fix:ssl证书本地快过期就更新
This commit is contained in:
ShaoHua
@@ -4,6 +4,7 @@ using Hua.DDNS.SslProviders.Ali;
|
||||
using Hua.DDNS.SslProviders.Tencent;
|
||||
using Quartz;
|
||||
using Microsoft.Extensions.Options;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
|
||||
namespace Hua.DDNS.Jobs
|
||||
{
|
||||
@@ -70,16 +71,32 @@ namespace Hua.DDNS.Jobs
|
||||
|
||||
var certificate = matchingCertificates.OrderByDescending(c => c.CertEndTime).First();
|
||||
|
||||
var localCertExpiry = GetLocalCertificateExpiry(item);
|
||||
var daysUntilExpiry = (certificate.CertEndTime - DateTime.Now).Days;
|
||||
|
||||
if (daysUntilExpiry <= _sslDownloadOption.ExpireDays)
|
||||
if (localCertExpiry == null)
|
||||
{
|
||||
_logger.LogInformation($"证书 {certificate.CertificateId} ({certificate.Domain}) 将在 {daysUntilExpiry} 天后过期,开始下载");
|
||||
_logger.LogInformation($"本地证书文件不存在,开始下载: {item.Domain}");
|
||||
downloadTasks.Add(DownloadFileAsync(sslProvider, item, certificate.CertificateId, certificate.Domain));
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.LogInformation($"证书 {certificate.CertificateId} ({certificate.Domain}) 还有 {daysUntilExpiry} 天过期,跳过下载");
|
||||
var localDaysUntilExpiry = (localCertExpiry.Value - DateTime.Now).Days;
|
||||
|
||||
if (localDaysUntilExpiry <= _sslDownloadOption.ExpireDays)
|
||||
{
|
||||
_logger.LogInformation($"本地证书 {item.Domain} 将在 {localDaysUntilExpiry} 天后过期,开始更新");
|
||||
downloadTasks.Add(DownloadFileAsync(sslProvider, item, certificate.CertificateId, certificate.Domain));
|
||||
}
|
||||
else if (certificate.CertEndTime > localCertExpiry.Value)
|
||||
{
|
||||
_logger.LogInformation($"云端证书 {item.Domain} 过期时间更晚,开始更新 (本地: {localCertExpiry:yyyy-MM-dd}, 云端: {certificate.CertEndTime:yyyy-MM-dd})");
|
||||
downloadTasks.Add(DownloadFileAsync(sslProvider, item, certificate.CertificateId, certificate.Domain));
|
||||
}
|
||||
else
|
||||
{
|
||||
_logger.LogInformation($"本地证书 {item.Domain} 还有 {localDaysUntilExpiry} 天过期,跳过下载");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -93,6 +110,33 @@ namespace Hua.DDNS.Jobs
|
||||
}
|
||||
}
|
||||
|
||||
private DateTime? GetLocalCertificateExpiry(SslDownloadItem item)
|
||||
{
|
||||
try
|
||||
{
|
||||
var domainPath = Path.Combine(_sslDownloadOption.SavePath, item.Domain);
|
||||
var certFileName = Path.GetFileNameWithoutExtension(item.FileName);
|
||||
var certPath = Path.Combine(domainPath, $"{certFileName}_bundle.crt");
|
||||
|
||||
if (!File.Exists(certPath))
|
||||
{
|
||||
_logger.LogInformation($"本地证书文件不存在: {certPath}");
|
||||
return null;
|
||||
}
|
||||
|
||||
var certBytes = File.ReadAllBytes(certPath);
|
||||
var certificate = new X509Certificate2(certBytes);
|
||||
|
||||
_logger.LogInformation($"本地证书 {item.Domain} 过期时间: {certificate.NotAfter}");
|
||||
return certificate.NotAfter;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
_logger.LogError(ex, $"读取本地证书过期时间失败: {item.FileName}");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private async Task DownloadFileAsync(ISslDownloadProvider provider, SslDownloadItem item, string certificateId, string domain)
|
||||
{
|
||||
try
|
||||
|
||||
Reference in New Issue
Block a user