feat: 【破坏性更新】插件改为metadata加载模式，plugin-cert、plugin-lib包部分代码转移到certd-server中，影响自定义插件，需要修改相关import引用

ssh、aliyun、tencent、qiniu、oss等 access和client需要转移import
2026-04-14 20:40:53 +08:00 · 2025-12-31 17:01:37 +08:00
parent 9c26598831
commit a3fb24993d
312 changed files with 14321 additions and 597 deletions
--- a/packages/ui/certd-server/metadata/access_1panel.yaml
+++ b/packages/ui/certd-server/metadata/access_1panel.yaml
@@ -0,0 +1,102 @@
+name: 1panel
+title: 1panel授权
+desc: 账号和密码
+icon: svg:icon-onepanel
+input:
+  baseUrl:
+    title: 1Panel面板的url
+    component:
+      placeholder: http://xxxx.com:1231
+    helper: 不要带安全入口
+    required: true
+  safeEnter:
+    title: 安全入口
+    component:
+      placeholder: 登录的安全入口
+    encrypt: true
+    required: false
+  type:
+    title: 授权方式
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: 模拟登录【不推荐】
+          value: password
+        - label: 接口密钥【推荐】
+          value: apikey
+    required: true
+  apiVersion:
+    title: 接口版本
+    value: v1
+    component:
+      placeholder: v1 / v2
+      name: a-select
+      vModel: value
+      options:
+        - label: v1
+          value: v1
+        - label: v2
+          value: v2
+    required: true
+  username:
+    title: 用户名
+    component:
+      placeholder: username
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+    required: true
+  password:
+    title: 密码
+    component:
+      placeholder: password
+    helper: ''
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+    required: true
+    encrypt: true
+  apiKey:
+    title: 接口密钥
+    component:
+      placeholder: 接口密钥
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'apikey';
+              })
+            }
+          
+    helper: 面板设置->API接口中获取
+    required: true
+    encrypt: true
+  skipSslVerify:
+    title: 忽略证书校验
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: onTestRequest
+    helper: |-
+      点击测试接口看是否正常
+      IP需要加白名单，如果是同一台机器部署的，可以试试面板的url使用网卡docker0的ip，白名单使用172.16.0.0/12
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/1panel/access.js
--- a/packages/ui/certd-server/metadata/access_aliesa.yaml
+++ b/packages/ui/certd-server/metadata/access_aliesa.yaml
@@ -0,0 +1,29 @@
+name: aliesa
+title: 阿里云ESA授权
+desc: ''
+icon: ant-design:aliyun-outlined
+order: 0
+input:
+  accessId:
+    title: 阿里云授权
+    component:
+      name: access-selector
+      vModel: modelValue
+      type: aliyun
+    helper: 请选择阿里云授权
+    required: true
+  region:
+    title: 地区
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: 杭州
+          value: cn-hangzhou
+        - label: 新加坡
+          value: ap-southeast-1
+    helper: 请选择ESA地区
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/aliyun/access/aliesa-access.js
--- a/packages/ui/certd-server/metadata/access_alioss.yaml
+++ b/packages/ui/certd-server/metadata/access_alioss.yaml
@@ -0,0 +1,85 @@
+name: alioss
+title: 阿里云OSS授权
+desc: 包含地域和Bucket
+icon: ant-design:aliyun-outlined
+input:
+  accessId:
+    title: 阿里云授权
+    component:
+      name: access-selector
+      vModel: modelValue
+      type: aliyun
+    helper: 请选择阿里云授权
+    required: true
+  region:
+    title: 大区
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: oss-cn-hangzhou
+          label: 华东1（杭州）
+        - value: oss-cn-shanghai
+          label: 华东2（上海）
+        - value: oss-cn-nanjing
+          label: 华东5（南京-本地地域）
+        - value: oss-cn-fuzhou
+          label: 华东6（福州-本地地域）
+        - value: oss-cn-wuhan-lr
+          label: 华中1（武汉-本地地域）
+        - value: oss-cn-qingdao
+          label: 华北1（青岛）
+        - value: oss-cn-beijing
+          label: 华北2（北京）
+        - value: oss-cn-zhangjiakou
+          label: 华北 3（张家口）
+        - value: oss-cn-huhehaote
+          label: 华北5（呼和浩特）
+        - value: oss-cn-wulanchabu
+          label: 华北6（乌兰察布）
+        - value: oss-cn-shenzhen
+          label: 华南1（深圳）
+        - value: oss-cn-heyuan
+          label: 华南2（河源）
+        - value: oss-cn-guangzhou
+          label: 华南3（广州）
+        - value: oss-cn-chengdu
+          label: 西南1（成都）
+        - value: oss-cn-hongkong
+          label: 中国香港
+        - value: oss-us-west-1
+          label: 美国（硅谷）①
+        - value: oss-us-east-1
+          label: 美国（弗吉尼亚）①
+        - value: oss-ap-northeast-1
+          label: 日本（东京）①
+        - value: oss-ap-northeast-2
+          label: 韩国（首尔）
+        - value: oss-ap-southeast-1
+          label: 新加坡①
+        - value: oss-ap-southeast-2
+          label: 澳大利亚（悉尼）①
+        - value: oss-ap-southeast-3
+          label: 马来西亚（吉隆坡）①
+        - value: oss-ap-southeast-5
+          label: 印度尼西亚（雅加达）①
+        - value: oss-ap-southeast-6
+          label: 菲律宾（马尼拉）
+        - value: oss-ap-southeast-7
+          label: 泰国（曼谷）
+        - value: oss-eu-central-1
+          label: 德国（法兰克福）①
+        - value: oss-eu-west-1
+          label: 英国（伦敦）
+        - value: oss-me-east-1
+          label: 阿联酋（迪拜）①
+        - value: oss-rg-china-mainland
+          label: 无地域属性（中国内地）
+    required: true
+  bucket:
+    title: Bucket
+    helper: 存储桶名称
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/aliyun/access/alioss-access.js
--- a/packages/ui/certd-server/metadata/access_alipay.yaml
+++ b/packages/ui/certd-server/metadata/access_alipay.yaml
@@ -0,0 +1,29 @@
+name: alipay
+title: 支付宝
+icon: ion:logo-alipay
+input:
+  appId:
+    title: AppId
+    component:
+      placeholder: 201909176714xxxx
+    required: true
+    encrypt: false
+  privateKey:
+    title: 应用私钥
+    component:
+      placeholder: MIIEvQIBADANB...
+      name: a-textarea
+      rows: 3
+    required: true
+    encrypt: true
+  alipayPublicKey:
+    title: 支付宝公钥
+    component:
+      name: a-textarea
+      rows: 3
+      placeholder: MIIBIjANBg...
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/alipay/access.js
--- a/packages/ui/certd-server/metadata/access_aliyun.yaml
+++ b/packages/ui/certd-server/metadata/access_aliyun.yaml
@@ -0,0 +1,22 @@
+name: aliyun
+title: 阿里云授权
+desc: ''
+icon: ant-design:aliyun-outlined
+order: 0
+input:
+  accessKeyId:
+    title: accessKeyId
+    component:
+      placeholder: accessKeyId
+    helper: 登录阿里云控制台->AccessKey管理页面获取。
+    required: true
+  accessKeySecret:
+    title: accessKeySecret
+    component:
+      placeholder: accessKeySecret
+    required: true
+    encrypt: true
+    helper: 注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/aliyun/access/aliyun-access.js
--- a/packages/ui/certd-server/metadata/access_baidu.yaml
+++ b/packages/ui/certd-server/metadata/access_baidu.yaml
@@ -0,0 +1,29 @@
+name: baidu
+title: 百度云授权
+desc: ''
+icon: ant-design:baidu-outlined
+order: 2
+input:
+  accessKey:
+    title: AccessKey
+    component:
+      placeholder: AccessKey
+    helper: '[百度智能云->安全认证获取](https://console.bce.baidu.com/iam/#/iam/accesslist)'
+    required: true
+    encrypt: false
+  secretKey:
+    title: SecretKey
+    component:
+      placeholder: SecretKey
+    helper: ''
+    required: true
+    encrypt: true
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: onTestRequest
+    helper: 点击测试接口看是否正常
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baidu/access.js
--- a/packages/ui/certd-server/metadata/access_baishan.yaml
+++ b/packages/ui/certd-server/metadata/access_baishan.yaml
@@ -0,0 +1,15 @@
+name: baishan
+title: 白山云授权
+desc: ''
+icon: material-symbols:shield-outline
+input:
+  token:
+    title: token
+    component:
+      placeholder: token
+    helper: 自行联系提供商申请
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baishan/access.js
--- a/packages/ui/certd-server/metadata/access_baota.yaml
+++ b/packages/ui/certd-server/metadata/access_baota.yaml
@@ -0,0 +1,44 @@
+name: baota
+title: baota授权
+desc: ''
+icon: svg:icon-bt
+order: 2
+input:
+  panelUrl:
+    title: 宝塔URL地址
+    component:
+      placeholder: http://192.168.42.237:41896
+    helper: 宝塔面板的url地址，不要带安全入口，例如：http://192.168.42.237:41896
+    required: true
+  apiSecret:
+    title: 接口密钥
+    component:
+      placeholder: 接口密钥
+    helper: |-
+      宝塔面板设置->面板设置->API接口->接口配置->接口密钥。
+      必须要加IP白名单，您可以点击下方测试按钮，报错之后会打印IP，将IP加入白名单之后再次测试即可
+    required: true
+    encrypt: true
+  skipSslVerify:
+    title: 忽略证书校验
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭
+  isWindows:
+    title: windows版
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 是否是windows版
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: TestRequest
+    helper: 点击测试接口看是否正常
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/access.js
--- a/packages/ui/certd-server/metadata/access_baotawaf.yaml
+++ b/packages/ui/certd-server/metadata/access_baotawaf.yaml
@@ -0,0 +1,36 @@
+name: baotawaf
+title: 宝塔云WAF授权
+desc: 用于连接和管理宝塔云WAF服务的授权配置
+icon: svg:icon-bt
+input:
+  panelUrl:
+    title: 在宝塔WAF URL
+    component:
+      placeholder: http://192.168.42.237:41896
+    helper: 在宝塔WAF的URL地址，不要带安全入口，例如：http://192.168.42.237:41896
+    required: true
+  apiSecret:
+    title: WAF API 密钥
+    component:
+      placeholder: 请输入WAF API接口密钥
+    helper: |-
+      在宝塔WAF设置页面 - API接口中获取的API密钥。
+      必须添加IP白名单，请确保已将CertD服务器IP加入白名单
+    required: true
+    encrypt: true
+  skipSslVerify:
+    title: 忽略SSL证书校验
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板使用的是自签名SSL证书，则需要开启此选项
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: onTestRequest
+    helper: 点击测试WAF请求
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/waf-access.js
--- a/packages/ui/certd-server/metadata/access_cdnfly.yaml
+++ b/packages/ui/certd-server/metadata/access_cdnfly.yaml
@@ -0,0 +1,93 @@
+name: cdnfly
+title: cdnfly授权
+desc: ''
+icon: majesticons:cloud-line
+input:
+  url:
+    title: cdnfly系统网址
+    component:
+      name: a-input
+      vModel: value
+    required: true
+    helper: 例如：http://demo.cdnfly.cn
+  type:
+    title: 授权方式
+    value: apikey
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: 接口密钥
+          value: apikey
+        - label: 模拟登录
+          value: password
+    required: true
+  username:
+    title: 用户名
+    component:
+      placeholder: username
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+    required: true
+  password:
+    title: 密码
+    component:
+      placeholder: password
+    helper: ''
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+    required: true
+    encrypt: true
+  apiKey:
+    title: api_key
+    component:
+      placeholder: api_key
+    helper: 登录cdnfly控制台->账户中心->Api密钥,点击开启后获取
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'apikey';
+              })
+            }
+          
+  apiSecret:
+    title: api_secret
+    component:
+      placeholder: api_secret
+    helper: 登录cdnfly控制台->账户中心->Api密钥,点击开启后获取
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.access.type === 'apikey';
+              })
+            }
+          
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: onTestRequest
+    helper: |-
+      点击测试接口看是否正常
+      IP需要加白名单，如果是同一台机器部署的，可以试试面板的url使用网卡docker0的ip，白名单使用172.16.0.0/12
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/cdnfly/access.js
--- a/packages/ui/certd-server/metadata/access_ctyun.yaml
+++ b/packages/ui/certd-server/metadata/access_ctyun.yaml
@@ -0,0 +1,22 @@
+name: ctyun
+title: 天翼云授权
+desc: ''
+icon: ant-design:aliyun-outlined
+order: 2
+input:
+  accessKeyId:
+    title: accessKeyId
+    component:
+      placeholder: accessKeyId
+    helper: '[前往创建天翼云AccessKey](https://iam.ctyun.cn/myAccessKey)'
+    required: true
+  securityKey:
+    title: securityKey
+    component:
+      placeholder: securityKey
+    required: true
+    encrypt: true
+    helper: ''
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/ctyun/access/ctyun-access.js
--- a/packages/ui/certd-server/metadata/access_eab.yaml
+++ b/packages/ui/certd-server/metadata/access_eab.yaml
@@ -0,0 +1,31 @@
+name: eab
+title: EAB授权
+desc: ZeroSSL证书申请需要EAB授权
+icon: ic:outline-lock
+input:
+  kid:
+    title: KID
+    component:
+      placeholder: kid / keyId
+    helper: EAB KID， google的叫 keyId，ssl.com的叫Account/ACME Key
+    required: true
+    encrypt: true
+  hmacKey:
+    title: HMACKey
+    component:
+      placeholder: HMAC Key / b64MacKey
+    helper: EAB HMAC Key ，google的叫b64MacKey
+    required: true
+    encrypt: true
+  email:
+    title: email
+    component:
+      placeholder: 绑定一个邮箱
+    rules:
+      - type: email
+        message: 请输入正确的邮箱
+    helper: Google的EAB申请证书，更换邮箱会导致EAB失效，可以在此处绑定一个邮箱避免此问题
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/access/eab-access.js
--- a/packages/ui/certd-server/metadata/access_ftp.yaml
+++ b/packages/ui/certd-server/metadata/access_ftp.yaml
@@ -0,0 +1,49 @@
+name: ftp
+title: FTP授权
+desc: ''
+icon: mdi:folder-upload-outline
+input:
+  host:
+    title: host
+    component:
+      placeholder: ip / 域名
+      name: a-input
+      vModel: value
+    helper: FTP地址
+    required: true
+  port:
+    title: 端口
+    value: 21
+    component:
+      placeholder: '21'
+      name: a-input-number
+      vModel: value
+    helper: FTP端口
+    required: true
+  user:
+    title: user
+    component:
+      placeholder: 用户名
+    helper: FTP用户名
+    required: true
+  password:
+    title: password
+    component:
+      placeholder: 密码
+      component:
+        name: a-input-password
+        vModel: value
+    encrypt: true
+    helper: FTP密码
+    required: true
+  secure:
+    title: secure
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 是否使用SSL
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/ftp/access.js
--- a/packages/ui/certd-server/metadata/access_google.yaml
+++ b/packages/ui/certd-server/metadata/access_google.yaml
@@ -0,0 +1,84 @@
+name: google
+title: google cloud
+desc: 谷歌云授权
+icon: flat-color-icons:google
+input:
+  type:
+    title: 密钥类型
+    value: serviceAccount
+    component:
+      placeholder: 密钥类型
+      name: a-select
+      vModel: value
+      options:
+        - value: serviceAccount
+          label: 服务账号密钥
+        - value: apiKey
+          label: ApiKey，暂不可用
+          disabled: true
+    helper: 密钥类型
+    required: true
+    encrypt: false
+  projectId:
+    title: 项目ID
+    component:
+      placeholder: ProjectId
+    helper: ProjectId
+    required: true
+    encrypt: false
+    mergeScript: |2-
+
+          return {
+            show:ctx.compute(({form})=>{
+              return form.access.type === 'apiKey'
+            })
+          }
+          
+  apiKey:
+    title: ApiKey
+    component:
+      placeholder: ApiKey
+    helper: 不要选，目前没有用
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+          return {
+            show:ctx.compute(({form})=>{
+              return form.access.type === 'apiKey'
+            })
+          }
+          
+  serviceAccountSecret:
+    title: 服务账号密钥
+    component:
+      placeholder: serviceAccountSecret
+      name: a-textarea
+      vModel: value
+      rows: 4
+    helper: >-
+      [如何创建服务账号](https://cloud.google.com/iam/docs/service-accounts-create?hl=zh-CN) 
+
+      [获取密钥](https://console.cloud.google.com/iam-admin/serviceaccounts?hl=zh-cn)，点击详情，点击创建密钥，将下载json文件，把内容填在此处
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+          return {
+            show:ctx.compute(({form})=>{
+              return form.access.type === 'serviceAccount'
+            })
+          }
+          
+  httpsProxy:
+    title: https代理
+    component:
+      placeholder: http://127.0.0.1:10811
+    helper: |-
+      Google的请求需要走代理，如果不配置，则会使用环境变量中的全局HTTPS_PROXY配置
+      或者服务器本身在海外，则不需要配置
+    required: false
+    encrypt: false
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/access/google-access.js
--- a/packages/ui/certd-server/metadata/access_k8s.yaml
+++ b/packages/ui/certd-server/metadata/access_k8s.yaml
@@ -0,0 +1,23 @@
+name: k8s
+title: k8s授权
+desc: ''
+icon: mdi:kubernetes
+input:
+  kubeconfig:
+    title: kubeconfig
+    component:
+      name: a-textarea
+      vModel: value
+      placeholder: kubeconfig
+    required: true
+    encrypt: true
+  skipTLSVerify:
+    title: 忽略证书校验
+    component:
+      name: a-switch
+      vModel: checked
+    required: false
+    encrypt: false
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/k8s/access.js
--- a/packages/ui/certd-server/metadata/access_kuocaicdn.yaml
+++ b/packages/ui/certd-server/metadata/access_kuocaicdn.yaml
@@ -0,0 +1,20 @@
+name: kuocaicdn
+title: 括彩云cdn授权
+icon: material-symbols:shield-outline
+desc: 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8)
+input:
+  username:
+    title: 账户
+    component:
+      placeholder: 手机号
+    required: true
+    encrypt: true
+  password:
+    title: 密码
+    component:
+      placeholder: password
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/kuocai/access.js
--- a/packages/ui/certd-server/metadata/access_lecdn.yaml
+++ b/packages/ui/certd-server/metadata/access_lecdn.yaml
@@ -0,0 +1,69 @@
+name: lecdn
+title: LeCDN授权
+desc: ''
+icon: material-symbols:shield-outline
+input:
+  url:
+    title: LeCDN系统网址
+    component:
+      name: a-input
+      vModel: value
+    required: true
+    helper: 例如：http://demo.xxxx.cn
+  type:
+    title: 认证类型
+    component:
+      placeholder: 请选择
+      name: a-select
+      vModel: value
+      options:
+        - value: token
+          label: API访问令牌
+        - value: password
+          label: 账号密码(旧版本)
+    required: true
+  username:
+    title: 用户名
+    component:
+      placeholder: username
+    mergeScript: |2-
+
+          return {
+               show:ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+    required: true
+    encrypt: false
+  password:
+    title: 登录密码
+    component:
+      placeholder: password
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+          return {
+               show:ctx.compute(({form})=>{
+                return form.access.type === 'password';
+              })
+            }
+          
+  apiToken:
+    title: Api访问令牌
+    component:
+      placeholder: apiToken
+    required: true
+    encrypt: true
+    mergeScript: |2-
+
+          return {
+               show:ctx.compute(({form})=>{
+                return form.access.type === 'token';
+              })
+            }
+          
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/lecdn/access.js
--- a/packages/ui/certd-server/metadata/access_lucky.yaml
+++ b/packages/ui/certd-server/metadata/access_lucky.yaml
@@ -0,0 +1,29 @@
+name: lucky
+title: lucky
+desc: ''
+icon: svg:icon-lucky
+input:
+  url:
+    title: 访问url
+    component:
+      placeholder: http://xxx.xx.xx:16301
+    helper: 不要带安全入口
+    required: true
+    encrypt: false
+  safePath:
+    title: 安全入口
+    component:
+      placeholder: /your_safe_path
+    helper: 请参考lucky设置中关于安全入口的配置，
+    required: false
+    encrypt: true
+  openToken:
+    title: OpenToken
+    component:
+      placeholder: OpenToken
+    helper: 设置->最下面开发者设置->启用OpenToken
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/lucky/access.js
--- a/packages/ui/certd-server/metadata/access_maoyun.yaml
+++ b/packages/ui/certd-server/metadata/access_maoyun.yaml
@@ -0,0 +1,35 @@
+name: maoyun
+title: 猫云授权
+desc: ''
+icon: svg:icon-lucky
+input:
+  username:
+    title: 用户名
+    component:
+      placeholder: username/手机号/email
+      name: a-input
+      vModel: value
+    helper: 用户名
+    required: true
+  password:
+    title: password
+    component:
+      placeholder: 密码
+      component:
+        name: a-input-password
+        vModel: value
+    encrypt: true
+    helper: 密码
+    required: true
+  httpProxy:
+    title: HttpProxy
+    component:
+      placeholder: http://192.168.x.x:10811
+      component:
+        name: a-input
+        vModel: value
+    encrypt: false
+    required: false
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/maoyun/access.js
--- a/packages/ui/certd-server/metadata/access_plesk.yaml
+++ b/packages/ui/certd-server/metadata/access_plesk.yaml
@@ -0,0 +1,33 @@
+name: plesk
+title: plesk授权
+desc: ''
+icon: svg:icon-plesk
+input:
+  url:
+    title: Plesk网址
+    component:
+      name: a-input
+      vModel: value
+    required: true
+    helper: 例如：https://xxxx.xxxxx:8443/
+  username:
+    title: 用户名
+    component:
+      placeholder: username
+    required: true
+    encrypt: false
+  password:
+    title: 登录密码
+    component:
+      placeholder: password
+    required: true
+    encrypt: true
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: onTestRequest
+    helper: 点击测试接口看是否正常
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/plesk/access.js
--- a/packages/ui/certd-server/metadata/access_qiniu.yaml
+++ b/packages/ui/certd-server/metadata/access_qiniu.yaml
@@ -0,0 +1,19 @@
+name: qiniu
+title: 七牛云授权
+desc: ''
+icon: svg:icon-qiniuyun
+input:
+  accessKey:
+    title: AccessKey
+    rules:
+      - required: true
+        message: 此项必填
+    helper: AK，前往[密钥管理](https://portal.qiniu.com/developer/user/key)获取
+  secretKey:
+    title: SecretKey
+    encrypt: true
+    helper: SK
+order: 2
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/qiniu/access.js
--- a/packages/ui/certd-server/metadata/access_qiniuoss.yaml
+++ b/packages/ui/certd-server/metadata/access_qiniuoss.yaml
@@ -0,0 +1,20 @@
+name: qiniuoss
+title: 七牛OSS授权
+desc: ''
+icon: svg:icon-qiniuyun
+input:
+  accessId:
+    title: 七牛云授权
+    component:
+      name: access-selector
+      vModel: modelValue
+      type: qiniu
+    helper: 请选择七牛云授权
+    required: true
+  bucket:
+    title: Bucket
+    helper: 存储桶名称
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/qiniu/access-oss.js
--- a/packages/ui/certd-server/metadata/access_s3.yaml
+++ b/packages/ui/certd-server/metadata/access_s3.yaml
@@ -0,0 +1,53 @@
+name: s3
+title: s3/minio授权
+desc: S3/minio oss授权
+icon: mdi:folder-upload-outline
+input:
+  endpoint:
+    title: endpoint
+    component:
+      placeholder: http://xxxxxx:9000
+      name: a-input
+      vModel: value
+    helper: Minio的地址，如果是aws s3 则无需填写
+    required: false
+  accessKeyId:
+    title: accessKeyId
+    component:
+      placeholder: accessKeyId
+    helper: accessKeyId
+    required: true
+  secretAccessKey:
+    title: secretAccessKey
+    component:
+      placeholder: secretAccessKey
+      component:
+        name: a-input
+        vModel: value
+    helper: secretAccessKey
+    encrypt: true
+    required: true
+  region:
+    title: 地区
+    value: us-east-1
+    component:
+      name: a-input
+      vModel: value
+    helper: region
+    required: true
+  bucket:
+    title: 存储桶
+    component:
+      name: a-input
+      vModel: value
+    helper: bucket 名称
+    required: true
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      action: TestRequest
+    helper: 点击测试接口是否正常
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/s3/access.js
--- a/packages/ui/certd-server/metadata/access_safeline.yaml
+++ b/packages/ui/certd-server/metadata/access_safeline.yaml
@@ -0,0 +1,26 @@
+name: safeline
+title: 长亭雷池授权
+icon: svg:icon-safeline
+input:
+  baseUrl:
+    title: 雷池的访问url
+    component:
+      placeholder: https://xxxx.com:9443
+    required: true
+  apiToken:
+    title: ApiToken
+    component:
+      placeholder: apiToken
+    helper: ''
+    required: true
+    encrypt: true
+  skipSslVerify:
+    title: 忽略证书校验
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/safeline/access.js
--- a/packages/ui/certd-server/metadata/access_sftp.yaml
+++ b/packages/ui/certd-server/metadata/access_sftp.yaml
@@ -0,0 +1,23 @@
+name: sftp
+title: SFTP授权
+desc: ''
+icon: clarity:host-line
+input:
+  sshAccess:
+    title: SSH授权
+    component:
+      name: access-selector
+      type: ssh
+      vModel: modelValue
+    helper: 请选择一个SSH授权
+    required: true
+  fileMode:
+    title: 文件权限
+    component:
+      name: a-input
+      vModel: value
+      placeholder: '777'
+    helper: 文件上传后是否修改文件权限
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/ssh/sftp-access.js
--- a/packages/ui/certd-server/metadata/access_ssh.yaml
+++ b/packages/ui/certd-server/metadata/access_ssh.yaml
@@ -0,0 +1,128 @@
+name: ssh
+title: 主机登录授权
+desc: ''
+icon: clarity:host-line
+input:
+  host:
+    title: 主机地址
+    component:
+      placeholder: 主机域名或IP地址
+    required: true
+  port:
+    title: 端口
+    value: 22
+    component:
+      name: a-input-number
+      placeholder: '22'
+    rules:
+      - required: true
+        message: 此项必填
+  username:
+    title: 用户名
+    value: root
+    rules:
+      - required: true
+        message: 此项必填
+  password:
+    title: 密码
+    component:
+      name: a-input-password
+      vModel: value
+    encrypt: true
+    helper: 登录密码或密钥必填一项
+  privateKey:
+    title: 私钥登录
+    helper: 私钥或密码必填一项
+    component:
+      name: pem-input
+      vModel: modelValue
+    encrypt: true
+  passphrase:
+    title: 私钥密码
+    helper: 如果你的私钥有密码的话
+    component:
+      name: a-input-password
+      vModel: value
+    encrypt: true
+  scriptType:
+    title: 脚本类型
+    helper: bash 、sh 、fish
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: default
+          label: 默认
+        - value: sh
+          label: sh
+        - value: bash
+          label: bash
+        - value: fish
+          label: fish(不支持set -e)
+  pty:
+    title: 伪终端
+    helper: >-
+      如果登录报错：all authentication methods
+      failed，可以尝试开启伪终端模式进行keyboard-interactive方式登录
+
+      开启后对日志输出有一定的影响
+    component:
+      name: a-switch
+      vModel: checked
+  socksProxy:
+    title: socks代理
+    helper: socks代理配置，格式：socks5://user:password@host:port
+    component:
+      name: a-input
+      vModel: value
+      placeholder: socks5://user:password@host:port
+    encrypt: false
+  timeout:
+    title: 超时时间
+    helper: 执行命令的超时时间，单位秒,默认30分钟
+    component:
+      name: a-input-number
+  windows:
+    title: 是否Windows
+    helper: >-
+      如果是Windows主机，请勾选此项
+
+      并且需要windows[安装OpenSSH](https://certd.docmirror.cn/guide/use/host/windows.html)
+    component:
+      name: a-switch
+      vModel: checked
+  encoding:
+    title: 命令编码
+    helper: 如果是Windows主机，且出现乱码了，请尝试设置为GBK
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: ''
+          label: 默认
+        - value: GBK
+          label: GBK
+        - value: UTF8
+          label: UTF-8
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      type: access
+      typeName: ssh
+      action: TestRequest
+    mergeScript: |2-
+
+               return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 点击测试
+order: 0
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/ssh/ssh-access.js
--- a/packages/ui/certd-server/metadata/access_synology.yaml
+++ b/packages/ui/certd-server/metadata/access_synology.yaml
@@ -0,0 +1,88 @@
+name: synology
+title: 群晖登录授权
+desc: ''
+icon: simple-icons:synology
+input:
+  version:
+    title: 群晖版本
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: 7.x
+          value: '7'
+        - label: 6.x
+          value: '6'
+    required: true
+  baseUrl:
+    title: 群晖面板的url
+    component:
+      placeholder: https://yourdomain:5006
+    helper: 群晖面板的访问地址,例如：https://yourdomain:5006
+    required: true
+  username:
+    title: 账号
+    component:
+      placeholder: 账号
+    helper: 群晖面板登录账号，必须是处于管理员用户组
+    required: true
+  password:
+    title: 密码
+    component:
+      placeholder: 密码
+    helper: 群晖面板登录密码
+    required: true
+    encrypt: true
+  otp:
+    title: 双重认证
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 是否启用了双重认证
+    required: true
+  deviceId:
+    title: 设备ID
+    component:
+      placeholder: 设备ID
+      name: synology-device-id-getter
+      type: access
+      typeName: synology
+    mergeScript: |2-
+
+           return {
+              component:{
+                form: ctx.compute(({form})=>{
+                  return form
+                })
+              },
+              show: ctx.compute(({form})=>{
+                 return form.access.otp
+              })
+           }
+          
+    helper: |-
+      1.如果开启了双重认证，需要获取设备ID
+      2.填好上面的必填项，然后点击获取设备ID，输入双重认证APP上的码，确认即可获得设备ID，此操作只需要做一次
+      3.注意：必须勾选‘安全性->允许网页浏览器的用户通过信任设备来跳过双重验证
+      4.注意：在群晖信任设备页面里面会生成一条记录，不要删除
+      5.注意：需要将流水线证书申请过期前多少天设置为30天以下，避免设备ID过期
+    required: false
+    encrypt: true
+  skipSslVerify:
+    title: 忽略证书校验
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 如果面板的url是https，且使用的是自签名证书，则需要开启此选项，其他情况可以关闭
+  timeout:
+    title: 请求超时
+    value: 120
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 请求超时时间，单位:秒
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/synology/access.js
--- a/packages/ui/certd-server/metadata/access_tencent.yaml
+++ b/packages/ui/certd-server/metadata/access_tencent.yaml
@@ -0,0 +1,46 @@
+name: tencent
+title: 腾讯云
+icon: svg:icon-tencentcloud
+order: 0
+input:
+  secretId:
+    title: secretId
+    helper: |-
+      使用对应的插件需要有对应的权限，比如上传证书，需要证书管理权限;部署到clb需要clb相关权限
+      前往[密钥管理](https://console.cloud.tencent.com/cam/capi)进行创建
+    component:
+      placeholder: secretId
+    rules:
+      - required: true
+        message: 该项必填
+  secretKey:
+    title: secretKey
+    component:
+      placeholder: secretKey
+    encrypt: true
+    rules:
+      - required: true
+        message: 该项必填
+  accountType:
+    title: 站点类型
+    value: cn
+    component:
+      name: a-select
+      options:
+        - label: 国内站
+          value: cn
+        - label: 国际站
+          value: intl
+    encrypt: false
+    rules:
+      - required: true
+        message: 该项必填
+  closeExpiresNotify:
+    title: 关闭证书过期通知
+    value: true
+    component:
+      name: a-switch
+      vModel: checked
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/tencent/access.js
--- a/packages/ui/certd-server/metadata/access_tencentcos.yaml
+++ b/packages/ui/certd-server/metadata/access_tencentcos.yaml
@@ -0,0 +1,75 @@
+name: tencentcos
+title: 腾讯云COS授权
+icon: svg:icon-tencentcloud
+desc: 腾讯云对象存储授权，包含地域和存储桶
+input:
+  accessId:
+    title: 腾讯云授权
+    component:
+      name: access-selector
+      vModel: modelValue
+      type: tencent
+    helper: 请选择腾讯云授权
+    required: true
+  region:
+    title: 所在地域
+    helper: 存储桶所在地域
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: ''
+          label: '--------中国大陆地区-------'
+          disabled: true
+        - value: ap-beijing-1
+          label: 北京1区
+        - value: ap-beijing
+          label: 北京
+        - value: ap-nanjing
+          label: 南京
+        - value: ap-shanghai
+          label: 上海
+        - value: ap-guangzhou
+          label: 广州
+        - value: ap-chengdu
+          label: 成都
+        - value: ap-chongqing
+          label: 重庆
+        - value: ap-shenzhen-fsi
+          label: 深圳金融
+        - value: ap-shanghai-fsi
+          label: 上海金融
+        - value: ap-beijing-fsi
+          label: 北京金融
+        - value: ''
+          label: '--------中国香港及境外-------'
+          disabled: true
+        - value: ap-hongkong
+          label: 中国香港
+        - value: ap-singapore
+          label: 新加坡
+        - value: ap-mumbai
+          label: 孟买
+        - value: ap-jakarta
+          label: 雅加达
+        - value: ap-seoul
+          label: 首尔
+        - value: ap-bangkok
+          label: 曼谷
+        - value: ap-tokyo
+          label: 东京
+        - value: na-siliconvalley
+          label: 硅谷
+        - value: na-ashburn
+          label: 弗吉尼亚
+        - value: sa-saopaulo
+          label: 圣保罗
+        - value: eu-frankfurt
+          label: 法兰克福
+  bucket:
+    title: Bucket
+    helper: 存储桶名称
+    required: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-lib/tencent/access-cos.js
--- a/packages/ui/certd-server/metadata/access_unicloud.yaml
+++ b/packages/ui/certd-server/metadata/access_unicloud.yaml
@@ -0,0 +1,21 @@
+name: unicloud
+title: uniCloud
+icon: material-symbols:shield-outline
+desc: unicloud授权
+input:
+  email:
+    title: 账号
+    component:
+      placeholder: email
+    helper: 登录邮箱
+    required: true
+    encrypt: false
+  password:
+    title: 密码
+    component:
+      placeholder: 密码
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/unicloud/access.js
--- a/packages/ui/certd-server/metadata/access_wxpay.yaml
+++ b/packages/ui/certd-server/metadata/access_wxpay.yaml
@@ -0,0 +1,40 @@
+name: wxpay
+title: 微信支付
+icon: tdesign:logo-wechatpay-filled
+input:
+  appId:
+    title: AppId
+    component:
+      placeholder: 201909176714xxxx
+    required: true
+    encrypt: false
+  mchid:
+    title: 商户ID
+    component:
+      placeholder: 201909176714xxxx
+    required: true
+    encrypt: false
+  publicKey:
+    title: 公钥
+    component:
+      name: a-textarea
+      rows: 3
+      placeholder: MIIBIjANBg...
+    required: true
+    encrypt: true
+  privateKey:
+    title: 私钥
+    component:
+      placeholder: MIIEvQIBADANB...
+      name: a-textarea
+      rows: 3
+    required: true
+    encrypt: true
+  key:
+    title: APIv3密钥
+    helper: 微信商户平台—>账户设置—>API安全—>设置APIv3密钥
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/wxpay/access.js
--- a/packages/ui/certd-server/metadata/access_yfysms.yaml
+++ b/packages/ui/certd-server/metadata/access_yfysms.yaml
@@ -0,0 +1,21 @@
+name: yfysms
+title: 易发云短信
+icon: material-symbols:shield-outline
+desc: sms.yfyidc.cn/
+input:
+  keyId:
+    title: KeyID
+    component:
+      placeholder: api_key
+    helper: '[获取密钥](http://sms.yfyidc.cn/user/index#)'
+    required: true
+    encrypt: true
+  keySecret:
+    title: KeySecret
+    component:
+      placeholder: ''
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yidun/access-sms.js
--- a/packages/ui/certd-server/metadata/access_yidun.yaml
+++ b/packages/ui/certd-server/metadata/access_yidun.yaml
@@ -0,0 +1,22 @@
+name: yidun
+title: 易盾DCDN授权
+icon: material-symbols:shield-outline
+desc: https://user.yiduncdn.com
+input:
+  apiKey:
+    title: api_key
+    component:
+      placeholder: api_key
+    helper: http://user.yiduncdn.com/console/index.html#/account/config/api,点击开启后获取
+    required: true
+    encrypt: true
+  apiSecret:
+    title: api_secret
+    component:
+      placeholder: api_secret
+    helper: http://user.yiduncdn.com/console/index.html#/account/config/api,点击开启后获取
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yidun/access.js
--- a/packages/ui/certd-server/metadata/access_yidunrcdn.yaml
+++ b/packages/ui/certd-server/metadata/access_yidunrcdn.yaml
@@ -0,0 +1,20 @@
+name: yidunrcdn
+title: 易盾rcdn授权
+icon: material-symbols:shield-outline
+desc: 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8)
+input:
+  username:
+    title: 账户
+    component:
+      placeholder: 手机号
+    required: true
+    encrypt: true
+  password:
+    title: 密码
+    component:
+      placeholder: password
+    required: true
+    encrypt: true
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yidun/access-rcdn.js
--- a/packages/ui/certd-server/metadata/access_yizhifu.yaml
+++ b/packages/ui/certd-server/metadata/access_yizhifu.yaml
@@ -0,0 +1,45 @@
+name: yizhifu
+title: 易支付
+icon: svg:icon-yizhifu
+input:
+  url:
+    title: url
+    component:
+      placeholder: https://pay.xxxx.com
+    helper: 易支付系统地址
+    required: true
+    encrypt: false
+  pid:
+    title: 商户id
+    component:
+      placeholder: pid
+    required: true
+    encrypt: false
+  key:
+    title: key
+    component:
+      placeholder: key
+    required: true
+    encrypt: true
+  payType:
+    title: 固定支付方式
+    component:
+      placeholder: 固定一种支付方式，也就是submit.php中的type参数
+    helper: 不填则跳转到收银台由用户自己选择，如果您的易支付系统不支持收银台，则必须填写
+    required: false
+    encrypt: false
+  signType:
+    title: 签名方式
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: MD5
+          value: MD5
+        - label: SHA256
+          value: SHA256
+    required: true
+    encrypt: false
+pluginType: access
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yizhifu/access.js
--- a/packages/ui/certd-server/metadata/deploy_1PanelDeployToWebsitePlugin.yaml
+++ b/packages/ui/certd-server/metadata/deploy_1PanelDeployToWebsitePlugin.yaml
@@ -0,0 +1,107 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: 1PanelDeployToWebsitePlugin
+title: 1Panel-部署证书到1Panel
+icon: svg:icon-onepanel
+desc: 更新1Panel的证书
+group: panel
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  accessId:
+    title: 1Panel授权
+    helper: 1Panel授权
+    component:
+      name: access-selector
+      type: 1panel
+    required: true
+    order: 0
+  currentNode:
+    title: 1Panel节点
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: OnePanelDeployToWebsitePlugin
+      action: onGetNodes
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    value: local
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 要更新的1Panel证书的节点信息，目前只有v2存在此概念
+    order: 0
+  sslIds:
+    title: 1Panel证书ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: 1PanelDeployToWebsitePlugin
+      action: onGetSSLIds
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: |-
+      要更新的1Panel证书id，选择授权之后，从下拉框中选择
+      IP需要加白名单，如果是同一台机器部署的，可以试试172.16.0.0/12
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/1panel/plugins/deploy-to-website.js
--- a/packages/ui/certd-server/metadata/deploy_AliyunDeployCertToAll.yaml
+++ b/packages/ui/certd-server/metadata/deploy_AliyunDeployCertToAll.yaml
@@ -0,0 +1,177 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: AliyunDeployCertToAll
+title: 阿里云-部署至任意云资源
+icon: svg:icon-aliyun
+group: aliyun
+desc: >-
+  【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: |-
+      请选择证书申请任务输出的域名证书
+      或者选择前置任务“上传证书到阿里云”任务的证书ID，可以减少上传到阿里云的证书数量
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+        - uploadCertToAliyun
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  endpoint:
+    title: 接入点
+    helper: 不会选就按默认
+    value: cas.aliyuncs.com
+    component:
+      name: a-select
+      options:
+        - value: cas.aliyuncs.com
+          label: 中国大陆
+        - value: cas.ap-southeast-1.aliyuncs.com
+          label: 新加坡
+        - value: cas.eu-central-1.aliyuncs.com
+          label: 德国（法兰克福）
+    required: true
+    order: 0
+  accessId:
+    title: Access授权
+    helper: 阿里云授权AccessKeyId、AccessKeySecret
+    component:
+      name: access-selector
+      type: aliyun
+    required: true
+    order: 0
+  cloudProduct:
+    title: 云产品类型
+    helper: 请选择云产品类型
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: SLB
+          label: SLB-传统型负载均衡 CLB（仅中国站）
+        - value: LIVE
+          label: LIVE-视频直播（仅中国站）
+        - value: webHosting
+          label: webHosting-云虚拟主机（仅中国站）
+        - value: VOD
+          label: VOD-视频点播（仅中国站）
+        - value: CR
+          label: CR-容器镜像服务（仅中国站）
+        - value: DCDN
+          label: DCDN-全站加速
+        - value: DDoS
+          label: DDos 防护
+        - value: CDN
+          label: CDN-内容分发网络
+        - value: ALB
+          label: ALB-应用负载均衡
+        - value: APIGateway
+          label: APIGateway-API 网关
+        - value: FC
+          label: FC-函数计算
+        - value: GA
+          label: GA-全球加速
+        - value: MSE
+          label: MSE-微服务引擎
+        - value: NLB
+          label: NLB-网络型负载均衡
+        - value: OSS
+          label: OSS-对象存储
+        - value: SAE
+          label: SAE-Serverless应用引擎
+        - value: WAF
+          label: WAF-Web应用防火墙
+    required: true
+    order: 0
+  productIds:
+    title: 要部署证书的云产品
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: AliyunDeployCertToAll
+      action: onGetProductList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - cloudProduct
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择要部署证书的云产品，注意：新创建的云产品资源可能需要过1-2小时才会在此处显示
+    order: 0
+  contactIds:
+    title: 联系人
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: AliyunDeployCertToAll
+      action: onGetContactList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: >-
+      请选择联系人,如果没有，需要先到[阿里云控制台创建联系人](https://yundun.console.aliyun.com/?p=cas#/informationManagement/person/)
+    order: 0
+  checkTimeout:
+    title: 检查超时时间
+    helper: 检查部署任务超时时间,单位分钟
+    value: 10
+    component:
+      name: a-input-number
+      vModel: value
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-aliyun/plugin/deploy-to-all/index.js
--- a/packages/ui/certd-server/metadata/deploy_BaiduDeployToBLB.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaiduDeployToBLB.yaml
@@ -0,0 +1,112 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaiduDeployToBLB
+title: 百度云-部署证书到负载均衡
+icon: ant-design:baidu-outlined
+group: baidu
+desc: 部署到百度云负载均衡，包括BLB、APPBLB
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+        - BaiduUploadCert
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  region:
+    title: 区域
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: bj
+          label: 北京
+        - value: fsh
+          label: 上海
+        - value: gz
+          label: 广州
+        - value: fwh
+          label: 武汉
+        - value: su
+          label: 苏州
+        - value: bd
+          label: 保定
+        - value: hkg
+          label: 香港
+        - value: sin
+          label: 新加坡
+    required: true
+    order: 0
+  blbType:
+    title: 负载均衡类型
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: blb
+          label: 普通负载均衡
+        - value: appblb
+          label: 应用负载均衡
+    required: true
+    order: 0
+  accessId:
+    title: 百度云授权
+    helper: 百度云授权
+    component:
+      name: access-selector
+      type: baidu
+    required: true
+    order: 0
+  blbIds:
+    title: 负载均衡ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: GetBLBList
+      watches:
+        - certDomains
+        - blbType
+        - accessId
+    required: true
+    order: 0
+  listenerIds:
+    title: 监听器ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: GetListenerList
+      watches:
+        - certDomains
+        - accessId
+        - blbIds
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baidu/plugins/plugin-deploy-to-blb.js
--- a/packages/ui/certd-server/metadata/deploy_BaiduDeployToCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaiduDeployToCDN.yaml
@@ -0,0 +1,62 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaiduDeployToCDN
+title: 百度云-部署证书到CDN
+icon: ant-design:baidu-outlined
+group: baidu
+desc: 部署到百度云CDN
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+        - BaiduUploadCert
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  accessId:
+    title: 百度云授权
+    helper: 百度云授权
+    component:
+      name: access-selector
+      type: baidu
+    required: true
+    order: 0
+  domains:
+    title: CDN域名
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: GetDomainList
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baidu/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_BaiduUploadCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaiduUploadCert.yaml
@@ -0,0 +1,33 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaiduUploadCert
+title: 百度云-上传到证书托管
+icon: ant-design:baidu-outlined
+desc: 上传证书到百度云证书托管中心
+group: baidu
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: Access授权
+    helper: access授权
+    component:
+      name: access-selector
+      type: baidu
+    required: true
+    order: 0
+output:
+  baiduCertId:
+    title: 百度云CertId
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baidu/plugins/plugin-upload-to-baidu.js
--- a/packages/ui/certd-server/metadata/deploy_BaishanUpdateCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaishanUpdateCert.yaml
@@ -0,0 +1,45 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaishanUpdateCert
+title: 白山云-更新证书
+icon: material-symbols:shield-outline
+group: cdn
+needPlus: false
+input:
+  certId:
+    title: 证书ID
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 证书ID,在证书管理页面查看，每条记录都有证书id
+    order: 0
+  certName:
+    title: 证书名称
+    component:
+      name: a-input
+      vModel: value
+    helper: 给证书设置一个名字，便于区分
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 白山云授权
+    helper: 白山云授权
+    component:
+      name: access-selector
+      type: baishan
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baishan/plugins/plugin-update-cert.js
--- a/packages/ui/certd-server/metadata/deploy_BaotaDeleteExpiringCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaotaDeleteExpiringCert.yaml
@@ -0,0 +1,23 @@
+showRunStrategy: true
+default:
+  strategy:
+    runStrategy: 0
+name: BaotaDeleteExpiringCert
+title: 宝塔-删除过期证书
+icon: svg:icon-bt
+group: panel
+desc: 删除证书夹中过期证书
+needPlus: true
+input:
+  accessId:
+    title: 宝塔授权
+    helper: baota的接口密钥
+    component:
+      name: access-selector
+      type: baota
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/plugins/plugin-delete-expiring-cert.js
--- a/packages/ui/certd-server/metadata/deploy_BaotaDeployPanelCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaotaDeployPanelCert.yaml
@@ -0,0 +1,32 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaotaDeployPanelCert
+title: 宝塔-面板证书部署
+icon: svg:icon-bt
+group: panel
+desc: 部署宝塔面板本身的ssl证书
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 宝塔授权
+    helper: baota的接口密钥
+    component:
+      name: access-selector
+      type: baota
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/plugins/plugin-deploy-to-panel.js
--- a/packages/ui/certd-server/metadata/deploy_BaotaDeployWAF.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaotaDeployWAF.yaml
@@ -0,0 +1,63 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaotaDeployWAF
+title: 宝塔-WAF证书部署
+icon: svg:icon-bt
+group: panel
+desc: 部署宝塔云WAF/aaWAF
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  accessId:
+    title: 宝塔WAF授权
+    helper: aaWAF的接口密钥
+    component:
+      name: access-selector
+      type: baotawaf
+    required: true
+    order: 0
+  siteIds:
+    title: 站点ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: onGetSiteList
+      search: true
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    helper: 将会自动获取证书匹配的站点，请选择要部署证书的站点
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/plugins/plugin-deploy-to-aawaf.js
--- a/packages/ui/certd-server/metadata/deploy_BaotaDeployWebSiteCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaotaDeployWebSiteCert.yaml
@@ -0,0 +1,84 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaotaDeployWebSiteCert
+title: 宝塔-网站证书部署
+icon: svg:icon-bt
+group: panel
+desc: 部署宝塔管理的站点的ssl证书，目前支持宝塔网站站点、docker站点等。本插件也支持aaPanel。
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  accessId:
+    title: 宝塔授权
+    helper: baota的接口密钥
+    component:
+      name: access-selector
+      type: baota
+    required: true
+    order: 0
+  isDockerSite:
+    title: 是否Docker站点
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 是否为docker站点
+    required: true
+    order: 0
+  siteName:
+    title: 站点名称
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: GetSiteList
+      watches:
+        - certDomains
+        - accessId
+        - isDockerSite
+    required: true
+    mergeScript: |2-
+
+            return {
+              component:{
+                form: ctx.compute(({form})=>{
+                  return form
+                })
+              },
+           }
+          
+    helper: |-
+      将会自动获取证书匹配的站点名称
+      宝塔版本低于9.0.0时，此处会获取失败，忽略错误，手动输入站点域名即可
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/plugins/plugin-deploy-to-website.js
--- a/packages/ui/certd-server/metadata/deploy_BaotaDeployWebSiteWin.yaml
+++ b/packages/ui/certd-server/metadata/deploy_BaotaDeployWebSiteWin.yaml
@@ -0,0 +1,72 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: BaotaDeployWebSiteWin
+title: 宝塔win-网站证书部署
+icon: svg:icon-bt
+group: panel
+desc: 部署到Windows版宝塔管理的站点的ssl证书
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  accessId:
+    title: 宝塔授权
+    helper: baota的接口密钥
+    component:
+      name: access-selector
+      type: baota
+    required: true
+    order: 0
+  siteIds:
+    title: 站点Id
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      action: GetSiteList
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+            return {
+              component:{
+                form: ctx.compute(({form})=>{
+                  return form
+                })
+              },
+           }
+          
+    helper: 将会自动获取证书匹配的站点名称
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/baota/plugins/plugin-deploy-to-website-win.js
--- a/packages/ui/certd-server/metadata/deploy_CdnflyDeployToCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CdnflyDeployToCDN.yaml
@@ -0,0 +1,116 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: CdnflyDeployToCDN
+title: cdnfly-部署证书到cdnfly
+icon: majesticons:cloud-line
+group: cdn
+desc: cdnfly
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: cdnfly授权
+    helper: cdnfly授权
+    component:
+      name: access-selector
+      type: cdnfly
+    required: true
+    order: 0
+  autoMatch:
+    title: 自动匹配站点
+    component:
+      name: a-switch
+      vModel: checked
+    helper: |-
+      是否自动匹配站点进行部署
+      如果选择自动匹配，则下方参数无需填写
+    order: 0
+  certId:
+    title: 证书ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: CdnflyDeployToCDNPlugin
+      action: onGetCertList
+      search: true
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - cert
+        - accessId
+    required: false
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择证书Id，需要先手动上传一次证书，后续可以自动更新证书【推荐】
+    order: 0
+  siteId:
+    title: 网站Id
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetSiteList
+      search: true
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - url
+        - cert
+        - accessId
+    required: false
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择要部署证书的网站Id
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/cdnfly/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_CertApply.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CertApply.yaml
@@ -0,0 +1,443 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 0
+  input:
+    renewDays: 18
+    forceUpdate: false
+name: CertApply
+title: 证书申请（JS版）
+icon: ph:certificate
+group: cert
+desc: 免费通配符域名证书申请，支持多个域名打到同一个证书上
+input:
+  domains:
+    title: 证书域名
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+      placeholder: foo.com / *.foo.com / *.bar.com
+      tokenSeparators:
+        - ','
+        - ' '
+        - ，
+        - 、
+        - '|'
+    rules:
+      - type: domains
+    required: true
+    col:
+      span: 24
+    order: -999
+    helper: |-
+      1、支持多个域名打到一个证书上，例如： foo.com，*.foo.com，*.bar.com
+      2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com
+      3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）
+      4、输入一个，空格之后，再输入下一个 
+      5、如果设置了子域托管解析（比如免费的二级域名托管在CF或者阿里云），请先[设置托管子域名](#/certd/pipeline/subDomain)
+  email:
+    title: 邮箱
+    component:
+      name: email-selector
+      vModel: value
+    rules:
+      - type: email
+        message: 请输入正确的邮箱
+    required: true
+    order: -1
+    helper: 请输入邮箱
+  challengeType:
+    title: 域名验证方式
+    value: dns
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: dns
+          label: DNS直接验证
+        - value: cname
+          label: CNAME代理验证
+        - value: http
+          label: HTTP文件验证（IP证书只能选它）
+        - value: dnses
+          label: 多DNS提供商
+        - value: auto
+          label: 自动匹配
+    required: true
+    helper: >
+      1. <b>DNS直接验证</b>：当域名dns解析已被本系统支持时（即下方DNS解析服务商选项中可选），推荐选择此方式
+
+      2. 
+      <b>CNAME代理验证</b>：支持任何注册商的域名，第一次需要手动添加[CNAME记录](#/certd/cname/record)（如果经常申请失败，建议将DNS服务器修改为阿里云/腾讯云的，然后使用DNS直接验证）
+
+      3.  <b>HTTP文件验证</b>：不支持泛域名，需要配置网站文件上传（IP证书必须选它）
+
+      4.  <b>多DNS提供商</b>：每个域名可以选择独立的DNS提供商
+
+      5.  <b>自动匹配</b>：此处无需选择校验方式，需要在[域名管理](#/certd/cert/domain)中提前配置好校验方式
+    order: 0
+  sslProvider:
+    title: 证书颁发机构
+    value: letsencrypt
+    component:
+      name: icon-select
+      vModel: value
+      options:
+        - value: letsencrypt
+          label: Let's Encrypt（免费，新手推荐，支持IP证书）
+          icon: simple-icons:letsencrypt
+        - value: google
+          label: Google（免费）
+          icon: flat-color-icons:google
+        - value: zerossl
+          label: ZeroSSL（免费）
+          icon: emojione:digit-zero
+        - value: litessl
+          label: litessl（免费）
+          icon: roentgen:free
+        - value: sslcom
+          label: SSL.com（仅主域名和www免费）
+          icon: la:expeditedssl
+        - value: letsencrypt_staging
+          label: Let's Encrypt测试环境（仅供测试）
+          icon: simple-icons:letsencrypt
+    helper: |-
+      Let's Encrypt：申请最简单
+      Google：大厂光环，兼容性好，仅首次需要翻墙获取EAB授权
+      ZeroSSL：需要EAB授权，无需翻墙
+      SSL.com：仅主域名和www免费,必须设置CAA记录
+    required: true
+    order: 0
+  dnsProviderType:
+    title: DNS解析服务商
+    component:
+      name: dns-provider-selector
+    mergeScript: |2-
+
+          return {
+            show: ctx.compute(({form})=>{
+                return form.challengeType === 'dns'
+            }),
+            component:{
+              onSelectedChange: ctx.compute(({form})=>{
+                return ($event)=>{
+                 form.dnsProviderAccessType = $event.accessType
+                }
+              })
+            }
+          }
+          
+    required: true
+    helper: |-
+      您的域名注册商，或者域名的dns服务器属于哪个平台
+      如果这里没有，请选择CNAME代理验证校验方式
+    order: 0
+  dnsProviderAccess:
+    title: DNS解析授权
+    component:
+      name: access-selector
+    required: true
+    helper: 请选择dns解析服务商授权
+    mergeScript: |-
+      return {
+            component:{
+              type: ctx.compute(({form})=>{
+                  return form.dnsProviderAccessType || form.dnsProviderType
+              })
+            },
+            show: ctx.compute(({form})=>{
+                return form.challengeType === 'dns'
+            })
+          }
+          
+    order: 0
+  domainsVerifyPlan:
+    title: 域名验证配置
+    component:
+      name: domains-verify-plan-editor
+    rules:
+      - type: checkDomainVerifyPlan
+    required: true
+    col:
+      span: 24
+    mergeScript: |-
+      return {
+            component:{
+              domains: ctx.compute(({form})=>{
+                  return form.domains
+              }),
+              defaultType: ctx.compute(({form})=>{
+                  return form.challengeType || 'cname'
+              })
+            },
+            show: ctx.compute(({form})=>{
+                return form.challengeType === 'cname' ||  form.challengeType === 'http' ||  form.challengeType === 'dnses'
+            }),
+            helper: ctx.compute(({form})=>{
+                if(form.challengeType === 'cname' ){
+                    return '请按照上面的提示，给要申请证书的域名添加CNAME记录，添加后，点击验证，验证成功后不要删除记录，申请和续期证书会一直用它'
+                }else if (form.challengeType === 'http'){
+                    return '请按照上面的提示，给每个域名设置文件上传配置，证书申请过程中会上传校验文件到网站根目录的.well-known/acme-challenge/目录下'
+                }else if (form.challengeType === 'http'){
+                    return '给每个域名单独配置dns提供商'
+                }
+            })
+          }
+          
+    order: 0
+  googleCommonEabAccessId:
+    title: Google公共EAB授权
+    isSys: true
+    show: false
+    order: 0
+  zerosslCommonEabAccessId:
+    title: ZeroSSL公共EAB授权
+    isSys: true
+    show: false
+    order: 0
+  sslcomCommonEabAccessId:
+    title: SSL.com公共EAB授权
+    isSys: true
+    show: false
+    order: 0
+  litesslCommonEabAccessId:
+    title: litessl公共EAB授权
+    isSys: true
+    show: false
+    order: 0
+  eabAccessId:
+    title: EAB授权
+    component:
+      name: access-selector
+      type: eab
+    maybeNeed: true
+    required: false
+    helper: >-
+      需要提供EAB授权
+
+      ZeroSSL：请前往[zerossl开发者中心](https://app.zerossl.com/developer),生成 'EAB
+      Credentials'
+
+      Google:请查看[google获取eab帮助文档](https://certd.docmirror.cn/guide/use/google/)，用过一次后会绑定邮箱，后续复用EAB要用同一个邮箱
+
+      SSL.com:[SSL.com账号页面](https://secure.ssl.com/account),然后点击api
+      credentials链接，然后点击编辑按钮，查看Secret key和HMAC key
+
+      litessl:[litesslEAB页面](https://freessl.cn/automation/eab-manager),然后点击新增EAB
+    mergeScript: |2-
+
+          return {
+              show: ctx.compute(({form})=>{
+                  return (form.sslProvider === 'zerossl' && !form.zerosslCommonEabAccessId)
+                  || (form.sslProvider === 'google' && !form.googleCommonEabAccessId)
+                  || (form.sslProvider === 'sslcom' && !form.sslcomCommonEabAccessId)
+                  || (form.sslProvider === 'litessl' && !form.litesslCommonEabAccessId)
+              })
+          }
+          
+    order: 0
+  googleAccessId:
+    title: 服务账号授权
+    component:
+      name: access-selector
+      type: google
+    maybeNeed: true
+    required: false
+    helper: >-
+      google服务账号授权与EAB授权选填其中一个，[服务账号授权获取方法](https://certd.docmirror.cn/guide/use/google/)
+
+      服务账号授权需要配置代理或者服务器本身在海外
+    mergeScript: |2-
+
+          return {
+              show: ctx.compute(({form})=>{
+                  return form.sslProvider === 'google' && !form.googleCommonEabAccessId
+              })
+          }
+          
+    order: 0
+  privateKeyType:
+    title: 加密算法
+    value: rsa_2048
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: rsa_1024
+          label: RSA 1024
+        - value: rsa_2048
+          label: RSA 2048
+        - value: rsa_3072
+          label: RSA 3072
+        - value: rsa_4096
+          label: RSA 4096
+        - value: rsa_2048_pkcs1
+          label: RSA 2048 pkcs1 (旧版)
+        - value: ec_256
+          label: EC 256
+        - value: ec_384
+          label: EC 384
+    helper: |-
+      如无特殊需求，默认即可
+      选择RSA 2048 pkcs1可以获得旧版RSA证书
+    required: true
+    order: 0
+  certProfile:
+    title: 证书配置
+    value: classic
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: classic
+          label: 经典（classic）
+        - value: tlsserver
+          label: TLS服务器（tlsserver）
+        - value: shortlived
+          label: 短暂的（shortlived）
+    helper: 如无特殊需求，默认即可
+    required: false
+    mergeScript: |2-
+
+          return {
+              show: ctx.compute(({form})=>{
+                  return form.sslProvider === 'letsencrypt'
+              })
+          }
+          
+    order: 0
+  preferredChain:
+    title: 首选链
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: ISRG Root X1
+          label: ISRG Root X1
+        - value: ISRG Root X2
+          label: ISRG Root X2
+    helper: 如无特殊需求保持默认即可
+    required: false
+    mergeScript: |2-
+
+          const chainConfigs = {"letsencrypt":{"helper":"如无特殊需求保持默认即可","options":[{"value":"ISRG Root X1","label":"ISRG Root X1"},{"value":"ISRG Root X2","label":"ISRG Root X2"}]},"google":{"helper":"GlobalSign 提供对老旧设备更好的兼容性，但证书链会变长","options":[{"value":"GTS Root R1","label":"GTS Root R1"},{"value":"GlobalSign","label":"GlobalSign"}]}};
+          const supportedProviders = ["letsencrypt","google"];
+          const defaultProvider = "letsencrypt";
+          const getConfig = (provider)=> chainConfigs[provider] || chainConfigs[defaultProvider];
+          return {
+              show: ctx.compute(({form})=> supportedProviders.includes(form.sslProvider)),
+              component: {
+                  options: ctx.compute(({form})=> getConfig(form.sslProvider).options)
+              },
+              helper: ctx.compute(({form})=> getConfig(form.sslProvider).helper),
+              value: ctx.compute(({form})=>{
+                  const { options } = getConfig(form.sslProvider);
+                  const allowed = options.map(item=>item.value);
+                  const current = form.preferredChain;
+                  if(allowed.includes(current)){
+                      return current;
+                  }
+                  return allowed[0];
+              })
+          };
+        
+    order: 0
+  useProxy:
+    title: 使用代理
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: |-
+      如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问，请尝试开启此选项
+      默认情况会进行测试，如果无法访问，将会自动使用代理
+    order: 0
+  reverseProxy:
+    title: 自定义反代地址
+    component:
+      placeholder: google.yourproxy.com
+    helper: |-
+      填写你的自定义反代地址，不要带http://
+      letsencrypt反代目标：acme-v02.api.letsencrypt.org
+      google反代目标：dv.acme-v02.api.pki.goog
+    order: 0
+  skipLocalVerify:
+    title: 跳过本地校验DNS
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    helper: 跳过本地校验可以加快申请速度，同时也会增加失败概率。
+    order: 0
+  maxCheckRetryCount:
+    title: 检查解析重试次数
+    value: 20
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 检查域名验证解析记录重试次数，如果你的域名服务商解析生效速度慢，可以适当增加此值
+    order: 0
+  waitDnsDiffuseTime:
+    title: 等待解析生效时长
+    value: 30
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 等待解析生效时长（秒），如果使用CNAME方式校验，本地验证失败，可以尝试延长此时间（比如5-10分钟）
+    order: 0
+  pfxPassword:
+    title: 证书加密密码
+    component:
+      name: input-password
+      vModel: value
+    required: false
+    order: 100
+    helper: |-
+      转换成PFX、jks格式证书是否需要加密
+      jks必须设置密码，不传则默认123456
+      pfx不传则为空密码
+  pfxArgs:
+    title: PFX证书转换参数
+    value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: ''
+          label: 兼容 Windows Server 最新
+        - value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2016
+        - value: '-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2008
+    required: false
+    order: 100
+    helper: 兼容Windows Server各个版本
+  renewDays:
+    title: 更新天数
+    value: 18
+    component:
+      name: a-input-number
+      vModel: value
+    required: true
+    order: 100
+    helper: 到期前多少天后更新证书，注意：流水线默认不会自动运行，请设置定时器，每天定时运行本流水线
+  successNotify:
+    title: 证书申请成功通知
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 100
+    helper: 证书申请成功后是否发送通知，优先使用默认通知渠道
+output:
+  cert:
+    title: 域名证书
+    type: cert
+  certZip:
+    title: 域名证书压缩文件
+    type: certZip
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/plugin/cert-plugin/index.js
--- a/packages/ui/certd-server/metadata/deploy_CertApplyGetFormAliyun.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CertApplyGetFormAliyun.yaml
@@ -0,0 +1,136 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 0
+name: CertApplyGetFormAliyun
+icon: ph:certificate
+title: 获取阿里云订阅证书
+group: cert
+desc: 从阿里云拉取订阅模式的商用证书
+input:
+  domains:
+    title: 证书域名
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+      placeholder: foo.com / *.foo.com / *.bar.com
+      tokenSeparators:
+        - ','
+        - ' '
+        - ，
+        - 、
+        - '|'
+    rules:
+      - type: domains
+    required: true
+    col:
+      span: 24
+    order: -999
+    helper: |-
+      1、支持多个域名打到一个证书上，例如： foo.com，*.foo.com，*.bar.com
+      2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com
+      3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）
+      4、输入一个，空格之后，再输入下一个 
+      5、如果设置了子域托管解析（比如免费的二级域名托管在CF或者阿里云），请先[设置托管子域名](#/certd/pipeline/subDomain)
+  email:
+    title: 邮箱
+    component:
+      name: email-selector
+      vModel: value
+    rules:
+      - type: email
+        message: 请输入正确的邮箱
+    required: true
+    order: -1
+    helper: 请输入邮箱
+  accessId:
+    title: Access授权
+    helper: 阿里云授权AccessKeyId、AccessKeySecret
+    component:
+      name: access-selector
+      type: aliyun
+    required: true
+    order: 0
+  orderId:
+    title: 证书订单ID
+    component:
+      name: RemoteAutoComplete
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: CertApplyGetFormAliyun
+      action: onGetOrderList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 订阅模式的证书订单Id
+    order: 0
+  pfxPassword:
+    title: 证书加密密码
+    component:
+      name: input-password
+      vModel: value
+    required: false
+    order: 100
+    helper: |-
+      转换成PFX、jks格式证书是否需要加密
+      jks必须设置密码，不传则默认123456
+      pfx不传则为空密码
+  pfxArgs:
+    title: PFX证书转换参数
+    value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: ''
+          label: 兼容 Windows Server 最新
+        - value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2016
+        - value: '-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2008
+    required: false
+    order: 100
+    helper: 兼容Windows Server各个版本
+  renewDays:
+    title: 更新天数
+    value: 18
+    component:
+      name: a-input-number
+      vModel: value
+    required: true
+    order: 100
+    helper: 到期前多少天后更新证书，注意：流水线默认不会自动运行，请设置定时器，每天定时运行本流水线
+  successNotify:
+    title: 证书申请成功通知
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 100
+    helper: 证书申请成功后是否发送通知，优先使用默认通知渠道
+output:
+  cert:
+    title: 域名证书
+    type: cert
+  certZip:
+    title: 域名证书压缩文件
+    type: certZip
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/plugin/cert-plugin/getter/aliyun.js
--- a/packages/ui/certd-server/metadata/deploy_CertApplyLego.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CertApplyLego.yaml
@@ -0,0 +1,173 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 0
+  input:
+    renewDays: 35
+    forceUpdate: false
+name: CertApplyLego
+icon: ph:certificate
+title: 证书申请（Lego）
+group: cert
+desc: 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上
+input:
+  domains:
+    title: 证书域名
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+      placeholder: foo.com / *.foo.com / *.bar.com
+      tokenSeparators:
+        - ','
+        - ' '
+        - ，
+        - 、
+        - '|'
+    rules:
+      - type: domains
+    required: true
+    col:
+      span: 24
+    order: -999
+    helper: |-
+      1、支持多个域名打到一个证书上，例如： foo.com，*.foo.com，*.bar.com
+      2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com
+      3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）
+      4、输入一个，空格之后，再输入下一个 
+      5、如果设置了子域托管解析（比如免费的二级域名托管在CF或者阿里云），请先[设置托管子域名](#/certd/pipeline/subDomain)
+  email:
+    title: 邮箱
+    component:
+      name: email-selector
+      vModel: value
+    rules:
+      - type: email
+        message: 请输入正确的邮箱
+    required: true
+    order: -1
+    helper: 请输入邮箱
+  dnsType:
+    title: DNS类型
+    component:
+      name: a-input
+      vModel: value
+      placeholder: alidns
+    helper: 你的域名是通过哪家提供商进行解析的，具体应该配置什么请参考lego文档：https://go-acme.github.io/lego/dns/
+    required: true
+    order: 0
+  environment:
+    title: 环境变量
+    component:
+      name: a-textarea
+      vModel: value
+      rows: 4
+      placeholder: |-
+        ALICLOUD_ACCESS_KEY=abcdefghijklmnopqrstuvwx
+        ALICLOUD_SECRET_KEY=your-secret-key
+    required: true
+    helper: 一行一条，例如 appKeyId=xxxxx，具体配置请参考lego文档：https://go-acme.github.io/lego/dns/
+    order: 0
+  legoEabAccessId:
+    title: EAB授权
+    component:
+      name: access-selector
+      type: eab
+    maybeNeed: true
+    helper: 如果需要提供EAB授权
+    order: 0
+  customArgs:
+    title: 自定义LEGO全局参数
+    component:
+      name: a-input
+      vModel: value
+      placeholder: '--dns-timeout 30'
+    helper: 额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/
+    maybeNeed: true
+    order: 0
+  customCommandOptions:
+    title: 自定义LEGO签名参数
+    component:
+      name: a-input
+      vModel: value
+      placeholder: '--no-bundle'
+    helper: 额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/
+    maybeNeed: true
+    order: 0
+  privateKeyType:
+    title: 加密算法
+    value: ec256
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - value: rsa2048
+          label: RSA 2048
+        - value: rsa3072
+          label: RSA 3072
+        - value: rsa4096
+          label: RSA 4096
+        - value: rsa8192
+          label: RSA 8192
+        - value: ec256
+          label: EC 256
+        - value: ec384
+          label: EC 384
+    helper: 如无特殊需求，默认即可
+    required: true
+    order: 0
+  pfxPassword:
+    title: 证书加密密码
+    component:
+      name: input-password
+      vModel: value
+    required: false
+    order: 100
+    helper: |-
+      转换成PFX、jks格式证书是否需要加密
+      jks必须设置密码，不传则默认123456
+      pfx不传则为空密码
+  pfxArgs:
+    title: PFX证书转换参数
+    value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: ''
+          label: 兼容 Windows Server 最新
+        - value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2016
+        - value: '-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2008
+    required: false
+    order: 100
+    helper: 兼容Windows Server各个版本
+  renewDays:
+    title: 更新天数
+    value: 18
+    component:
+      name: a-input-number
+      vModel: value
+    required: true
+    order: 100
+    helper: 到期前多少天后更新证书，注意：流水线默认不会自动运行，请设置定时器，每天定时运行本流水线
+  successNotify:
+    title: 证书申请成功通知
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 100
+    helper: 证书申请成功后是否发送通知，优先使用默认通知渠道
+output:
+  cert:
+    title: 域名证书
+    type: cert
+  certZip:
+    title: 域名证书压缩文件
+    type: certZip
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/plugin/cert-plugin/lego/index.js
--- a/packages/ui/certd-server/metadata/deploy_CertApplyUpload.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CertApplyUpload.yaml
@@ -0,0 +1,150 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 0
+name: CertApplyUpload
+icon: ph:certificate
+title: 商用证书托管
+group: cert
+desc: 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次）
+shortcut:
+  certUpdate:
+    title: 更新证书
+    icon: ion:upload
+    action: onCertUpdate
+    form:
+      columns:
+        crt:
+          title: 证书
+          type: text
+          form:
+            component:
+              name: pem-input
+              vModel: modelValue
+              textarea:
+                rows: 4
+                placeholder: |-
+                  -----BEGIN CERTIFICATE-----
+                  ...
+                  ...
+                  -----END CERTIFICATE-----
+            rules:
+              - required: true
+                message: 此项必填
+            col:
+              span: 24
+        key:
+          title: 私钥
+          type: text
+          form:
+            component:
+              name: pem-input
+              vModel: modelValue
+              textarea:
+                rows: 4
+                placeholder: |-
+                  -----BEGIN PRIVATE KEY-----
+                  ...
+                  ...
+                  -----END PRIVATE KEY----- 
+            rules:
+              - required: true
+                message: 此项必填
+            col:
+              span: 24
+input:
+  uploadCert:
+    title: 手动上传证书
+    component:
+      name: cert-info-updater
+      vModel: modelValue
+    helper: 手动上传证书
+    order: -9999
+    required: true
+    mergeScript: |2-
+
+          return {
+            component:{
+              on:{
+                updated(scope){
+                  scope.form.input.domains = scope.$event?.domains
+                }
+              }
+            }
+          }
+          
+  domains:
+    title: 证书域名
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+      placeholder: foo.com / *.foo.com / *.bar.com
+      tokenSeparators:
+        - ','
+        - ' '
+        - ，
+        - 、
+        - '|'
+    rules:
+      - type: domains
+    required: true
+    col:
+      span: 24
+    order: -999
+    helper: |-
+      1、支持多个域名打到一个证书上，例如： foo.com，*.foo.com，*.bar.com
+      2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com
+      3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）
+      4、输入一个，空格之后，再输入下一个 
+      5、如果设置了子域托管解析（比如免费的二级域名托管在CF或者阿里云），请先[设置托管子域名](#/certd/pipeline/subDomain)
+  pfxPassword:
+    title: 证书加密密码
+    component:
+      name: input-password
+      vModel: value
+    required: false
+    order: 100
+    helper: |-
+      转换成PFX、jks格式证书是否需要加密
+      jks必须设置密码，不传则默认123456
+      pfx不传则为空密码
+  pfxArgs:
+    title: PFX证书转换参数
+    value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: ''
+          label: 兼容 Windows Server 最新
+        - value: '-macalg SHA1 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2016
+        - value: '-nomac -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES'
+          label: 兼容 Windows Server 2008
+    required: false
+    order: 100
+    helper: 兼容Windows Server各个版本
+  renewDays:
+    title: 过期前提醒
+    value: 10
+    component:
+      name: a-input-number
+      vModel: value
+    required: true
+    order: 100
+    helper: 到期前多少天提醒
+output:
+  cert:
+    title: 域名证书
+    type: cert
+  certZip:
+    title: 域名证书压缩文件
+    type: certZip
+  certMd5:
+    title: 证书MD5
+    type: certMd5
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-cert/plugin/cert-plugin/custom/index.js
--- a/packages/ui/certd-server/metadata/deploy_CtyunDeployToCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_CtyunDeployToCDN.yaml
@@ -0,0 +1,98 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: CtyunDeployToCDN
+title: 天翼云-部署证书到CDN
+icon: svg:icon-ctyun
+group: cdn
+desc: 部署证书到天翼云CDN和全站加速
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: true
+    order: 0
+  productCode:
+    title: 产品类型
+    helper: 加速产品类型
+    component:
+      name: a-select
+      options:
+        - label: 静态加速
+          value: '001'
+        - label: 下载加速
+          value: '003'
+        - label: 视频点播加速
+          value: '004'
+        - label: CDN加速
+          value: '008'
+        - label: 全站加速
+          value: '006'
+        - label: 安全加速
+          value: '007'
+        - label: 下载加速闲时
+          value: '014'
+    required: true
+    order: 0
+  accessId:
+    title: 天翼云授权
+    helper: 天翼云授权
+    component:
+      name: access-selector
+      type: ctyun
+    required: true
+    order: 0
+  domains:
+    title: 加速域名
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: CtyunDeployToCDN
+      action: onGetDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择加速域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/ctyun/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_DeployCertToAliyunAck.yaml
+++ b/packages/ui/certd-server/metadata/deploy_DeployCertToAliyunAck.yaml
@@ -0,0 +1,137 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: DeployCertToAliyunAck
+title: 阿里云-部署到Ack
+icon: svg:icon-aliyun
+desc: 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用
+group: aliyun
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: Access授权
+    helper: 阿里云授权AccessKeyId、AccessKeySecret
+    component:
+      name: access-selector
+      type: aliyun
+    required: true
+    order: 0
+  regionId:
+    title: 大区
+    component:
+      name: a-auto-complete
+      vModel: value
+      options:
+        - value: cn-qingdao
+          label: 华北1（青岛）
+        - value: cn-beijing
+          label: 华北2（北京）
+        - value: cn-zhangjiakou
+          label: 华北3（张家口）
+        - value: cn-huhehaote
+          label: 华北5（呼和浩特）
+        - value: cn-wulanchabu
+          label: 华北6（乌兰察布）
+        - value: cn-hangzhou
+          label: 华东1（杭州）
+        - value: cn-shanghai
+          label: 华东2（上海）
+        - value: cn-shenzhen
+          label: 华南1（深圳）
+        - value: cn-guangzhou
+          label: 华南3（广州）
+        - value: ap-southeast-2
+          label: 澳大利亚（悉尼）
+        - value: ap-southeast-3
+          label: 马来西亚（吉隆坡）
+        - value: ap-northeast-1
+          label: 日本（东京）
+        - value: cn-chengdu
+          label: 西南1（成都）
+        - value: ap-southeast-1
+          label: 新加坡
+        - value: ap-southeast-5
+          label: 印度尼西亚（雅加达）
+        - value: cn-hongkong
+          label: 中国香港
+        - value: eu-central-1
+          label: 德国（法兰克福）
+        - value: us-east-1
+          label: 美国（弗吉尼亚）
+        - value: us-west-1
+          label: 美国（硅谷）
+        - value: eu-west-1
+          label: 英国（伦敦）
+        - value: me-east-1
+          label: 阿联酋（迪拜）
+        - value: cn-beijing-finance-1
+          label: 华北2 金融云（邀测）
+        - value: cn-hangzhou-finance
+          label: 华东1 金融云
+        - value: cn-shanghai-finance-1
+          label: 华东2 金融云
+        - value: cn-shenzhen-finance-1
+          label: 华南1 金融云
+      placeholder: 集群所属大区
+    required: true
+    order: 0
+  clusterId:
+    title: 集群id
+    component:
+      placeholder: 集群id
+    required: true
+    order: 0
+  secretName:
+    title: 保密字典Id
+    component:
+      placeholder: 保密字典Id
+    helper: 原本存储证书的secret的name
+    required: true
+    order: 0
+  namespace:
+    title: 命名空间
+    value: default
+    component:
+      placeholder: 命名空间
+    required: true
+    order: 0
+  isPrivateIpAddress:
+    title: 是否私网ip
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+      placeholder: 集群连接端点是否是私网ip
+    helper: 如果您当前certd运行在同一个私网下，可以选择是。
+    required: true
+    order: 0
+  skipTLSVerify:
+    title: 忽略证书校验
+    required: false
+    helper: 是否忽略证书校验
+    component:
+      name: a-switch
+      vModel: checked
+    order: 0
+  createOnNotFound:
+    title: Secret自动创建
+    helper: 如果Secret不存在，则创建
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-aliyun/plugin/deploy-to-ack/index.js
--- a/packages/ui/certd-server/metadata/deploy_HostDeployToIIS.yaml
+++ b/packages/ui/certd-server/metadata/deploy_HostDeployToIIS.yaml
@@ -0,0 +1,77 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: HostDeployToIIS
+title: IIS-部署到IIS站点
+icon: devicon:windows8
+group: host
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: 主机SSH授权
+    component:
+      name: access-selector
+      type: ssh
+    required: true
+    order: 0
+  siteNames:
+    title: 站点名称
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetSiteList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择或手动输入网站名称
+    order: 0
+  pfxPassword:
+    title: 证书密码
+    required: false
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-host/plugin/plugin-deploy-to-iis.js
--- a/packages/ui/certd-server/metadata/deploy_K8sApply.yaml
+++ b/packages/ui/certd-server/metadata/deploy_K8sApply.yaml
@@ -0,0 +1,52 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: K8sApply
+title: K8S-Apply自定义yaml
+icon: mdi:kubernetes
+desc: apply自定义yaml到k8s
+needPlus: true
+group: panel
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  preOutput:
+    title: 前置任务输出
+    helper: 请选择前置任务输出的内容
+    component:
+      name: output-selector
+      from:
+        - '::'
+    required: false
+    order: 0
+  accessId:
+    title: k8s授权
+    helper: kubeconfig
+    component:
+      name: access-selector
+      type: k8s
+    required: true
+    order: 0
+  yamlContent:
+    title: yaml
+    required: true
+    helper: >-
+      apply
+      yaml，模板变量：主域名=${mainDomain}、全部域名=${domains}、过期时间=${expiresTime}、证书PEM=${crt}、证书私钥=${key}、中间证书/CA证书=${ic}、前置任务输出=${preOutput}
+    component:
+      name: a-textarea
+      vModel: value
+      rows: 6
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/k8s/plugins/plugin-apply.js
--- a/packages/ui/certd-server/metadata/deploy_K8sDeployToIngress.yaml
+++ b/packages/ui/certd-server/metadata/deploy_K8sDeployToIngress.yaml
@@ -0,0 +1,52 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: K8sDeployToIngress
+title: K8S-Ingress 证书部署
+icon: mdi:kubernetes
+desc: 部署证书到k8s的Ingress
+needPlus: false
+group: panel
+input:
+  namespace:
+    title: 命名空间
+    value: default
+    component:
+      placeholder: 命名空间
+    required: true
+    order: 0
+  ingressName:
+    title: IngressName
+    required: true
+    helper: Ingress名称，根据名称查找证书Secret，然后更新
+    order: 0
+  accessId:
+    title: k8s授权
+    helper: kubeconfig
+    component:
+      name: access-selector
+      type: k8s
+    required: true
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  createOnNotFound:
+    title: Secret自动创建
+    helper: 如果Secret不存在，则创建
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/k8s/plugins/plugin-ingress.js
--- a/packages/ui/certd-server/metadata/deploy_K8sDeployToSecret.yaml
+++ b/packages/ui/certd-server/metadata/deploy_K8sDeployToSecret.yaml
@@ -0,0 +1,67 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: K8sDeployToSecret
+title: K8S-部署证书到Secret
+icon: mdi:kubernetes
+desc: 部署证书到k8s的secret
+needPlus: false
+group: panel
+input:
+  namespace:
+    title: 命名空间
+    value: default
+    component:
+      placeholder: 命名空间
+    required: true
+    order: 0
+  secretName:
+    title: 保密字典Id
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+    helper: 原本存储证书的secret的name
+    required: true
+    order: 0
+  accessId:
+    title: k8s授权
+    helper: kubeconfig
+    component:
+      name: access-selector
+      type: k8s
+    required: true
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  ingressName:
+    title: ingress名称
+    required: false
+    helper: 填写之后会自动重启ingress
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+    order: 0
+  createOnNotFound:
+    title: Secret自动创建
+    helper: 如果Secret不存在，则创建
+    value: false
+    component:
+      name: a-switch
+      vModel: checked
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/k8s/plugins/plugin-secret.js
--- a/packages/ui/certd-server/metadata/deploy_KuocaiDeployToRCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_KuocaiDeployToRCDN.yaml
@@ -0,0 +1,59 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: KuocaiDeployToRCDN
+title: 括彩云-部署到括彩云CDN
+icon: material-symbols:shield-outline
+group: cdn
+desc: 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8)
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 括彩云CDN授权
+    helper: 括彩云CDN授权
+    component:
+      name: access-selector
+      type: kuocaicdn
+    required: true
+    order: 0
+  domains:
+    title: 域名列表
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: KuocaiDeployToCDNPlugin
+      action: onGetDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要部署证书的站点域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/kuocai/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_LeCDNUpdateCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_LeCDNUpdateCert.yaml
@@ -0,0 +1,57 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: LeCDNUpdateCert
+title: LeCDN-更新证书
+icon: material-symbols:shield-outline
+group: cdn
+needPlus: false
+input:
+  accessId:
+    title: LeCDN授权
+    component:
+      name: access-selector
+      type: lecdn
+    required: true
+    order: 0
+  certIds:
+    title: 证书ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: LeCDNUpdateCert
+      action: onGetCertList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要更新的证书id，注意域名是否与证书匹配
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/lecdn/plugins/plugin-update-cert.js
--- a/packages/ui/certd-server/metadata/deploy_LeCDNUpdateCertV2.yaml
+++ b/packages/ui/certd-server/metadata/deploy_LeCDNUpdateCertV2.yaml
@@ -0,0 +1,58 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: LeCDNUpdateCertV2
+title: LeCDN-更新证书V2
+desc: 支持新版本LeCDN
+icon: material-symbols:shield-outline
+group: cdn
+needPlus: false
+input:
+  accessId:
+    title: LeCDN授权
+    component:
+      name: access-selector
+      type: lecdn
+    required: true
+    order: 0
+  certIds:
+    title: 证书ID
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: LeCDNUpdateCertV2
+      action: onGetCertList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要更新的证书id，注意域名是否与证书匹配
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/lecdn/plugins/plugin-update-cert-v2.js
--- a/packages/ui/certd-server/metadata/deploy_LuckyUpdateCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_LuckyUpdateCert.yaml
@@ -0,0 +1,74 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: LuckyUpdateCert
+title: lucky-更新Lucky证书
+icon: svg:icon-lucky
+group: panel
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: Lucky授权
+    component:
+      name: access-selector
+      type: lucky
+    required: true
+    order: 0
+  certList:
+    title: Lucky证书
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: LuckyUpdateCert
+      action: onGetCertList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 要更新的Lucky证书
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/lucky/plugins/plugin-upload.js
--- a/packages/ui/certd-server/metadata/deploy_MaoyunDeployToCdn.yaml
+++ b/packages/ui/certd-server/metadata/deploy_MaoyunDeployToCdn.yaml
@@ -0,0 +1,73 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: MaoyunDeployToCdn
+title: Maoyun-更新猫云CDN证书
+icon: svg:icon-lucky
+group: cdn
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: Maoyun授权
+    component:
+      name: access-selector
+      type: maoyun
+    required: true
+    order: 0
+  domainList:
+    title: CDN加速域名
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 要部署证书的域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/maoyun/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_PleskDeploySiteCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_PleskDeploySiteCert.yaml
@@ -0,0 +1,80 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: PleskDeploySiteCert
+title: Plesk-部署Plesk网站证书
+icon: svg:icon-plesk
+group: panel
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: Plesk授权
+    component:
+      name: access-selector
+      type: plesk
+    required: true
+    order: 0
+  siteDomainIds:
+    title: 网站域名列表
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要更新的站点域名，注意域名是否与证书匹配
+    order: 0
+  clearUnused:
+    title: 删除未使用证书
+    component:
+      name: a-switch
+      vModel: checked
+    required: false
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/plesk/plugins/plugin-deploy-cert.js
--- a/packages/ui/certd-server/metadata/deploy_PleskRefreshCert.yaml
+++ b/packages/ui/certd-server/metadata/deploy_PleskRefreshCert.yaml
@@ -0,0 +1,74 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: PleskRefreshCert
+title: Plesk-更新证书
+icon: svg:icon-plesk
+desc: 不会创建新证书记录，直接更新旧的证书
+group: panel
+needPlus: true
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: Plesk授权
+    component:
+      name: access-selector
+      type: plesk
+    required: true
+    order: 0
+  domainCertIds:
+    title: 证书列表
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      action: onGetCertList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要更新的站点域名，注意域名是否与证书匹配
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/plesk/plugins/plugin-refresh-cert.js
--- a/packages/ui/certd-server/metadata/deploy_QiniuDeployCertToOSS.yaml
+++ b/packages/ui/certd-server/metadata/deploy_QiniuDeployCertToOSS.yaml
@@ -0,0 +1,37 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: QiniuDeployCertToOSS
+title: 七牛云-部署证书至OSS
+icon: svg:icon-qiniuyun
+group: qiniu
+desc: 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名
+input:
+  domainName:
+    title: 自定义源站域名
+    helper: 你在七牛云上配置的OSS域名，比如:certd.handsfree.work
+    required: true
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书，或者上传到七牛云的证书id
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+        - QiniuCertUpload
+    required: true
+    order: 0
+  accessId:
+    title: Access授权
+    helper: 七牛云授权
+    component:
+      name: access-selector
+      type: qiniu
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-qiniu/plugin/plugin-deploy-to-oss.js
--- a/packages/ui/certd-server/metadata/deploy_SafelineDeployToWebsitePlugin.yaml
+++ b/packages/ui/certd-server/metadata/deploy_SafelineDeployToWebsitePlugin.yaml
@@ -0,0 +1,76 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: SafelineDeployToWebsitePlugin
+title: 雷池-更新证书
+icon: svg:icon-safeline
+desc: 更新长亭雷池WAF的证书
+group: panel
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  certDomains:
+    title: 当前证书域名
+    component:
+      name: cert-domains-getter
+    mergeScript: |2-
+
+              return {
+                component:{
+                    inputKey: ctx.compute(({form})=>{
+                      return form.cert
+                    }),
+                }
+              }
+              
+    template: false
+    required: false
+    order: 0
+  accessId:
+    title: 雷池授权
+    helper: 长亭雷池授权
+    component:
+      name: access-selector
+      type: safeline
+    required: true
+    order: 0
+  certIds:
+    title: 雷池证书
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: SafelineDeployToWebsitePlugin
+      action: onGetCertIds
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 请选择要更新的雷池的证书Id，需要先手动到雷池控制台上传一次
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/safeline/plugins/deploy-to-website.js
--- a/packages/ui/certd-server/metadata/deploy_SynologyDeployToPanel.yaml
+++ b/packages/ui/certd-server/metadata/deploy_SynologyDeployToPanel.yaml
@@ -0,0 +1,43 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: SynologyDeployToPanel
+title: 群晖-部署证书到群晖面板
+icon: simple-icons:synology
+group: panel
+desc: Synology，支持6.x以上版本
+needPlus: true
+input:
+  certName:
+    title: 群晖证书描述
+    component:
+      name: a-input
+      vModel: value
+      placeholder: 群晖证书描述
+    required: false
+    helper: |-
+      在群晖证书管理页面里面，选择证书，点击操作，给证书设置描述，然后填写到这里
+      如果不填，则覆盖更新全部证书
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 群晖授权
+    helper: 群晖登录授权，请确保账户是管理员用户组
+    component:
+      name: access-selector
+      type: synology
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/synology/plugins/plugin-deploy-to-panel.js
--- a/packages/ui/certd-server/metadata/deploy_UniCloudDeployToSpace.yaml
+++ b/packages/ui/certd-server/metadata/deploy_UniCloudDeployToSpace.yaml
@@ -0,0 +1,62 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: UniCloudDeployToSpace
+title: uniCloud-部署到服务空间
+icon: material-symbols:shield-outline
+group: panel
+desc: 部署到服务空间
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: uniCloud授权
+    helper: uniCloud授权
+    component:
+      name: access-selector
+      type: unicloud
+    required: true
+    order: 0
+  spaceId:
+    title: 服务空间ID
+    component:
+      name: a-input
+      vModel: value
+    helper: spaceId
+    order: 0
+  provider:
+    title: 空间提供商
+    component:
+      name: a-select
+      vModel: value
+      options:
+        - label: 阿里云
+          value: aliyun
+        - label: 腾讯云
+          value: tencent
+        - label: 支付宝云
+          value: alipay
+    helper: 空间提供商
+    order: 0
+  domains:
+    title: 空间域名
+    component:
+      name: a-select
+      vModel: value
+      mode: tags
+      open: false
+    helper: 空间域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/unicloud/plugins/plugin-deploy-to-space.js
--- a/packages/ui/certd-server/metadata/deploy_UploadCertToFTP.yaml
+++ b/packages/ui/certd-server/metadata/deploy_UploadCertToFTP.yaml
@@ -0,0 +1,169 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: UploadCertToFTP
+title: FTP-上传证书到FTP
+icon: mdi:folder-upload-outline
+group: host
+desc: 将证书上传到FTP服务器
+needPlus: false
+input:
+  certType:
+    title: 证书格式
+    helper: 要部署的证书格式，支持pem、pfx、der、jks
+    component:
+      name: a-select
+      options:
+        - value: pem
+          label: pem，Nginx等大部分应用
+        - value: pfx
+          label: pfx，一般用于IIS
+        - value: der
+          label: der，一般用于Apache
+        - value: jks
+          label: jks，一般用于JAVA应用
+        - value: one
+          label: 一体化证书，证书和私钥合并为一个pem文件
+    required: true
+    order: 0
+  crtPath:
+    title: PEM证书保存路径
+    helper: 需要有写入权限，路径要包含文件名
+    component:
+      placeholder: /test/fullchain.pem
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'pem';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  keyPath:
+    title: 私钥保存路径
+    helper: 需要有写入权限，路径要包含文件名
+    component:
+      placeholder: /test/privatekey.pem
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'pem';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  icPath:
+    title: 中间证书保存路径
+    helper: 需要有写入权限，路径要包含文件名
+    component:
+      placeholder: /test/immediate.pem
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'pem';
+              })
+            }
+          
+    rules:
+      - type: filepath
+    order: 0
+  pfxPath:
+    title: PFX证书保存路径
+    helper: 需要有写入权限，路径要包含文件名
+    component:
+      placeholder: /test/cert.pfx
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'pfx';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  derPath:
+    title: DER证书保存路径
+    helper: |-
+      需要有写入权限，路径要包含文件名
+      .der和.cer是相同的东西，改个后缀名即可
+    component:
+      placeholder: /test/cert.der 或 /test/cert.cer
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'der';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  jksPath:
+    title: jks证书保存路径
+    helper: 证书原本的保存路径，路径要包含文件名
+    component:
+      placeholder: /test/javaapp/cert.jks
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'jks';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  onePath:
+    title: 一体化证书保存路径
+    helper: 证书原本的保存路径，路径要包含文件名
+    component:
+      placeholder: /app/ssl/one.pem
+    mergeScript: |2-
+
+            return {
+              show: ctx.compute(({form})=>{
+                return form.certType === 'one';
+              })
+            }
+          
+    required: true
+    rules:
+      - type: filepath
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: FTP授权
+    component:
+      name: access-selector
+      type: ftp
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/ftp/plugins/plugin-upload-to-ftp.js
--- a/packages/ui/certd-server/metadata/deploy_YidunDeployToCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_YidunDeployToCDN.yaml
@@ -0,0 +1,46 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: YidunDeployToCDN
+title: 易盾-部署到易盾DCDN
+icon: material-symbols:shield-outline
+group: cdn
+desc: 主要是防御，http://user.yiduncdn.com/
+needPlus: false
+input:
+  certId:
+    title: 证书ID
+    component:
+      name: a-input-number
+      vModel: value
+    helper: 证书ID,在证书管理页面查看，每条记录都有证书id
+    order: 0
+  domain:
+    title: 网站域名
+    component:
+      name: a-input
+      vModel: value
+    helper: 网站域名和证书ID选填其中一个，填了证书ID，则忽略网站域名
+    order: 0
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 易盾授权
+    helper: 易盾CDN授权
+    component:
+      name: access-selector
+      type: yidun
+    required: true
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yidun/plugins/plugin-deploy-to-cdn.js
--- a/packages/ui/certd-server/metadata/deploy_YidunDeployToRCDN.yaml
+++ b/packages/ui/certd-server/metadata/deploy_YidunDeployToRCDN.yaml
@@ -0,0 +1,59 @@
+showRunStrategy: false
+default:
+  strategy:
+    runStrategy: 1
+name: YidunDeployToRCDN
+title: 易盾-部署到易盾RCDN
+icon: material-symbols:shield-outline
+group: cdn
+desc: 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8)
+needPlus: false
+input:
+  cert:
+    title: 域名证书
+    helper: 请选择前置任务输出的域名证书
+    component:
+      name: output-selector
+      from:
+        - ':cert:'
+    required: true
+    order: 0
+  accessId:
+    title: 易盾RCDN授权
+    helper: 易盾RCDN授权
+    component:
+      name: access-selector
+      type: yidunrcdn
+    required: true
+    order: 0
+  domains:
+    title: 域名列表
+    component:
+      name: remote-select
+      vModel: value
+      mode: tags
+      type: plugin
+      typeName: YidunDeployToRCDNPlugin
+      action: onGetDomainList
+      search: false
+      pager: false
+      watches:
+        - certDomains
+        - accessId
+    required: true
+    mergeScript: |2-
+
+                return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 选择要部署证书的站点域名
+    order: 0
+output: {}
+pluginType: deploy
+type: builtIn
+scriptFilePath: ../../../plugins/plugin-plus/yidun/plugins/plugin-deploy-to-rcdn.js