Skip to content

Instantly share code, notes, and snippets.

@Leechael
Last active July 10, 2022 10:24
Show Gist options
  • Save Leechael/3c86c5f8b94deb4088efc4c5d9ce9f5e to your computer and use it in GitHub Desktop.
Save Leechael/3c86c5f8b94deb4088efc4c5d9ce9f5e to your computer and use it in GitHub Desktop.
通过脚本设置阿里云 CDN 的证书
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
通过脚本设置阿里云 CDN 的证书
https://help.aliyun.com/document_detail/45014.html
$ pip install aliyun-python-sdk-cdn click
可以扔到 crontab 里面跑。
"""
from os import path
from datetime import datetime
from aliyunsdkcore.client import AcsClient
from aliyunsdkcdn.request.v20141111.SetDomainServerCertificateRequest import (
SetDomainServerCertificateRequest
)
import click
@click.command()
@click.argument('domain')
@click.argument('appkey')
@click.argument('secret')
@click.option('--dehydrated_dir', default='/etc/dehydrated',
help='Full path where dehydrated store cert files.')
def set_ssl_cert(domain, appkey, secret, dehydrated_dir):
req = SetDomainServerCertificateRequest()
prefix = path.join(dehydrated_dir, 'certs', domain)
cert_key = '%s@%s' % (domain, datetime.now().strftime('%Y-%m-%d'))
with open(path.join(prefix, 'fullchain.pem')) as f:
fullchain = f.read()
with open(path.join(prefix, 'privkey.pem')) as f:
privkey = f.read()
req.set_DomainName(domain)
req.set_CertName(cert_key)
req.set_ServerCertificateStatus('on')
req.set_ServerCertificate(fullchain)
req.set_PrivateKey(privkey)
req.set_content_type('json')
client = AcsClient(appkey, secret)
resp = client.do_action(req)
# print(resp)
if __name__ == '__main__':
set_ssl_cert()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment