7x31/anylink
1
0
Fork 0
mirror of https://github.com/bjdgyc/anylink.git synced 2025-08-08 15:29:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

修改证书设置

Browse Source
This commit is contained in:
bjdgyc
2023-04-21 11:39:51 +08:00
parent cc5aff08ad
commit 6ee80d32ea
4 changed files with 33 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
server/dbdata/cert.go
View File

@@ -275,8 +275,10 @@ func ParseCert() (*tls.Certificate, *time.Time, error) {
_, errCert := os.Stat(base.Cfg.CertFile)
_, errKey := os.Stat(base.Cfg.CertKey)
if os.IsNotExist(errCert) || os.IsNotExist(errKey) {
PrivateCert()
err := PrivateCert()
if err != nil {
return nil, nil, err
}
}
cert, err := tls.LoadX509KeyPair(base.Cfg.CertFile, base.Cfg.CertKey)
if err != nil || errors.Is(err, os.ErrNotExist) {
@@ -353,6 +355,11 @@ func GetCertificateBySNI(commonName string) (*tls.Certificate, error) {
return cert, nil
}
}
// 默认证书 兼容不支持 SNI 的客户端
if cert, ok := nameToCertificate["default"]; ok {
return cert, nil
}
return getTempCertificate()
}
@@ -362,6 +369,9 @@ func LoadCertificate(cert *tls.Certificate) {
// Copy from tls.Config BuildNameToCertificate()
func buildNameToCertificate(cert *tls.Certificate) {
// 设置默认证书
nameToCertificate["default"] = cert
x509Cert, err := x509.ParseCertificate(cert.Certificate[0])
if err != nil {
return