Home Explore Project
Register Sign In
linux
/
acme.sh
3
0
Fork 0
Files Issues 2 Pull Requests 0 Wiki
Browse Source

add `QINIU_CDN_DOMAIN` for wildcard certificate

shonenada 6 years ago
parent
96efc8c7f0
commit
3c6b707353
2 changed files with 16 additions and 4 deletions
Split View Show Diff Stats
  1. 12 2
      deploy/README.md
  2. 4 2
      deploy/qiniu.sh

+ 12 - 2
deploy/README.md
View File 

@@ -335,8 +335,9 @@ export FABIO="1"
 
 
 ## 13. Deploy your certificate to Qiniu.com
 
 
-You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key before deploying
 
-your certificate.
 
+You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key 
+before deploying your certificate, and please ensure you have enabled HTTPS for
 
+your domain name. You can enable it in https://portal.qiniu.com/cdn/domain.
 
 
 ```sh
 
 $ export QINIU_AK="foo"
 
@@ -348,3 +349,12 @@ then you can deploy certificate by following command:
 
 ```sh
 
 $ acme.sh --deploy -d example.com --deploy-hook qiniu
 
 ```
 
+
 
+(Optional), If you are using wildcard certificate,
 
+you may need export `QINIU_CDN_DOMAIN` to specify which domain
 
+you want to update:
 
+
 
+```sh
 
+$ export QINIU_CDN_DOMAIN="cdn.example.com"
 
+$ acme.sh --deploy -d example.com --deploy-hook qiniu
 
+```

+ 4 - 2
deploy/qiniu.sh
View File 

@@ -5,6 +5,7 @@
 
 # This deployment required following variables
 
 # export QINIU_AK="QINIUACCESSKEY"
 
 # export QINIU_SK="QINIUSECRETKEY"
 
+# export QINIU_CDN_DOMAIN="cdn.example.com"
 
 
 QINIU_API_BASE="https://api.qiniu.com"
 
 
@@ -14,6 +15,7 @@ qiniu_deploy() {
 
   _ccert="$3"
 
   _cca="$4"
 
   _cfullchain="$5"
 
+  _cdndomain="${QINIU_CDN_DOMAIN:-$_cdomain}"
 
 
   _debug _cdomain "$_cdomain"
 
   _debug _ckey "$_ckey"
 
@@ -46,7 +48,7 @@ qiniu_deploy() {
 
   string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n')
 
 
   sslcert_path="/sslcert"
 
-  sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
 
+  sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdndomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
 
   sslcert_access_token="$(_make_sslcreate_access_token "$sslcert_path")"
 
   _debug sslcert_access_token "$sslcert_access_token"
 
   export _H1="Authorization: QBox $sslcert_access_token"
 
@@ -66,7 +68,7 @@ qiniu_deploy() {
 
   _debug certId "$_certId"
 
 
   ## update domain ssl config
 
-  update_path="/domain/$_cdomain/httpsconf"
 
+  update_path="/domain/$_cdndomain/httpsconf"
 
   update_body="{\"certid\":$_certId,\"forceHttps\":true}"
 
   update_access_token="$(_make_sslcreate_access_token "$update_path")"
 
   _debug update_access_token "$update_access_token"