From 2196c19ac70fbd7e7dd9403379ccd9a11d61b041 Mon Sep 17 00:00:00 2001 From: jingrow Date: Sat, 19 Apr 2025 22:37:20 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E8=8E=B7=E5=8F=96=E8=AF=81?= =?UTF-8?q?=E4=B9=A6=E6=97=B6=E6=97=A0=E6=B3=95=E6=89=BE=E5=88=B0root=20do?= =?UTF-8?q?main?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pagetype/tls_certificate/tls_certificate.py | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/jcloud/jcloud/pagetype/tls_certificate/tls_certificate.py b/jcloud/jcloud/pagetype/tls_certificate/tls_certificate.py index a08bad1..b8fbea4 100644 --- a/jcloud/jcloud/pagetype/tls_certificate/tls_certificate.py +++ b/jcloud/jcloud/pagetype/tls_certificate/tls_certificate.py @@ -13,7 +13,6 @@ from jcloud.api.site import check_dns_cname_a from jcloud.overrides import get_permission_query_conditions_for_pagetype from jcloud.runner import Ansible from jcloud.utils import get_current_team, log_error -from tldextract import extract class TLSCertificate(Document): @@ -332,6 +331,9 @@ class LetsEncrypt: def _obtain(self): """根据域名类型选择验证方式""" + if not os.path.exists(self.directory): + os.mkdir(self.directory) + if self.wildcard: # 通配符域名需要DNS验证和Root Domain记录 self._obtain_wildcard() @@ -345,12 +347,9 @@ class LetsEncrypt: - 'AWS Route 53' => 用 AWS_ACCESS_KEY_ID / SECRET - 'DNSPod' => 生成临时 ini 文件, 走 -a dns-dnspod """ - # 如果是通配符域名,就去掉"*."前缀 + # 对于通配符证书,直接使用域名而不提取根域名 domain_to_check = self.domain[2:] if self.domain.startswith("*.") else self.domain - # 使用tldextract提取根域名 - extracted = extract(domain_to_check) - root_domain = f"{extracted.domain}.{extracted.suffix}" - domain_pg = jingrow.get_pg("Root Domain", root_domain) + domain_pg = jingrow.get_pg("Root Domain", domain_to_check) provider = domain_pg.dns_provider if provider == "AWS Route 53":