用的 acme 谷歌的证书,3 个月自动续期,然后执行 php 传输到腾讯云的 ssl
\cp -rf /www/server/panel/vhost/cert/
a.com/fullchain.pem /www/server/panel/ssl/certificate.pem
\cp -rf /www/server/panel/vhost/cert/
a.com/privkey.pem /www/server/panel/ssl/privateKey.pem
bt restart
nginx -s reload
/www/server/php/74/bin/php /www/wwwroot/
b.com/public/index.phpindex.php:
try {
$cred = new Credential($SecretId, $SecretKey);
$httpProfile = new HttpProfile();
$httpProfile->setEndpoint("
ssl.tencentcloudapi.com");
$clientProfile = new ClientProfile();
$clientProfile->setHttpProfile($httpProfile);
$client = new SslClient($cred, "", $clientProfile);
$req = new UploadCertificateRequest();
$params = array(
"CertificatePublicKey" => file_get_contents($zhengshu_crt),
"CertificatePrivateKey" => file_get_contents($zhengshu_key),
"Alias" => 'PHPAUTO'.date('YMDHis'),
"CertificateUse" => "CDN"
);
$req->fromJsonString(json_encode($params));
$resp = $client->UploadCertificate($req);
$resp_json=json_decode($resp->toJsonString(),true);
if(!isset($resp_json['CertificateId'])){
throw new Exception("上传证书错误,没有获取到证书 id");
}
$httpProfilecdn = new HttpProfile();
$httpProfilecdn->setEndpoint("
cdn.tencentcloudapi.com");
$clientProfilecdn = new ClientProfile();
$clientProfilecdn->setHttpProfile($httpProfilecdn);
$clientcdn = new CdnClient($cred, "", $clientProfilecdn);
$reqcdn = new UpdateDomainConfigRequest();
foreach ($add_domain as $v){
$paramscdn = array(
"Domain" => $v,
"Https" => array(
"Switch" => "on",
"CertInfo" => array(
"CertId" => $resp_json['CertificateId']
)
)
);
$reqcdn->fromJsonString(json_encode($paramscdn));
$respcdn = $clientcdn->UpdateDomainConfig($reqcdn);
echo $respcdn->toJsonString().'\n';
sleep(1);
}
}
catch(TencentCloudSDKException $e) {
echo $e;
}