diff --git a/app/lib/CertHelper.php b/app/lib/CertHelper.php index e16c2d5..d2522ed 100644 --- a/app/lib/CertHelper.php +++ b/app/lib/CertHelper.php @@ -49,7 +49,7 @@ class CertHelper 'wildcard' => true, 'max_domains' => 100, 'cname' => true, - 'note' => null, + 'note' => 'ZeroSSL密钥手动获取', 'inputs' => [ 'email' => [ 'name' => '邮箱地址', @@ -57,6 +57,29 @@ class CertHelper 'placeholder' => 'EAB申请邮箱', 'required' => true, ], + 'eabMode' => [ + 'name' => 'EAB获取方式', + 'type' => 'radio', + 'options' => [ + 'auto' => '自动获取', + 'manual' => '手动输入', + ], + 'value' => 'manual' + ], + 'kid' => [ + 'name' => 'EAB KID', + 'type' => 'input', + 'placeholder' => '', + 'required' => true, + 'show' => 'eabMode==\'manual\'', + ], + 'key' => [ + 'name' => 'EAB HMAC Key', + 'type' => 'input', + 'placeholder' => '', + 'required' => true, + 'show' => 'eabMode==\'manual\'', + ], 'proxy' => [ 'name' => '使用代理服务器', 'type' => 'radio', @@ -90,7 +113,7 @@ class CertHelper 'auto' => '自动获取', 'manual' => '手动输入', ], - 'value' => 'auto' + 'value' => 'manual' ], 'kid' => [ 'name' => 'keyId', diff --git a/app/lib/cert/customacme.php b/app/lib/cert/customacme.php index 5581391..0f00bce 100644 --- a/app/lib/cert/customacme.php +++ b/app/lib/cert/customacme.php @@ -15,7 +15,7 @@ class customacme implements CertInterface public function __construct($config, $ext = null) { $this->config = $config; - $this->ac = new ACMECert($config['directory'], $config['proxy'] == 1); + $this->ac = new ACMECert($config['directory'], (int)$config['proxy']); if ($ext) { $this->ext = $ext; $this->ac->loadAccountKey($ext['key']); diff --git a/app/lib/cert/letsencrypt.php b/app/lib/cert/letsencrypt.php index 66ba5cd..c679f13 100644 --- a/app/lib/cert/letsencrypt.php +++ b/app/lib/cert/letsencrypt.php @@ -20,7 +20,7 @@ class letsencrypt implements CertInterface { $this->config = $config; if (empty($config['mode'])) $config['mode'] = 'live'; - $this->ac = new ACMECert($this->directories[$config['mode']], $config['proxy'] == 1); + $this->ac = new ACMECert($this->directories[$config['mode']], (int)$config['proxy']); if ($ext) { $this->ext = $ext; $this->ac->loadAccountKey($ext['key']); diff --git a/app/lib/cert/zerossl.php b/app/lib/cert/zerossl.php index 699f188..9391f86 100644 --- a/app/lib/cert/zerossl.php +++ b/app/lib/cert/zerossl.php @@ -16,7 +16,7 @@ class zerossl implements CertInterface public function __construct($config, $ext = null) { $this->config = $config; - $this->ac = new ACMECert($this->directory, $config['proxy'] == 1); + $this->ac = new ACMECert($this->directory, (int)$config['proxy']); if ($ext) { $this->ext = $ext; $this->ac->loadAccountKey($ext['key']); @@ -27,7 +27,12 @@ class zerossl implements CertInterface public function register() { if (empty($this->config['email'])) throw new Exception('邮件地址不能为空'); - $eab = $this->getEAB($this->config['email']); + + if (isset($this->config['eabMode']) && $this->config['eabMode'] == 'auto') { + $eab = $this->getEAB($this->config['email']); + } else { + $eab = ['kid' => $this->config['kid'], 'key' => $this->config['key']]; + } if (!empty($this->ext['key'])) { $kid = $this->ac->registerEAB(true, $eab['kid'], $eab['key'], $this->config['email']); @@ -118,7 +123,7 @@ class zerossl implements CertInterface $response = curl_client($api, http_build_query(['email' => $email]), null, null, null, $this->config['proxy'] == 1); $result = json_decode($response['body'], true); if (!isset($result['success'])) { - throw new Exception('解析返回数据失败:' . $response['body']); + throw new Exception('获取EAB失败:' . $response['body']); } elseif (!$result['success'] && isset($result['error'])) { throw new Exception('获取EAB失败:' . $result['error']['code'] . ' - ' . $result['error']['type']); } elseif (!isset($result['eab_kid']) || !isset($result['eab_hmac_key'])) {