kariko/pyGoEdge-UserPanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d17c7efb3cadb2f483fed55a123ae1594026ee0a
pyGoEdge-UserPanel/reference/goedge 文档/SSLPolicyService.md

131 lines
3.8 KiB
Markdown
Raw Normal View History

Initial commit
2025-11-18 03:36:49 +08:00
# SSLPolicyService
> SSL/TLS策略管理服务
---
## createSSLPolicy
> 创建策略
- 角色:`admin`, `user`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy`
- RPC`rpc createSSLPolicy (CreateSSLPolicyRequest) returns (CreateSSLPolicyResponse);`
**请求对象 (`CreateSSLPolicyRequest`)**
```json
{
"http2Enabled": "bool // 可选项是否启用HTTP/2",
"http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
"minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
"sslCertsJSON": "bytes // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 json:ssl_cert_refs",
"hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
"clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
"clientCACertsJSON": "bytes // 可选项CA证书内容",
"cipherSuites": "[]string // 可选项,自定义加密套件",
"cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
"ocspIsOn": "bool // 可选项是否启用OCSP"
}
```
**响应对象 (`CreateSSLPolicyResponse`)**
```json
{
"sslPolicyId": "int64 // 创建的策略ID"
}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
## findEnabledSSLPolicyConfig
> 查找策略
- 角色:`user`, `admin`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig`
- RPC`rpc findEnabledSSLPolicyConfig (FindEnabledSSLPolicyConfigRequest) returns (FindEnabledSSLPolicyConfigResponse);`
**请求对象 (`FindEnabledSSLPolicyConfigRequest`)**
```json
{
"sslPolicyId": "int64 // SSL策略ID",
"ignoreData": "bool // 是否忽略证书内容数据"
}
```
**响应对象 (`FindEnabledSSLPolicyConfigResponse`)**
```json
{
"sslPolicyJSON": "bytes // 策略配置信息"
}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
## updateSSLPolicy
> 修改策略
- 角色:`admin`, `user`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy`
- RPC`rpc updateSSLPolicy (UpdateSSLPolicyRequest) returns (RPCSuccess);`
**请求对象 (`UpdateSSLPolicyRequest`)**
```json
{
"sslPolicyId": "int64 // 策略ID",
"http2Enabled": "bool // 可选项是否启用HTTP/2",
"http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
"minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
"sslCertsJSON": "bytes // 关联的证书信息 json:ssl_cert_refs",
"hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
"clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
"clientCACertsJSON": "bytes // 可选项CA证书内容",
"cipherSuites": "[]string // 可选项,自定义加密套件",
"cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
"ocspIsOn": "bool // 可选项是否启用OCSP"
}
```
**响应对象 (`RPCSuccess`)**
```json
{}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
Reference in New Issue Copy Permalink