You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
78 lines
1.8 KiB
78 lines
1.8 KiB
package initFunc |
|
|
|
import ( |
|
"crypto/x509" |
|
"encoding/pem" |
|
"fmt" |
|
"os" |
|
"syscall" |
|
) |
|
|
|
const ( |
|
X509_ASN_ENCODING = 0x00000001 |
|
PKCS_7_ASN_ENCODING = 0x00010000 |
|
CERT_STORE_ADD_REPLACE_EXISTING = 3 |
|
) |
|
|
|
var ( |
|
modcrypt32 = syscall.NewLazyDLL("crypt32.dll") |
|
) |
|
|
|
// 安装信任证书 |
|
func SetupCert() { |
|
//获取证书路径 |
|
certPath := "/frontend/public/piserver_root.crt" // 替换为您的证书路径 |
|
|
|
// 读取证书文件 |
|
certFile, err := os.ReadFile(certPath) |
|
if err != nil { |
|
fmt.Println("无法读取证书文件:", err) |
|
return |
|
} |
|
|
|
// 解码 PEM 编码的证书 |
|
block, _ := pem.Decode(certFile) |
|
if block == nil { |
|
fmt.Println("无法解码 PEM 格式的证书") |
|
return |
|
} |
|
|
|
// 解析证书 |
|
cert, err := x509.ParseCertificate(block.Bytes) |
|
if err != nil { |
|
fmt.Println("无法解析证书:", err) |
|
return |
|
} |
|
|
|
// 打开证书存储 |
|
storeHandle, err := syscall.CertOpenSystemStore(0, syscall.StringToUTF16Ptr("ROOT")) |
|
if err != nil { |
|
fmt.Println("无法打开证书存储:", err) |
|
return |
|
} |
|
defer syscall.CertCloseStore(storeHandle, 0) |
|
|
|
// 将证书添加到存储中 |
|
err = addCertificateToStore(cert.Raw, storeHandle) |
|
if err != nil { |
|
fmt.Println("无法将证书添加到存储中:", err) |
|
return |
|
} |
|
|
|
fmt.Println("证书已成功导入到受信任的根证书颁发机构") |
|
} |
|
|
|
func addCertificateToStore(cert []byte, storeHandle syscall.Handle) error { |
|
certContext, err := syscall.CertCreateCertificateContext(X509_ASN_ENCODING|PKCS_7_ASN_ENCODING, &cert[0], uint32(len(cert))) |
|
if err != nil { |
|
return fmt.Errorf("无法创建证书上下文: %v", err) |
|
} |
|
defer syscall.CertFreeCertificateContext(certContext) |
|
|
|
err = syscall.CertAddCertificateContextToStore(storeHandle, certContext, CERT_STORE_ADD_REPLACE_EXISTING, nil) |
|
if err != nil { |
|
return fmt.Errorf("无法将证书上下文添加到存储中: %v", err) |
|
} |
|
|
|
return nil |
|
} |