怎样安装让WHMCS通过EPP连接注册局

2018年8月17日 | 分类: 【源码】

【介绍】

名称:Generic EPP module for WHMCS
功能:本插件通过EPP协议提供连接域名注册局实现域名管理的完整功能。

官网:https://codecanyon.net/item/generic-epp-domain-module-for-whmcs/19255581
价格:$20

参考:https://www.jianshu.com/p/045f95c008a0
参考:https://www.cnblogs.com/Anker/p/6018032.html

Extensible Provisioning Protocol (EPP): RFC 5730, 5731, 5732, 5733, 5734, 5910

已兼容:
https://www.rrpproxy.net/ (https://www.rrpproxy.net/API/EPP)
http://www.udr.hk.com/registry
https://sourceforge.net/projects/epp-server/ Open Source EPP Server

【环境】

要求WHMCS在7.1.2或之上版本。

【安装】

上传 ‘genericepp’ 目录到 /modules/registrars/ 。

为日志文件设置写权限 /modules/registrars/genericepp/log/genericepp.log

【证书】

1. 创建密钥文件 domain.key :

cd /etc/pki/tls/private
openssl genrsa -des3 -out domain.key 2048

输出:

Generating RSA private key, 2048 bit long modulus
.....................................................................................................................+++
..........................+++
e is 65537 (0x010001)
Enter pass phrase for domain.key: ← 输入一个新密码 
Verifying – Enter pass phrase for domain.key: ← 重新输入一遍密码

2. 创建根证书的申请文件 domain.csr :

cd /etc/pki/tls/certs/
openssl req -new -key /etc/pki/tls/private/domain.key -out domain.csr

输出:

Enter pass phrase for root.key: ← 输入前面创建的密码 
You are about to be asked to enter information that will be incorporated 
into your certificate request. 
What you are about to enter is what is called a Distinguished Name or a DN. 
There are quite a few fields but you can leave some blank 
For some fields there will be a default value, 
If you enter ‘.’, the field will be left blank. 
—– 
Country Name (2 letter code) [AU]:CN ← 国家代号,中国输入CN 
State or Province Name (full name) [Some-State]:BeiJing ← 省的全名,拼音 
Locality Name (eg, city) []:BeiJing ← 市的全名,拼音 
Organization Name (eg, company) [Internet Widgits Pty Ltd]:MyCompany Corp. ← 公司英文名 
Organizational Unit Name (eg, section) []: ← 可以不输入 
Common Name (eg, YOUR name) []: ← 此时不输入 
Email Address []:admin@mycompany.com ← 电子邮箱,可随意填

Please enter the following ‘extra’ attributes 
to be sent with your certificate request 
A challenge password []: ← 可以不输入 
An optional company name []: ← 可以不输入

3. 创建一个自当前日期起为期十年的根证书 domain.crt :

cd /etc/pki/tls/certs
openssl x509 -req -days 3650 -sha256 -extfile /etc/ssl/openssl.cnf -extensions v3_ca -signkey /etc/pki/tls/private/domain.key -in /etc/pki/tls/certs/domain.csr -out domain.crt

输出:

Signature ok 
subject=/C=CN/ST=BeiJing/L=BeiJing/O=MyCompany Corp./emailAddress=admin@mycompany.com
Getting Private key 
Enter pass phrase for domain.key: ← 输入前面创建的密码

4. 创建 .pfx 文件:

cd /etc/pki/tls/certs
openssl pkcs12 -export -out certificate.pfx -inkey /etc/pki/tls/private/domain.key -in /etc/pki/tls/certs/domain.crt -certfile /etc/pki/tls/certs/ca-bundle.crt

输出:

Enter pass phrase for domain.key:
Enter Export Password:
Verifying - Enter Export Password:

5A. 创建 .pem 文件(使用 PassPhrase):

cd /etc/pki/tls/certs
openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

输出:

Enter Import Password:
MAC verified OK

5B. 创建 .pem 文件(不使用 PassPhrase):

cd /etc/pki/tls/certs
openssl pkcs12 -in certificate.pfx -out certificate.cer

上传证书:

cp /etc/pki/tls/certs/certificate.cer <whmcs_root>/modules/registrars/genericepp/local_cert/certificate.cer
cp /etc/pki/tls/private/domain.key <whmcs_root>/modules/registrars/genericepp/local_pk/domain.key
cp /etc/pki/tls/certs/domain.crt <whmcs_root>/modules/registrars/genericepp/cafile/domain.crt

【使用LE签发证书】

尚未实证。

dnf install git net-tools
git clone https://github.com/certbot/certbot.git && cd certbot/
./letsencrypt-auto --help
systemctl stop httpd
./letsencrypt-auto certonly --standalone

【测试】

如果需要测试连接注册局服务器,先确认客户端的700端口是否开放。

telnet epp-ote.nic.xy 700
openssl s_client -showcerts -connect epp-ote.nic.xy:700

客户端CA:

openssl s_client -showcerts -connect epp-ote.nic.xy:700 -CAfile gd_bundle.crt

测试证书:

openssl s_client -showcerts -connect epp-ote.nic.xy:700 -CAfile CA_bundle.crt -cert yourdomain.com.crt -key yourdomain.com.key

添加域名后缀相应WHOIS服务器:

编辑:/resources/domains/dist.whois.json

   {
        "extensions": ".com.xy,.org.xy",
        "uri": "socket://whois.com.xy",
        "available": "No match for"
    }

在WHMCS中配置:

1. 登录 WHMCS 管理面板。
2. Setup > Products/Service > Domain registrars 激活 Generic EPP 模块。
3. 使用登录资料配置模块

使用模块:

1. 登录 WHMCS 管理面板。
2. Setup > Products/Service > Domain pricing 添加 “.yourtld” TLD后缀,选择 “Genericepp” 模块。
3. 为不同注册年限设置定价。