/**
* @param \PhpAmqpLib\Message\AMQPMessage $msg
*/
function process_message($msg)
{
// load content queue
$content = json_decode($msg->body, TRUE);
// echo "<pre>"; print_r($content); echo "/<pre>";
if ($content['action'] === 'create' || $content['action'] === 'renew') {
$renew = $content['action'] === 'renew';
$infos = $content['infos'];
$db = new VHFFS();
$vh = $db->get_httpd_from_servername($infos['domain']);
$vl = VHFFS_letsencrypt::get_from_httpd_id($vh->httpd_id);
if (empty($vl)) {
$vl = new VHFFS_letsencrypt($vh->httpd_id);
}
$error = create_cert($infos, $renew);
if (isset($error)) {
$vl->cert_error($error);
} else {
$vl->cert_ok();
}
$msg->delivery_info['channel']->basic_ack($msg->delivery_info['delivery_tag']);
}
}
$contents = file_get_contents($file_contents);
openssl_pkcs12_read($pkcs12, $cert, $pass);
while ($msg = openssl_error_string()) {
echo $msg . "<br />\n";
}
openssl_private_decrypt($contents, $decrypted, $cert['pkey']);
if ($plain === $decrypted) {
echo "+Ok, decrypt succ!\n";
} else {
echo "-Err, decrypt fail!(" . __LINE__ . ")\n";
}
}
if (!is_dir($path)) {
mkdir($path, 0775);
} else {
exec("rm -fr {$path}/*", $out, $ret);
}
create_ca();
create_cert();
check_cert();
encrypt();
decrypt();
/*
* 测试:
* (1)CA 证书不过期,用户证书过期
* (2)CA 证书过期,用户证书不过期
*
* 结论:
* (1)CA 证书过期,则用户证书验证失败
* (2)CA 证书有效,用户证书过期,则验证失败
*/
