feat: add certificate management security and cleanup dialog

- Documented certificate management security features in security.md, including backup and recovery processes. - Implemented CertificateCleanupDialog component for confirming deletion of orphaned certificates when deleting proxy hosts. - Enhanced ProxyHosts page to check for orphaned certificates and prompt users accordingly during deletion. - Added tests for certificate cleanup prompts and behaviors in ProxyHosts, ensuring correct handling of unique, shared, and production certificates.
2025-12-06 01:43:46 +00:00
parent bd5b3b31bf
commit 8e2ba14ae5
17 changed files with 2051 additions and 41 deletions
--- a/docs/api.md
+++ b/docs/api.md
@@ -187,6 +187,95 @@ Response 200: `{ "deleted": true }`

 ---

+### SSL Certificates
+
+#### List All Certificates
+
+```http
+GET /certificates
+```
+
+**Response 200:**
+```json
+[
+  {
+    "id": 1,
+    "uuid": "cert-uuid-123",
+    "name": "My Custom Cert",
+    "provider": "custom",
+    "domains": "example.com, www.example.com",
+    "expires_at": "2026-01-01T00:00:00Z",
+    "created_at": "2025-01-01T10:00:00Z"
+  }
+]
+```
+
+#### Upload Certificate
+
+```http
+POST /certificates/upload
+Content-Type: multipart/form-data
+```
+
+**Request Body:**
+- `name` (required) - Certificate name
+- `certificate_file` (required) - Certificate file (.crt or .pem)
+- `key_file` (required) - Private key file (.key or .pem)
+
+**Response 201:**
+```json
+{
+  "id": 1,
+  "uuid": "cert-uuid-123",
+  "name": "My Custom Cert",
+  "provider": "custom",
+  "domains": "example.com"
+}
+```
+
+#### Delete Certificate
+
+Delete a certificate. Requires that the certificate is not currently in use by any proxy hosts.
+
+```http
+DELETE /certificates/:id
+```
+
+**Parameters:**
+- `id` (path) - Certificate ID (numeric)
+
+**Response 200:**
+```json
+{
+  "message": "certificate deleted"
+}
+```
+
+**Response 400:**
+```json
+{
+  "error": "invalid id"
+}
+```
+
+**Response 409:**
+```json
+{
+  "error": "certificate is in use by one or more proxy hosts"
+}
+```
+
+**Response 500:**
+```json
+{
+  "error": "failed to delete certificate"
+}
+```
+
+**Note:** A backup is automatically created before deletion. The certificate files are removed from disk along with the database record.
+
+---
+
 ### Proxy Hosts

 #### List All Proxy Hosts