支持导出ca

2025-06-14 09:43:08 +08:00 · 2025-06-14 09:43:08 +08:00 · df91c85d97
commit df91c85d97
parent 6361806dcb
2 changed files with 43 additions and 1 deletions
--- a/app.py
+++ b/app.py
@ -875,6 +875,48 @@ def renew_certificate_view(cert_id):
    return render_template('renew_certificate.html', cert=cert)


+@app.route('/cas/<int:ca_id>/export')
+@login_required
+def export_ca_view(ca_id):
+    ca = get_ca_by_id(ca_id)
+    if not ca:
+        flash('CA不存在', 'danger')
+        return redirect(url_for('ca_list'))
+
+    # 检查权限
+    if not current_user.is_admin and ca['created_by'] != current_user.id:
+        flash('无权操作此CA', 'danger')
+        return redirect(url_for('ca_list'))
+
+    # 创建临时zip文件
+    memory_file = BytesIO()
+
+    try:
+        with zipfile.ZipFile(memory_file, 'w', zipfile.ZIP_DEFLATED) as zf:
+            # 添加CA证书文件
+            with open(ca['cert_path'], 'r') as f:
+                cert_content = f.read()
+            zf.writestr(f"{ca['common_name']}_ca.crt", cert_content)
+
+            # 添加CA私钥文件(可选，只有管理员可以导出私钥)
+            if current_user.is_admin:
+                with open(ca['key_path'], 'r') as f:
+                    key_content = f.read()
+                zf.writestr(f"{ca['common_name']}_ca.key", key_content)
+
+        memory_file.seek(0)
+
+        return Response(
+            memory_file.getvalue(),
+            mimetype="application/zip",
+            headers={
+                "Content-Disposition": f"attachment; filename={ca['name']}_ca_bundle.zip"
+            }
+        )
+    except Exception as e:
+        flash(f'导出CA失败: {str(e)}', 'danger')
+        return redirect(url_for('ca_detail', ca_id=ca_id))
+
@app.route('/certificates/<int:cert_id>/export', methods=['GET', 'POST'])
@login_required
 def export_certificate_view(cert_id):
@ -970,7 +1012,6 @@ def generate_separate_files_zip(cert, cert_ext, zip_suffix):
        flash(f'创建ZIP文件失败: {str(e)}', 'danger')
        return redirect(url_for('export_certificate_view', cert_id=cert['id']))

-
@app.route('/download/<path:filename>')
@login_required
 def download_file(filename):
--- a/templates/ca_detail.html
+++ b/templates/ca_detail.html
@ -6,6 +6,7 @@
 <div class="d-flex justify-content-between align-items-center mb-3">
    <h2>CA机构详情: {{ ca.name }}</h2>
    <div>
+        <a href="{{ url_for('export_ca_view', ca_id=ca.id) }}" class="btn btn-primary me-2">导出CA</a>
        <a href="{{ url_for('generate_crl_view', ca_id=ca.id) }}" class="btn btn-warning me-2">生成CRL</a>
        {% if crl %}
            <a href="{{ url_for('download_crl', ca_id=ca.id) }}" class="btn btn-success">下载CRL</a>