1.添加keyringid未注册情况下，读取本地默认证书mesalab-def-cert签发证书

2.添加valid为不可用，读取keyringid为256不信任证书mesalab-insec签发证书 3.添加证书类型为实体证书，本地签发流程（证书可用优先级 > 证书类型） 4.添加全量增量匹配链表头迁移
2018-09-10 10:01:27 +08:00
parent 2a844d3205
commit e971346db2
12 changed files with 293 additions and 193 deletions
--- a/conf/cert_store.ini
+++ b/conf/cert_store.ini
@@ -3,14 +3,14 @@
 DEBUG_SWITCH = 1

 #10:DEBUG, 20:INFO, 30:FATAL
-RUN_LOG_LEVEL = 20
+RUN_LOG_LEVEL = 10
 RUN_LOG_PATH = ./logs
 [CONFIG]
 thread-nu = 4
+expire_after = 30
+def-ca-path = ../ca
 table_info = ../conf/table_info.conf
 pxy_obj_keyring = ../conf/pxy_obj_keyring.json
-ca-path = ../ca
-valid-days = 30
 [LIBEVENT]
 port = 9991
 [REDIS]
--- a/conf/pxy_obj_keyring.json
+++ b/conf/pxy_obj_keyring.json
@@ -73,12 +73,13 @@
        {
            "table_name": "PXY_OBJ_KEYRING",
            "table_content": [
-                "1\t1\tname_01\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
-                "2\t1\tname_02\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
+                "1\t1\tname_01\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t15\trsa2048\tnull\t1",
+                "2\t1\tname_02\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t90\trsa2048\tnull\t1",
                "3\t1\tname_03\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
-                "4\t1\tname_04\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
-                "5\t1\tname_05\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
-                "6\t1\tname_06\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1"
+                "4\t1\tname_04\tend-entity\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
+                "5\t1\tname_05\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t0",
+                "6\t1\tname_06\tintermediate\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-ca-cert.cer\t30\trsa2048\tnull\t1",
+				"256\t1\tinsec\troot\t/home/fengweihao/workspace/cert_store/ca/mesalab-insec-cert.key\t/home/fengweihao/workspace/cert_store/ca/mesalab-insec-cert.cer\t30\trsa2048\tnull\t1"
            ]
        }
    ]