Last active
July 10, 2022 10:24
-
-
Save Leechael/3c86c5f8b94deb4088efc4c5d9ce9f5e to your computer and use it in GitHub Desktop.
通过脚本设置阿里云 CDN 的证书
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| # -*- coding: utf-8 -*- | |
| """ | |
| 通过脚本设置阿里云 CDN 的证书 | |
| https://help.aliyun.com/document_detail/45014.html | |
| $ pip install aliyun-python-sdk-cdn click | |
| 可以扔到 crontab 里面跑。 | |
| """ | |
| from os import path | |
| from datetime import datetime | |
| from aliyunsdkcore.client import AcsClient | |
| from aliyunsdkcdn.request.v20141111.SetDomainServerCertificateRequest import ( | |
| SetDomainServerCertificateRequest | |
| ) | |
| import click | |
| @click.command() | |
| @click.argument('domain') | |
| @click.argument('appkey') | |
| @click.argument('secret') | |
| @click.option('--dehydrated_dir', default='/etc/dehydrated', | |
| help='Full path where dehydrated store cert files.') | |
| def set_ssl_cert(domain, appkey, secret, dehydrated_dir): | |
| req = SetDomainServerCertificateRequest() | |
| prefix = path.join(dehydrated_dir, 'certs', domain) | |
| cert_key = '%s@%s' % (domain, datetime.now().strftime('%Y-%m-%d')) | |
| with open(path.join(prefix, 'fullchain.pem')) as f: | |
| fullchain = f.read() | |
| with open(path.join(prefix, 'privkey.pem')) as f: | |
| privkey = f.read() | |
| req.set_DomainName(domain) | |
| req.set_CertName(cert_key) | |
| req.set_ServerCertificateStatus('on') | |
| req.set_ServerCertificate(fullchain) | |
| req.set_PrivateKey(privkey) | |
| req.set_content_type('json') | |
| client = AcsClient(appkey, secret) | |
| resp = client.do_action(req) | |
| # print(resp) | |
| if __name__ == '__main__': | |
| set_ssl_cert() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment