diff --git a/internal/job/cert_renew.go b/internal/job/cert_renew.go index 320dcb73..d32a1fa2 100644 --- a/internal/job/cert_renew.go +++ b/internal/job/cert_renew.go @@ -2,7 +2,6 @@ package job import ( "log/slog" - "path/filepath" "time" "gorm.io/gorm" @@ -10,8 +9,6 @@ import ( "github.com/tnb-labs/panel/internal/app" "github.com/tnb-labs/panel/internal/biz" pkgcert "github.com/tnb-labs/panel/pkg/cert" - "github.com/tnb-labs/panel/pkg/io" - "github.com/tnb-labs/panel/pkg/shell" ) // CertRenew 证书续签 @@ -60,19 +57,4 @@ func (r *CertRenew) Run() { r.log.Warn("[Cert Renew] failed to renew cert", slog.Any("err", err)) } } - - // 续签面板证书 - panelCert, err := io.Read(filepath.Join(app.Root, "panel/storage/cert.pem")) - if err != nil { - r.log.Warn("[Cert Renew] failed to read panel cert", slog.Any("err", err)) - return - } - decode, err := pkgcert.ParseCert(panelCert) - if err != nil { - r.log.Warn("[Cert Renew] failed to parse panel cert", slog.Any("err", err)) - return - } - if time.Until(decode.NotAfter) < 24*7*time.Hour { - _, _ = shell.Exec("panel-cli https generate") - } } diff --git a/pkg/cert/cert.go b/pkg/cert/cert.go index f414b447..32e7d9cb 100644 --- a/pkg/cert/cert.go +++ b/pkg/cert/cert.go @@ -141,7 +141,7 @@ func GenerateSelfSigned(names []string) (cert []byte, key []byte, err error) { SerialNumber: big.NewInt(2), Subject: pkix.Name{CommonName: "Rat Panel CA"}, NotBefore: time.Now(), - NotAfter: time.Now().AddDate(3, 0, 0), + NotAfter: time.Now().AddDate(10, 0, 0), BasicConstraintsValid: true, IsCA: true, KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageDigitalSignature, @@ -167,7 +167,7 @@ func GenerateSelfSigned(names []string) (cert []byte, key []byte, err error) { SerialNumber: big.NewInt(3), Subject: pkix.Name{CommonName: "Rat Panel"}, NotBefore: time.Now(), - NotAfter: time.Now().AddDate(1, 0, 0), + NotAfter: time.Now().AddDate(10, 0, 0), KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment, ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}, }