Open
Description
Issue description
The current documentation mentions that the /apisix/admin/check_ssl_exists endpoint accepts the following payload:
| Name | Located in | Description | Required | Schema |
|---|---|---|---|---|
| cert | body | cert of SSL | Yes | string |
| key | body | key of SSL | Yes | string |
However, the unit tests seem to indicate that this is not correct:
Entry("check host exist", base.HttpTestCase{
Object: base.ManagerApiExpect(),
Method: http.MethodPost,
Path: "/apisix/admin/check_ssl_exists",
Body: `{"hosts": ["www.test2.com"]}`,
Headers: map[string]string{"Authorization": base.GetToken()},
ExpectStatus: http.StatusOK,
}),
Expected behavior
The documentation should mention the correct payload schema, which is
| Name | Located in | Description | Required | Schema |
| ----- | ---------- | ------------ | -------- | ---------- |
| hosts | body | List of SNIs | Yes | [ string ] |
How to Reproduce
If following the documentation, the request fails:
$ curl \
-X POST \
--silent --show-error --fail-with-body \
"$APISIX_HOST/apisix/admin/check_ssl_exists" \
-H "Authorization: $TOKEN" \
--data '{"cert":"'"$SSL_CERT"'","key":"'"$SSL_KEY"'"}'
{"code":10000,"message":"hosts could not be empty","data":null,"request_id":"..."}
Screenshots
No response
Environment
- apisix version (cmd:
apisix version): 3.3.0 - OS (cmd:
uname -a):Linux apisix-dashboard-7f5f4ccdcd-5m974 5.15.146.1-microsoft-standard-WSL2 #1 SMP Thu Jan 11 04:09:03 UTC 2024 x86_64 Linux - OpenResty / Nginx version (cmd:
nginx -Voropenresty -V):
nginx version: openresty/1.21.4.1
built by gcc 10.2.1 20210110 (Debian 10.2.1-6)
built with OpenSSL 1.1.1s 1 Nov 2022
TLS SNI support enabled
configure arguments: --prefix=/usr/local/openresty/nginx --with-cc-opt='-O2 -DAPISIX_BASE_VER=1.21.4.1.8 -DNGX_GRPC_CLI_ENGINE_PATH=/usr/local/openresty/libgrpc_engine.so -DNGX_HTTP_GRPC_CLI_ENGINE_PATH=/usr/local/openresty/libgrpc_engine.so -DNGX_LUA_ABORT_AT_PANIC -I/usr/local/openresty/zlib/include -I/usr/local/openresty/pcre/include -I/usr/local/openresty/openssl111/include' --add-module=../ngx_devel_kit-0.3.1 --add-module=../echo-nginx-module-0.62 --add-module=../xss-nginx-module-0.06 --add-module=../ngx_coolkit-0.2 --add-module=../set-misc-nginx-module-0.33 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.09 --add-module=../srcache-nginx-module-0.32 --add-module=../ngx_lua-0.10.21 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.19 --add-module=../redis2-nginx-module-0.15 --add-module=../redis-nginx-module-0.3.9 --add-module=../ngx_stream_lua-0.0.11 --with-ld-opt='-Wl,-rpath,/usr/local/openresty/luajit/lib -Wl,-rpath,/usr/local/openresty/wasmtime-c-api/lib -L/usr/local/openresty/zlib/lib -L/usr/local/openresty/pcre/lib -L/usr/local/openresty/openssl111/lib -Wl,-rpath,/usr/local/openresty/zlib/lib:/usr/local/openresty/pcre/lib:/usr/local/openresty/openssl111/lib' --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../mod_dubbo-1.0.2 --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../ngx_multi_upstream_module-1.1.1 --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../apisix-nginx-module-1.12.0 --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../apisix-nginx-module-1.12.0/src/stream --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../apisix-nginx-module-1.12.0/src/meta --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../wasm-nginx-module-0.6.4 --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../lua-var-nginx-module-v0.5.3 --add-module=/tmp/tmp.kOo9UFlgbS/openresty-1.21.4.1/../grpc-client-nginx-module-v0.4.2 --with-poll_module --with-pcre-jit --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_v2_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module --with-http_stub_status_module --with-http_realip_module --with-http_addition_module --with-http_auth_request_module --with-http_secure_link_module --with-http_random_index_module --with-http_gzip_static_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-threads --with-compat --with-stream --with-http_ssl_module
- etcd version, if have (cmd: run
etcd --version):
etcd Version: 3.5.7
Git SHA: 215b53cf3
Go Version: go1.17.13
Go OS/Arch: linux/amd64
- apisix-dashboard version, if have:
3.0.0
- Browser version, if have:
curl 8.9.1 (x86_64-pc-linux-gnu) libcurl/8.9.1 OpenSSL/3.3.1 zlib/1.3.1 brotli/1.1.0 zstd/1.5.6 libidn2/2.3.7 libssh2/1.11.0 nghttp2/1.61.0 librtmp/2.3 OpenLDAP/2.6.8
Release-Date: 2024-07-31
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM SPNEGO SSL threadsafe TLS-SRP UnixSockets zstd
Additional context
No response