kariko/pyGoEdge-UserPanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
pyGoEdge-UserPanel/reference/goedge 文档/SSLPolicyService.md
kariko d17c7efb3c Initial commit
2025-11-18 03:36:49 +08:00

3.8 KiB
Raw Permalink Blame History

SSLPolicyService

SSL/TLS策略管理服务

createSSLPolicy

创建策略

  • 角色:admin, user
  • HTTPPOST https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy
  • RPCrpc createSSLPolicy (CreateSSLPolicyRequest) returns (CreateSSLPolicyResponse);

请求对象 (CreateSSLPolicyRequest)

{
  "http2Enabled": "bool // 可选项是否启用HTTP/2",
  "http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
  "minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
  "sslCertsJSON": "bytes // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 json:ssl_cert_refs",
  "hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
  "clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
  "clientCACertsJSON": "bytes // 可选项CA证书内容",
  "cipherSuites": "[]string // 可选项,自定义加密套件",
  "cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
  "ocspIsOn": "bool // 可选项是否启用OCSP"
}

响应对象 (CreateSSLPolicyResponse)

{
  "sslPolicyId": "int64 // 创建的策略ID"
}

调用示例

curl -X POST "https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy" \
  -H "Content-Type: application/json" \
  -H "X-Edge-Access-Token: <YOUR_TOKEN>" \
  -d '{
    ...
  }'

findEnabledSSLPolicyConfig

查找策略

  • 角色:user, admin
  • HTTPPOST https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig
  • RPCrpc findEnabledSSLPolicyConfig (FindEnabledSSLPolicyConfigRequest) returns (FindEnabledSSLPolicyConfigResponse);

请求对象 (FindEnabledSSLPolicyConfigRequest)

{
  "sslPolicyId": "int64 // SSL策略ID",
  "ignoreData": "bool // 是否忽略证书内容数据"
}

响应对象 (FindEnabledSSLPolicyConfigResponse)

{
  "sslPolicyJSON": "bytes // 策略配置信息"
}

调用示例

curl -X POST "https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig" \
  -H "Content-Type: application/json" \
  -H "X-Edge-Access-Token: <YOUR_TOKEN>" \
  -d '{
    ...
  }'

updateSSLPolicy

修改策略

  • 角色:admin, user
  • HTTPPOST https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy
  • RPCrpc updateSSLPolicy (UpdateSSLPolicyRequest) returns (RPCSuccess);

请求对象 (UpdateSSLPolicyRequest)

{
  "sslPolicyId": "int64 // 策略ID",
  "http2Enabled": "bool // 可选项是否启用HTTP/2",
  "http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
  "minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
  "sslCertsJSON": "bytes // 关联的证书信息 json:ssl_cert_refs",
  "hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
  "clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
  "clientCACertsJSON": "bytes // 可选项CA证书内容",
  "cipherSuites": "[]string // 可选项,自定义加密套件",
  "cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
  "ocspIsOn": "bool // 可选项是否启用OCSP"
}

响应对象 (RPCSuccess)

{}

调用示例

curl -X POST "https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy" \
  -H "Content-Type: application/json" \
  -H "X-Edge-Access-Token: <YOUR_TOKEN>" \
  -d '{
    ...
  }'
Reference in New Issue View Git Blame Copy Permalink