kariko/pyGoEdge-UserPanel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
pyGoEdge-UserPanel/reference/goedge 文档/SSLPolicyService.md
kariko d17c7efb3c Initial commit
2025-11-18 03:36:49 +08:00

131 lines
3.8 KiB
Markdown
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
# SSLPolicyService
> SSL/TLS策略管理服务
---
## createSSLPolicy
> 创建策略
- 角色:`admin`, `user`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy`
- RPC`rpc createSSLPolicy (CreateSSLPolicyRequest) returns (CreateSSLPolicyResponse);`
**请求对象 (`CreateSSLPolicyRequest`)**
```json
{
"http2Enabled": "bool // 可选项是否启用HTTP/2",
"http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
"minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
"sslCertsJSON": "bytes // 可选项,关联的证书信息,可以在创建后再通过修改策略来配置 json:ssl_cert_refs",
"hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
"clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
"clientCACertsJSON": "bytes // 可选项CA证书内容",
"cipherSuites": "[]string // 可选项,自定义加密套件",
"cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
"ocspIsOn": "bool // 可选项是否启用OCSP"
}
```
**响应对象 (`CreateSSLPolicyResponse`)**
```json
{
"sslPolicyId": "int64 // 创建的策略ID"
}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/createSSLPolicy" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
## findEnabledSSLPolicyConfig
> 查找策略
- 角色:`user`, `admin`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig`
- RPC`rpc findEnabledSSLPolicyConfig (FindEnabledSSLPolicyConfigRequest) returns (FindEnabledSSLPolicyConfigResponse);`
**请求对象 (`FindEnabledSSLPolicyConfigRequest`)**
```json
{
"sslPolicyId": "int64 // SSL策略ID",
"ignoreData": "bool // 是否忽略证书内容数据"
}
```
**响应对象 (`FindEnabledSSLPolicyConfigResponse`)**
```json
{
"sslPolicyJSON": "bytes // 策略配置信息"
}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/findEnabledSSLPolicyConfig" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
## updateSSLPolicy
> 修改策略
- 角色:`admin`, `user`
- HTTP`POST https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy`
- RPC`rpc updateSSLPolicy (UpdateSSLPolicyRequest) returns (RPCSuccess);`
**请求对象 (`UpdateSSLPolicyRequest`)**
```json
{
"sslPolicyId": "int64 // 策略ID",
"http2Enabled": "bool // 可选项是否启用HTTP/2",
"http3Enabled": "bool // 可选项是否启用HTTP/3在满足条件的基础上",
"minVersion": "string // 支持的最低SSL版本可选择值 SSL 3.0, TLS 1.0, TLS 1.1, TLS 1.2, TLS 1.3",
"sslCertsJSON": "bytes // 关联的证书信息 json:ssl_cert_refs",
"hstsJSON": "bytes // 可选项HSTS配置 json:hsts",
"clientAuthType": "int32 // 可选项客户端校验类型0 无需证书1 需要客户端证书2 需要任一客户端证书3 如果客户端上传了证书才校验4 需要客户端证书而且需要校验",
"clientCACertsJSON": "bytes // 可选项CA证书内容",
"cipherSuites": "[]string // 可选项,自定义加密套件",
"cipherSuitesIsOn": "bool // 可选项,是否启用自定义加密套件",
"ocspIsOn": "bool // 可选项是否启用OCSP"
}
```
**响应对象 (`RPCSuccess`)**
```json
{}
```
**调用示例**
```bash
curl -X POST "https://backend.dooki.cloud/SSLPolicyService/updateSSLPolicy" \
-H "Content-Type: application/json" \
-H "X-Edge-Access-Token: <YOUR_TOKEN>" \
-d '{
...
}'
```
---
Reference in New Issue View Git Blame Copy Permalink