#!/bin/bash
echo "$(date): 开始重载Nginx证书..."

# 1. 检查配置语法
if sudo nginx -t; then
    echo "✅ 配置语法检查通过"
    
    # 2. 重载Nginx（不中断服务）
    sudo systemctl reload nginx
    
    # 3. 检查重载状态
    if [ $? -eq 0 ]; then
        echo "✅ Nginx证书重载成功"
        
        # 4. 验证新证书是否生效
        echo "验证证书信息："
        echo | openssl s_client -connect example.com -servername example.com 2>/dev/null | openssl x509 -noout -subject -dates
    else
        echo "❌ Nginx重载失败"
        exit 1
    fi
else
    echo "❌ 配置语法检查失败，请检查Nginx配置"
    exit 1
fi