diff --git a/internal/deployer/aliyun_clb.go b/internal/deployer/aliyun_clb.go index 3796a1ba..47db6dc9 100644 --- a/internal/deployer/aliyun_clb.go +++ b/internal/deployer/aliyun_clb.go @@ -246,10 +246,10 @@ func (d *AliyunCLBDeployer) updateListenerCertificate(ctx context.Context, aliLo // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-setdomainextensionattribute // // 这里仅修改跟被替换证书一致的扩展域名 - if describeDomainExtensionsResp.Body.DomainExtensions == nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension == nil { + if describeDomainExtensionsResp.Body.DomainExtensions != nil && describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension != nil { for _, domainExtension := range describeDomainExtensionsResp.Body.DomainExtensions.DomainExtension { - if *domainExtension.ServerCertificateId == *describeLoadBalancerHTTPSListenerAttributeResp.Body.ServerCertificateId { - break + if *domainExtension.ServerCertificateId != *describeLoadBalancerHTTPSListenerAttributeResp.Body.ServerCertificateId { + continue } setDomainExtensionAttributeReq := &aliyunSlb.SetDomainExtensionAttributeRequest{ diff --git a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go b/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go index aebf674c..d1036e44 100644 --- a/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go +++ b/internal/pkg/core/uploader/providers/aliyun-slb/aliyun_slb.go @@ -6,6 +6,7 @@ import ( "encoding/hex" "errors" "fmt" + "regexp" "strings" "time" @@ -89,6 +90,12 @@ func (u *AliyunSLBUploader) Upload(ctx context.Context, certPem string, privkeyP var certId, certName string certName = fmt.Sprintf("certimate_%d", time.Now().UnixMilli()) + // 去除证书和私钥内容中的空白行,以符合阿里云 API 要求 + // REF: https://github.com/usual2970/certimate/issues/326 + re := regexp.MustCompile(`(?m)^\s*$\n?`) + certPem = strings.TrimSpace(re.ReplaceAllString(certPem, "")) + privkeyPem = strings.TrimSpace(re.ReplaceAllString(privkeyPem, "")) + // 上传新证书 // REF: https://help.aliyun.com/zh/slb/classic-load-balancer/developer-reference/api-slb-2014-05-15-uploadservercertificate uploadServerCertificateReq := &aliyunSlb.UploadServerCertificateRequest{