佬,你是运维还是开发啊,怎么学习python的啊,有推荐吗,我也想学,会编程的感觉好牛。
我目前还未参加工作,Python也没有专门学过,就是用到哪块就学一下
Sirius2016
commented
2 years ago zfb132
commented
2 years ago 2位大佬编程都是自学的吗,收不收徒弟啊,我是做服务器运维的,现在遇到瓶颈,想学习一下编程提升自己,通过python脚本实现一些自动化的工作。
有其他问题欢迎邮箱联系
您好,请问泛域名证书怎么绑定多个子域名?