wzj/certmanager
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 10 Wiki Activity

修复根证书信任问题

Browse Source
This commit is contained in:
wzj 2025-06-15 07:28:54 +08:00
parent 47f0c572b3
commit c5e8fd6e3f
1 changed files with 76 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
templates/create_certificate.html
View File

@ -8,7 +8,7 @@
<h4 class="card-title">创建新证书</h4> <h4 class="card-title">创建新证书</h4>
</div> </div>
<div class="card-body"> <div class="card-body">
<form method="POST" action="{{ url_for('create_certificate_view') }}"> <form method="POST" action="{{ url_for('create_certificate_view') }}" id="certificateForm">
<div class="row mb-3"> <div class="row mb-3">
<div class="col-md-6"> <div class="col-md-6">
<label for="common_name" class="form-label">通用名(CN)</label> <label for="common_name" class="form-label">通用名(CN)</label>
@ -57,12 +57,24 @@
<div class="row mb-3"> <div class="row mb-3">
<div class="col-md-6"> <div class="col-md-6">
<label for="san_dns" class="form-label">SAN DNS (可选)</label> <label for="san_dns" class="form-label">
SAN DNS (可选)
<span class="text-primary ms-1" data-bs-toggle="tooltip"
title="Subject Alternative Name - 主题备用名称,用于指定证书可用的多个域名">
<i class="fas fa-question-circle"></i>
</span>
</label>
<input type="text" class="form-control" id="san_dns" name="san_dns"> <input type="text" class="form-control" id="san_dns" name="san_dns">
<div class="form-text">多个DNS用逗号分隔如: example.com,www.example.com</div> <div class="form-text">多个DNS用逗号分隔如: example.com,www.example.com</div>
</div> </div>
<div class="col-md-6"> <div class="col-md-6">
<label for="san_ip" class="form-label">SAN IP (可选)</label> <label for="san_ip" class="form-label">
SAN IP (可选)
<span class="text-primary ms-1" data-bs-toggle="tooltip"
title="Subject Alternative Name - 主题备用名称用于指定证书可用的多个IP地址">
<i class="fas fa-question-circle"></i>
</span>
</label>
<input type="text" class="form-control" id="san_ip" name="san_ip"> <input type="text" class="form-control" id="san_ip" name="san_ip">
<div class="form-text">多个IP用逗号分隔如: 192.168.1.1,10.0.0.1</div> <div class="form-text">多个IP用逗号分隔如: 192.168.1.1,10.0.0.1</div>
</div> </div>
@ -90,4 +102,65 @@
</form> </form>
</div> </div>
</div> </div>
<!-- SAN 警告模态框 -->
<div class="modal fade" id="sanWarningModal" tabindex="-1" aria-labelledby="sanWarningModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="sanWarningModalLabel">缺少SAN扩展警告</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<p>您没有配置任何SAN(主题备用名称)扩展,这可能导致以下问题:</p>
<ul>
<li>现代浏览器可能不信任没有SAN扩展的证书</li>
<li>证书只能通过Common Name(CN)字段指定的名称访问</li>
<li>不符合现代安全标准</li>
</ul>
<p>建议至少配置一个DNS SAN或IP SAN。</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-secondary" data-bs-dismiss="modal">返回修改</button>
<button type="button" class="btn btn-primary" id="continueWithoutSan">继续创建</button>
</div>
</div>
</div>
</div>
{% endblock %}
{% block scripts %}
{{ super() }}
<script>
// 初始化工具提示
document.addEventListener('DOMContentLoaded', function() {
// 初始化Bootstrap工具提示
var tooltipTriggerList = [].slice.call(document.querySelectorAll('[data-bs-toggle="tooltip"]'))
var tooltipList = tooltipTriggerList.map(function (tooltipTriggerEl) {
return new bootstrap.Tooltip(tooltipTriggerEl)
})
// 表单提交验证
document.getElementById('certificateForm').addEventListener('submit', function(e) {
const sanDns = document.getElementById('san_dns').value.trim()
const sanIp = document.getElementById('san_ip').value.trim()
// 检查是否没有配置任何SAN
if (!sanDns && !sanIp) {
e.preventDefault() // 阻止表单提交
// 显示警告模态框
var sanWarningModal = new bootstrap.Modal(document.getElementById('sanWarningModal'))
sanWarningModal.show()
// 继续创建按钮事件
document.getElementById('continueWithoutSan').addEventListener('click', function() {
sanWarningModal.hide()
document.getElementById('certificateForm').submit()
})
}
})
})
</script>
{% endblock %} {% endblock %}