# Automated the end-to-end SSL certificate lifecycle, including application and generation via Google Trust Services (GTS), ZeroSSL, and Let's Encrypt.
Description:
因應人工購買憑證的繁瑣作業以及證書期限的縮短,開發申請憑證介面+自動化生成
Developed an automated SSL certificate issuance system to streamline manual procurement processes and
address shortened certificate validity periods.
Tech Stack:
Features:
Results:
Architecture Overview:
1. ACME Register
sequenceDiagram
participant App as Client Application
participant ACME as ACME Server
participant DB as MongoDB
App->>DB: Account Create
App->>ACME: ACME Registration (JWS)
ACME-->>App: Registration Success (Account URL)
App->>DB: Save Register Info
2. Order Request
sequenceDiagram
participant App as Internal Platform
participant ACME as ACME Server (Google (GTS)/Let's Encrypt/ZeroSSL)
participant DNS as DNS Provider (Cloudflare)
App->>ACME: Order Request (new_order)
ACME-->>App: Order Applied (Pending)
App->>DNS: Auto Check & Verify DNS Record
App->>ACME: Auto Challenge (DNS-01/HTTP-01)
ACME-->>App: Order Completed (Valid)
3. Order Renew
sequenceDiagram
participant Cron as PM2 Task (while True)
participant DB as MongoDB
participant App as ACME Core
Cron->>DB: Check auto_renew Order List
DB-->>Cron: Return Expiring Orders
Cron->>App: Trigger ACME new_order