update

class/core/mw.py

@@ -1832,11 +1832,9 @@ def getCertName(certPath):
             if hasattr(issuer, 'O'):
                 result['issuer'] = issuer.O
         # 取到期时间
-        result['notAfter'] = strfDate(
-            bytes.decode(x509.get_notAfter())[:-1])
+        result['notAfter'] = strfDate(bytes.decode(x509.get_notAfter())[:-1])
         # 取申请时间
-        result['notBefore'] = strfDate(
-            bytes.decode(x509.get_notBefore())[:-1])
+        result['notBefore'] = strfDate(bytes.decode(x509.get_notBefore())[:-1])
         # 取可选名称
         result['dns'] = []
         for i in range(x509.get_extension_count()):

web/admin/site/ssl.py

@@ -25,6 +25,15 @@ import thisdb
 from .site import blueprint
 
 
+# 删除代理配置
+@blueprint.route('/get_ssl', endpoint='get_ssl', methods=['POST'])
+@panel_login_required
+def get_ssl():
+    site_name = request.form.get('site_name', '')
+    ssl_type = request.form.get('ssl_type', '')
+    return MwSites.instance().getSsl(site_name, ssl_type)
+
+
 
 
 

web/core/mw.py

@@ -1175,6 +1175,68 @@ def getMyORM():
 # 数据库 START
 # ---------------------------------------------------------------------------------
 
+##################### ssl start #########################################
+# 获取证书名称
+def getCertName(certPath):
+    if not os.path.exists(certPath):
+        return None
+    try:
+        import OpenSSL
+        result = {}
+        x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, readFile(certPath))
+        # 取产品名称
+        issuer = x509.get_issuer()
+        result['issuer'] = ''
+        if hasattr(issuer, 'CN'):
+            result['issuer'] = issuer.CN
+        if not result['issuer']:
+            is_key = [b'0', '0']
+            issue_comp = issuer.get_components()
+            if len(issue_comp) == 1:
+                is_key = [b'CN', 'CN']
+            for iss in issue_comp:
+                if iss[0] in is_key:
+                    result['issuer'] = iss[1].decode()
+                    break
+        if not result['issuer']:
+            if hasattr(issuer, 'O'):
+                result['issuer'] = issuer.O
+        # 取到期时间
+        result['notAfter'] = strfDate(
+            bytes.decode(x509.get_notAfter())[:-1])
+        # 取申请时间
+        result['notBefore'] = strfDate(
+            bytes.decode(x509.get_notBefore())[:-1])
+        # 取可选名称
+        result['dns'] = []
+        for i in range(x509.get_extension_count()):
+            s_name = x509.get_extension(i)
+            if s_name.get_short_name() in [b'subjectAltName', 'subjectAltName']:
+                s_dns = str(s_name).split(',')
+                for d in s_dns:
+                    result['dns'].append(d.split(':')[1])
+        subject = x509.get_subject().get_components()
+        # 取主要认证名称
+        if len(subject) == 1:
+            result['subject'] = subject[0][1].decode()
+        else:
+            if not result['dns']:
+                for sub in subject:
+                    if sub[0] == b'CN':
+                        result['subject'] = sub[1].decode()
+                        break
+                if 'subject' in result:
+                    result['dns'].append(result['subject'])
+            else:
+                result['subject'] = result['dns'][0]
+        result['endtime'] = int(int(time.mktime(time.strptime(
+            result['notAfter'], "%Y-%m-%d")) - time.time()) / 86400)
+        return result
+    except Exception as e:
+        writeFileLog(getTracebackInfo())
+        return None
+##################### ssl  end #########################################
+        
 ##################### notify  start #########################################
 
 

web/utils/site.py

@@ -1290,6 +1290,64 @@ location ^~ {from} {\n\
         return mw.returnData(True, "删除反代成功!")
 
 
+
+    # 是否跳转到https
+    def isToHttps(self, site_name):
+        file = self.getHostConf(site_name)
+        conf = mw.readFile(file)
+        if conf:
+            # if conf.find('HTTP_TO_HTTPS_START') != -1:
+            #     return True
+            if conf.find('$server_port !~ 443') != -1:
+                return True
+        return False
+
+    def getSsl(self, site_name, ssl_type):
+
+        path = self.sslDir + '/' + site_name
+
+        file = self.getHostConf(site_name)
+        content = mw.readFile(file)
+
+        key_text = 'ssl_certificate'
+        status = True
+        stype = 0
+        if content.find(key_text) == -1:
+            status = False
+            stype = -1
+
+        to_https = self.isToHttps(site_name)
+
+        sid = mw.M('sites').where("name=?", (site_name,)).getField('id')
+        domains = mw.M('domain').where("pid=?", (sid,)).field('name').select()
+
+        csr_path = path + '/fullchain.pem'  # 生成证书路径
+        key_path = path + '/privkey.pem'    # 密钥文件路径
+
+        cert_data = None
+        if ssl_type == 'lets':
+            csr_path = self.sslLetsDir + '/' + site_name + '/fullchain.pem'  # 生成证书路径
+            key_path = self.sslLetsDir + '/' + site_name + '/privkey.pem'    # 密钥文件路径
+        elif ssl_type == 'acme':
+            acme_dir = mw.getAcmeDomainDir(site_name)
+            csr_path = acme_dir + '/fullchain.cer'  # 生成证书路径
+            key_path = acme_dir + '/' + site_name + '.key'    # 密钥文件路径
+
+        key = mw.readFile(key_path)
+        csr = mw.readFile(csr_path)
+        cert_data = mw.getCertName(csr_path)
+        data = {
+            'status': status,
+            'domain': domains,
+            'key': key,
+            'csr': csr,
+            'type': stype,
+            'httpTohttps': to_https,
+            'cert_data': cert_data,
+        }
+        return mw.returnData(True, 'OK', data)
+
+
     def setPhpVersion(self, siteName, version):
         # nginx
         file = self.getHostConf(siteName)