修改拦截策略的证书信息校验规则：

1. Keyring的下拉列表显示全部已生效的证书； 2. 如选择了实体证书，必须配置域名，或者IP与域名的组合配置； 3. 域名配置，如匹配方式为完全匹配，则域名必须与所选择的实体证书的CN和SAN相同。如匹配方式为后缀匹配，则域名须与所选择的实体证书的CN和SAN后缀相同； 4. 如选择了中间证书或者根证书，则可配置IP，或者域名，或者两者组合； Conflicts: src/main/resources/messages/message_en.properties src/main/resources/messages/message_ru.properties src/main/resources/messages/message_zh_CN.properties
2019-01-19 14:39:40 +06:00
parent 9e6e2fbd37
commit aa5eccf995
5 changed files with 60 additions and 30 deletions
--- a/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
+++ b/src/main/java/com/nis/web/controller/configuration/proxy/InterceptController.java
@@ -88,12 +88,12 @@ public class InterceptController extends CommonController {
 		}
 		// 获取证书信息
 		List<PxyObjKeyring> certificateList = new ArrayList<PxyObjKeyring>();
-		if (entity.getFunctionId().equals(200)) {
-			certificateList = pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, "ip");
-		}
-		if (entity.getFunctionId().equals(201)) {
-			certificateList = pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, "domain");
-		}
+//		if (entity.getFunctionId().equals(200)) {
+			certificateList = pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, null);
+//		}
+//		if (entity.getFunctionId().equals(201)) {
+//			certificateList = pxyObjKeyringService.findPxyObjKeyrings(null, 1, 1, "domain");
+//		}
 		model.addAttribute("certificateList", certificateList);

 		model.addAttribute("_cfg", entity);