add QINIU_CDN_DOMAIN for wildcard certificate

This commit is contained in:
shonenada 2019-01-13 12:23:15 +08:00
parent 96efc8c7f0
commit 3c6b707353
No known key found for this signature in database
GPG Key ID: 76A1B4666B0495CB
2 changed files with 16 additions and 4 deletions

View File

@ -335,8 +335,9 @@ export FABIO="1"
## 13. Deploy your certificate to Qiniu.com
You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key before deploying
your certificate.
You should create AccessKey/SecretKey pair in https://portal.qiniu.com/user/key
before deploying your certificate, and please ensure you have enabled HTTPS for
your domain name. You can enable it in https://portal.qiniu.com/cdn/domain.
```sh
$ export QINIU_AK="foo"
@ -348,3 +349,12 @@ then you can deploy certificate by following command:
```sh
$ acme.sh --deploy -d example.com --deploy-hook qiniu
```
(Optional), If you are using wildcard certificate,
you may need export `QINIU_CDN_DOMAIN` to specify which domain
you want to update:
```sh
$ export QINIU_CDN_DOMAIN="cdn.example.com"
$ acme.sh --deploy -d example.com --deploy-hook qiniu
```

View File

@ -5,6 +5,7 @@
# This deployment required following variables
# export QINIU_AK="QINIUACCESSKEY"
# export QINIU_SK="QINIUSECRETKEY"
# export QINIU_CDN_DOMAIN="cdn.example.com"
QINIU_API_BASE="https://api.qiniu.com"
@ -14,6 +15,7 @@ qiniu_deploy() {
_ccert="$3"
_cca="$4"
_cfullchain="$5"
_cdndomain="${QINIU_CDN_DOMAIN:-$_cdomain}"
_debug _cdomain "$_cdomain"
_debug _ckey "$_ckey"
@ -46,7 +48,7 @@ qiniu_deploy() {
string_key=$(sed 's/$/\\n/' "$_ckey" | tr -d '\n')
sslcert_path="/sslcert"
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
sslcerl_body="{\"name\":\"$_cdomain\",\"common_name\":\"$_cdndomain\",\"ca\":\"$string_fullchain\",\"pri\":\"$string_key\"}"
sslcert_access_token="$(_make_sslcreate_access_token "$sslcert_path")"
_debug sslcert_access_token "$sslcert_access_token"
export _H1="Authorization: QBox $sslcert_access_token"
@ -66,7 +68,7 @@ qiniu_deploy() {
_debug certId "$_certId"
## update domain ssl config
update_path="/domain/$_cdomain/httpsconf"
update_path="/domain/$_cdndomain/httpsconf"
update_body="{\"certid\":$_certId,\"forceHttps\":true}"
update_access_token="$(_make_sslcreate_access_token "$update_path")"
_debug update_access_token "$update_access_token"