aliyun-cert

No project description provided

These details have been verified by PyPI

Project links

GitHub Statistics

Maintainers

opensight

These details have not been verified by PyPI

Project description

功能

通过本脚本可以为阿里云的 CDN 以及 直播服务 域名申请配置以及自动续期免费的 let's encrypt 证书。 DOC EN

安装和配置

本脚本仅支持 Python 3

pip install aliyun-cert

需要配置阿里云 ram 账号的 access key，并至少赋予用户如下权限：

AliyunDNSFullAccess
AliyunCDNFullAccess
AliyunYundunCertFullAccess

如需同时配置直播 CDN 的证书，还需赋予如下权限：

AliyunLiveFullAccess

access key 记录在一个文件中，比如 ~/.serects/aliyun.ini，格式如下

dns_aliyun_key_id = xxx
dns_aliyun_key_secret = yyy

申请并配置证书

证书支持多域名，以及通配符域名，根据自己情况替换下面的 example.com 以及 *.example.com

certbot certonly \
  --authenticator dns-aliyun \
  --dns-aliyun-propagation-seconds 30 \
  --dns-aliyun-credentials ~/.secrets/aliyun.ini \
  -d example.com -d *.example.com

为阿里云配置证书

# 上传证书到阿里云 cas 服务
aliyun-cert upload-cert --domain example.com /etc/letsencrypt/live/example.com/fullchain.pem /etc/letsencrypt/live/example.com/privkey.pem

# 为 CDN 域名配置证书，cert-id 为上一步返回的 id
aliyun-cert set-cert --cert-id 123456 --domain cdn.example.com --service cdn

查看证书情况

# 显示阿里云证书服务上所有上传上去的证书
aliyun-cert list-certs

# 显示所有开通了 HTTPS 的 CDN 域名及其证书情况
aliyun-cert lish-domains --cdn

证书续期

创建 crontab 文件 /etc/cron.d/certbot

0 0,12 * * * root sleep 1471 && certbot renew -q

创建 certbot 的 deploy hook 脚本，每次 certbot 成功续期续期证书后都会自动调用改脚本上传证书并配置阿里云的服务 /etc/letsencrypt/renewal-hooks/deploy/09-deploy-aliyun.sh

#!/bin/bash

aliyun-cert certbot-deploy-hook --cdn --delete-old-cert

Project details

These details have been verified by PyPI

Project links

GitHub Statistics

Maintainers

opensight

These details have not been verified by PyPI

Release history Release notifications | RSS feed

This version

0.1.4

Dec 27, 2025

0.1.0

Feb 15, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aliyun_cert-0.1.4.tar.gz (22.6 kB view details)

Uploaded Dec 27, 2025 Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

aliyun_cert-0.1.4-py3-none-any.whl (21.8 kB view details)

Uploaded Dec 27, 2025 Python 3

File details

Details for the file aliyun_cert-0.1.4.tar.gz.

File metadata

Download URL: aliyun_cert-0.1.4.tar.gz
Upload date: Dec 27, 2025
Size: 22.6 kB
Tags: Source
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aliyun_cert-0.1.4.tar.gz
Algorithm	Hash digest
SHA256	`84296c2965f939a12823f8be13376f53ba63d1c7ee50bd478eeabe336d19a56e`
MD5	`ed7b3474bb60bdcc739dc4a9b5983d5e`
BLAKE2b-256	`5ce3920d0eff02a222da14872f211a52cd407ff6c4bb0f4bac0d241fc4c608ec`

See more details on using hashes here.

Provenance

The following attestation bundles were made for aliyun_cert-0.1.4.tar.gz:

Publisher: pypi-publish.yml on OpenSight/aliyun-cert

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: aliyun_cert-0.1.4.tar.gz
- Subject digest: 84296c2965f939a12823f8be13376f53ba63d1c7ee50bd478eeabe336d19a56e
- Sigstore transparency entry: 780244383
- Sigstore integration time: Dec 27, 2025
Source repository:
- Permalink: OpenSight/aliyun-cert@7a4e2e872fb709e632626db7dadc66e04c5904a0
- Branch / Tag: refs/tags/v0.1.4
- Owner: https://github.com/OpenSight
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: pypi-publish.yml@7a4e2e872fb709e632626db7dadc66e04c5904a0
- Trigger Event: push

File details

Details for the file aliyun_cert-0.1.4-py3-none-any.whl.

File metadata

Download URL: aliyun_cert-0.1.4-py3-none-any.whl
Upload date: Dec 27, 2025
Size: 21.8 kB
Tags: Python 3
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for aliyun_cert-0.1.4-py3-none-any.whl
Algorithm	Hash digest
SHA256	`ed47f91cfb23f7864955a194b2a5c8deab334f4b530691c34a033df65fd6985a`
MD5	`3cecf03d61a3d02c0bbdea2d1290fa24`
BLAKE2b-256	`7bdf481ea27f925fd90ab6d297d9a95ef2847fbca94215782a3c4ce98c8253cf`

See more details on using hashes here.

Provenance

The following attestation bundles were made for aliyun_cert-0.1.4-py3-none-any.whl:

Publisher: pypi-publish.yml on OpenSight/aliyun-cert

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: aliyun_cert-0.1.4-py3-none-any.whl
- Subject digest: ed47f91cfb23f7864955a194b2a5c8deab334f4b530691c34a033df65fd6985a
- Sigstore transparency entry: 780244385
- Sigstore integration time: Dec 27, 2025
Source repository:
- Permalink: OpenSight/aliyun-cert@7a4e2e872fb709e632626db7dadc66e04c5904a0
- Branch / Tag: refs/tags/v0.1.4
- Owner: https://github.com/OpenSight
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: pypi-publish.yml@7a4e2e872fb709e632626db7dadc66e04c5904a0
- Trigger Event: push

aliyun-cert 0.1.4

Navigation

Verified details

Project links

GitHub Statistics

Maintainers

Unverified details

Meta

Classifiers

Project description

功能

安装和配置

申请并配置证书

证书续期

Project details

Verified details

Project links

GitHub Statistics

Maintainers

Unverified details

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution

File details

File metadata

File hashes

Provenance

File details

File metadata

File hashes

Provenance