From 96df6e1573bee9782c4b8f430e35908fc02207b0 Mon Sep 17 00:00:00 2001 From: TomyJan Date: Wed, 24 Dec 2025 18:45:08 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E5=8F=88=E6=8B=8D=E4=BA=91SSL=E4=B8=8D?= =?UTF-8?q?=E5=85=BC=E5=AE=B9=E7=9A=84=E7=89=B9=E5=8C=96=E5=A4=84=E7=90=86?= =?UTF-8?q?=20(=20#358=20)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/lib/deploy/upyun.php | 26 +++++++++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/app/lib/deploy/upyun.php b/app/lib/deploy/upyun.php index 77ae4e9..287689c 100644 --- a/app/lib/deploy/upyun.php +++ b/app/lib/deploy/upyun.php @@ -31,9 +31,15 @@ class upyun implements DeployInterface $this->login(); $url = 'https://console.upyun.com/api/https/certificate/'; + // 如果是 EC 证书,调整私钥头为 EC PRIVATE KEY + $privatekey_send = $privatekey; + if ($this->isEcCertificate($fullchain)) { + $privatekey_send = str_replace('-----BEGIN PRIVATE KEY-----', '-----BEGIN EC PRIVATE KEY-----', $privatekey_send); + $privatekey_send = str_replace('-----END PRIVATE KEY-----', '-----END EC PRIVATE KEY-----', $privatekey_send); + } $params = [ 'certificate' => $fullchain, - 'private_key' => $privatekey, + 'private_key' => $privatekey_send, ]; $response = http_request($url, http_build_query($params), null, $this->cookie, null, $this->proxy); $result = json_decode($response['body'], true); @@ -130,4 +136,22 @@ class upyun implements DeployInterface call_user_func($this->logger, $txt); } } + + /** + * 判断是否为 EC (ECDSA) 证书 + */ + private function isEcCertificate($fullchain) + { + // 提取第一个证书 + if (!preg_match('/-----BEGIN CERTIFICATE-----\s*(.+?)\s*-----END CERTIFICATE-----/s', $fullchain, $m)) { + return false; + } + + $pubKey = openssl_pkey_get_public($m[0]); + if (!$pubKey) return false; + + $details = openssl_pkey_get_details($pubKey); + + return $details && ($details['type'] ?? 0) === OPENSSL_KEYTYPE_EC; + } }