From e1b512f78f0c1a9bc85f2ce29fc200522b3e042f Mon Sep 17 00:00:00 2001 From: Linard Schwendener Date: Fri, 3 May 2024 00:57:47 +0200 Subject: [PATCH] Manual Renew knows if DNS Challenge is required --- src/cert.go | 6 ++++++ src/mod/acme/acme.go | 2 +- src/mod/acme/autorenew.go | 2 +- src/web/components/cert.html | 13 +++++++++---- 4 files changed, 17 insertions(+), 6 deletions(-) diff --git a/src/cert.go b/src/cert.go index 2f70825..0480b3e 100644 --- a/src/cert.go +++ b/src/cert.go @@ -12,6 +12,7 @@ import ( "strings" "time" + "imuslab.com/zoraxy/mod/acme" "imuslab.com/zoraxy/mod/utils" ) @@ -46,6 +47,7 @@ func handleListCertificate(w http.ResponseWriter, r *http.Request) { LastModifiedDate string ExpireDate string RemainingDays int + DNS bool } results := []*CertInfo{} @@ -81,12 +83,16 @@ func handleListCertificate(w http.ResponseWriter, r *http.Request) { } } } + certInfoFilename := filepath.Join(tlsCertManager.CertStore, filename+".json") + certInfo, err := acme.LoadCertInfoJSON(certInfoFilename) + SystemWideLogger.PrintAndLog("Could not Load CertInfoJson", certFilepath, err) thisCertInfo := CertInfo{ Domain: filename, LastModifiedDate: modifiedTime, ExpireDate: certExpireTime, RemainingDays: expiredIn, + DNS: certInfo.DNS, } results = append(results, &thisCertInfo) diff --git a/src/mod/acme/acme.go b/src/mod/acme/acme.go index ded82e1..8ea52dc 100644 --- a/src/mod/acme/acme.go +++ b/src/mod/acme/acme.go @@ -470,7 +470,7 @@ func IsPortInUse(port int) bool { } // Load cert information from json file -func loadCertInfoJSON(filename string) (*CertificateInfoJSON, error) { +func LoadCertInfoJSON(filename string) (*CertificateInfoJSON, error) { certInfoBytes, err := os.ReadFile(filename) if err != nil { return nil, err diff --git a/src/mod/acme/autorenew.go b/src/mod/acme/autorenew.go index a5481a9..9db5dfc 100644 --- a/src/mod/acme/autorenew.go +++ b/src/mod/acme/autorenew.go @@ -344,7 +344,7 @@ func (a *AutoRenewer) renewExpiredDomains(certs []*ExpiredCerts) ([]string, erro // Load certificate info for ACME detail certInfoFilename := fmt.Sprintf("%s/%s.json", filepath.Dir(expiredCert.Filepath), certName) - certInfo, err := loadCertInfoJSON(certInfoFilename) + certInfo, err := LoadCertInfoJSON(certInfoFilename) if err != nil { log.Printf("Renew %s certificate error, can't get the ACME detail for cert: %v, trying org section as ca", certName, err) diff --git a/src/web/components/cert.html b/src/web/components/cert.html index cbfd982..c39251f 100644 --- a/src/web/components/cert.html +++ b/src/web/components/cert.html @@ -66,6 +66,7 @@ Domain Last Update Expire At + DNS Challenge Renew Remove @@ -147,7 +148,7 @@ //Renew certificate by button press - function renewCertificate(domain, btn=undefined){ + function renewCertificate(domain, dns, btn=undefined){ let defaultCA = $("#defaultCA").dropdown("get value"); if (defaultCA.trim() == ""){ defaultCA = "Let's Encrypt"; @@ -160,7 +161,7 @@ $(btn).addClass('disabled'); $(btn).html(``); } - obtainCertificate(domain, defaultCA.trim(), function(succ){ + obtainCertificate(domain, dns, defaultCA.trim(), function(succ){ if (btn != undefined){ $(btn).removeClass('disabled'); if (succ){ @@ -181,7 +182,7 @@ */ // Obtain certificate from API, only support one domain - function obtainCertificate(domains, usingCa = "Let's Encrypt", callback=undefined) { + function obtainCertificate(domains, dns, usingCa = "Let's Encrypt", callback=undefined) { //Load the ACME email from server side let acmeEmail = ""; $.get("/api/acme/autoRenew/email", function(data){ @@ -213,6 +214,8 @@ } return; } + //Filename cannot contain wildcards, and wildcards are possible with DNS challenges + filename = filename.replace("*", "_"); $.ajax({ url: "/api/acme/obtainCert", @@ -222,6 +225,7 @@ filename: filename, email: email, ca: usingCa, + dns: dns }, success: function(response) { if (response.error) { @@ -357,7 +361,8 @@ ${entry.Domain} ${entry.LastModifiedDate} ${entry.ExpireDate} (${!isExpired?entry.RemainingDays+" days left":"Expired"}) - + + `); });