v1.39.5

https://github.com/certd/certd/issues/683
https://github.com/certd/certd/discussions/668

.github/workflows/build-image.yml

@@ -4,7 +4,7 @@ on:
     branches: ['v2-dev']
     paths:
       - "trigger/build.trigger"
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -21,7 +21,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
-
+          ref: 'v2-dev'
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6

.github/workflows/deploy-demo.yml

@@ -8,6 +8,8 @@ on:
     workflows: [ "build-image" ]
     types:
       - completed
+  workflow_dispatch:    # 添加手动触发
+
 
 
 #  schedule:
@@ -26,6 +28,7 @@ jobs:
         with:
           fetch-depth: 0
           ref: v2-dev
+          
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6

.github/workflows/publish-atom.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,17 @@ permissions:
 jobs:
   publish-atomgit:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
+
       - name: get_certd_version
         id: get_certd_version
         uses: actions/github-script@v6

.github/workflows/publish-gitee.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
   publish-gitee:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
             
       - name: publish_to_gitee
         id: publish_to_gitee

.github/workflows/publish-github.yaml

@@ -8,7 +8,7 @@ on:
     workflows: [ "build-image-for-release" ]
     types:
       - completed
-
+  workflow_dispatch:    # 添加手动触发
 #  schedule:
 #    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
 #    - cron: '17 19 * * *'
@@ -19,13 +19,16 @@ permissions:
 jobs:
   publish-github:
     runs-on: ubuntu-latest
-    if: ${{ github.event.workflow_run.conclusion == 'success' }}
+    if: |
+      github.event_name == 'workflow_dispatch' || 
+      (github.event.workflow_run.conclusion == 'success')
     steps:
       - name: Checkout Code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
             
       - name: publish_to_github
         id: publish_to_github

.github/workflows/release-image.yml

@@ -4,6 +4,7 @@ on:
     branches: ['v2-dev']
     paths:
       - "trigger/release.trigger"
+  workflow_dispatch:    # 添加手动触发
 #  workflow_run:
 #    workflows: [ "deploy-demo" ]
 #    types:
@@ -25,6 +26,7 @@ jobs:
         with:
           fetch-depth: 0
           lfs: true
+          ref: 'v2-dev'
 
       - name: get_certd_version
         id: get_certd_version

.trae/skills/access-plugin-dev/SKILL.md

@@ -65,6 +65,20 @@ demoKeyId = '';
   encrypt: true, //该属性是否需要加密
 })
 demoKeySecret = '';
+
+
+
+@AccessInput({
+  title: '另外一个授权Id',//标题
+  component: {
+    name:"access-selector", //access选择组件
+    vModel:"modelValue",
+    type: "ssh", // access类型，让用户固定选择这种类型的access
+  },
+  required: true,  //text组件可以省略
+})
+otherAccessId;
+
 ```
 
 ### 4. 实现测试方法
@@ -93,7 +107,7 @@ async onTestRequest() {
 
 ```typescript
 /**
- * 获api接口示例 取域名列表，
+ * api接口示例 获取域名列表，
  */
 async GetDomainList(req: PageSearch): Promise<PageRes<DomainRecord>> {
   //输出日志必须使用ctx.logger

.trae/skills/plugin-converter/SKILL.md

@@ -2,7 +2,7 @@
 
 ## 什么是插件转换工具
 
-插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，方便插件的注册和管理。
+插件转换工具是一个用于将 Certd 插件转换为 YAML 配置文件的命令行工具。它可以分析单个插件文件，识别插件类型，并生成对应的 YAML 配置，可以让插件分发和在线注册。
 
 ## 工具位置
 

.trae/skills/task-plugin-dev/SKILL.md

@@ -80,7 +80,8 @@ certDomains!: string[];
   helper: 'demoAccess授权',
   component: {
     name: 'access-selector',
-    type: 'demo', // 固定授权类型
+    vModel:"modelValue",
+    type: "demo", // access类型，让用户固定选择这种类型的access
   },
   // rules: [{ required: true, message: '此项必填' }],
   // required: true, // 必填

.vscode/launch.json

@@ -79,5 +79,15 @@
                 "PLUS_SERVER_BASE_URL": "http://127.0.0.1:11007"
             }
         }
+    ],
+    "compounds": [
+        {
+            "name": "all",
+            "configurations": [
+                "server",
+                "client",
+            ],
+            "stopAll": false
+        },
     ]
 }

CHANGELOG.md

@@ -3,6 +3,58 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Bug Fixes
+
+* 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
+
+### Performance Improvements
+
+* 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+* 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 ### Bug Fixes

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,46 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+* 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 ### Bug Fixes

docs/guide/install/1panel/index.md

@@ -40,7 +40,7 @@ admin/123456
    https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
 
 ::: tip
-默认使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](./install/database.md)
+默认使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 
 2. 然后到 `1Panel->容器->编排->新建编排`

docs/guide/install/baota/index.md

@@ -31,7 +31,7 @@
 ![](./images/2.png)
 
 ::: tip
-默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](./install/database.md)
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 
 

docs/guide/install/docker/index.md

@@ -43,7 +43,7 @@ docker compose up -d
 > https://docs.docker.com/compose/install/linux/   
 
 ::: tip
-默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](./install/database.md)
+默认安装使用SQLite数据库，如果需要使用MySQL、PostgreSQL数据库，请参考[多数据库支持](../database.md)
 :::
 
 ### 3. 访问测试

docs/guide/plugins/access.md

@@ -20,58 +20,59 @@
 | 16.| **APISIX授权** |  | 
 | 17.| **亚马逊云aws授权** |  | 
 | 18.| **亚马逊云科技（国区）授权** |  | 
-| 19.| **CacheFly** | CacheFly | 
-| 20.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
-| 21.| **google cloud** | 谷歌云授权 | 
-| 22.| **cloudflare授权** |  | 
-| 23.| **中国移动CND授权** |  | 
-| 24.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
-| 25.| **dns.la授权** |  | 
-| 26.| **多吉云** |  | 
-| 27.| **Dokploy授权** |  | 
-| 28.| **farcdn授权** |  | 
-| 29.| **FlexCDN授权** |  | 
-| 30.| **Gcore** | Gcore | 
-| 31.| **Github授权** |  | 
-| 32.| **godaddy授权** |  | 
-| 33.| **金山云授权** |  | 
-| 34.| **FTP授权** |  | 
-| 35.| **七牛OSS授权** |  | 
-| 36.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
-| 37.| **s3/minio授权** | S3/minio oss授权 | 
-| 38.| **namesilo授权** |  | 
-| 39.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
-| 40.| **1panel授权** | 账号和密码 | 
-| 41.| **支付宝** |  | 
-| 42.| **白山云授权** |  | 
-| 43.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
-| 44.| **cdnfly授权** |  | 
-| 45.| **k8s授权** |  | 
-| 46.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 47.| **LeCDN授权** |  | 
-| 48.| **lucky** |  | 
-| 49.| **猫云授权** |  | 
-| 50.| **plesk授权** |  | 
-| 51.| **长亭雷池授权** |  | 
-| 52.| **群晖登录授权** |  | 
-| 53.| **uniCloud** | unicloud授权 | 
-| 54.| **微信支付** |  | 
-| 55.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
-| 56.| **易发云短信** | sms.yfyidc.cn/ | 
-| 57.| **易盾DCDN授权** | https://user.yiduncdn.com | 
-| 58.| **易支付** |  | 
-| 59.| **proxmox** |  | 
-| 60.| **UCloud授权** | 优刻得授权 | 
-| 61.| **又拍云** |  | 
-| 62.| **网宿授权** |  | 
-| 63.| **西部数码授权** |  | 
-| 64.| **我爱云授权** | 我爱云CDN | 
-| 65.| **新网授权（代理方式）** |  | 
-| 66.| **新网授权** |  | 
-| 67.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
-| 68.| **Zenlayer授权** | Zenlayer授权 | 
-| 69.| **GoEdge授权** |  | 
-| 70.| **雨云授权** | https://app.rainyun.com/ | 
+| 19.| **BIND9 DNS 授权** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 20.| **CacheFly** | CacheFly | 
+| 21.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 22.| **google cloud** | 谷歌云授权 | 
+| 23.| **cloudflare授权** |  | 
+| 24.| **中国移动CND授权** |  | 
+| 25.| **授权插件示例** | 这是一个示例授权插件，用于演示如何实现一个授权插件 | 
+| 26.| **dns.la授权** |  | 
+| 27.| **多吉云** |  | 
+| 28.| **Dokploy授权** |  | 
+| 29.| **farcdn授权** |  | 
+| 30.| **FlexCDN授权** |  | 
+| 31.| **Gcore** | Gcore | 
+| 32.| **Github授权** |  | 
+| 33.| **godaddy授权** |  | 
+| 34.| **金山云授权** |  | 
+| 35.| **FTP授权** |  | 
+| 36.| **七牛OSS授权** |  | 
+| 37.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 38.| **s3/minio授权** | S3/minio oss授权 | 
+| 39.| **namesilo授权** |  | 
+| 40.| **Next Terminal 授权** | 用于访问 Next Terminal API 的授权配置 | 
+| 41.| **1panel授权** | 账号和密码 | 
+| 42.| **支付宝** |  | 
+| 43.| **白山云授权** |  | 
+| 44.| **宝塔云WAF授权** | 用于连接和管理宝塔云WAF服务的授权配置 | 
+| 45.| **cdnfly授权** |  | 
+| 46.| **k8s授权** |  | 
+| 47.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 48.| **LeCDN授权** |  | 
+| 49.| **lucky** |  | 
+| 50.| **猫云授权** |  | 
+| 51.| **plesk授权** |  | 
+| 52.| **长亭雷池授权** |  | 
+| 53.| **群晖登录授权** |  | 
+| 54.| **uniCloud** | unicloud授权 | 
+| 55.| **微信支付** |  | 
+| 56.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 57.| **易发云短信** | sms.yfyidc.cn/ | 
+| 58.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 59.| **易支付** |  | 
+| 60.| **proxmox** |  | 
+| 61.| **UCloud授权** | 优刻得授权 | 
+| 62.| **又拍云** |  | 
+| 63.| **网宿授权** |  | 
+| 64.| **西部数码授权** |  | 
+| 65.| **我爱云授权** | 我爱云CDN | 
+| 66.| **新网授权（代理方式）** |  | 
+| 67.| **新网授权** |  | 
+| 68.| **新网互联授权** | 仅支持代理账号，ip需要加入白名单 | 
+| 69.| **Zenlayer授权** | Zenlayer授权 | 
+| 70.| **GoEdge授权** |  | 
+| 71.| **雨云授权** | https://app.rainyun.com/ | 
 
 <style module>
 table th:first-of-type {

docs/guide/plugins/deploy.md

@@ -112,9 +112,9 @@
 | 1.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
 | 2.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
 | 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
-| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用，支持CDN域名以及COS加速域名 | 
 | 5.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
-| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书，注意是源站域名，加速域名请使用腾讯云CDN v2插件【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
 | 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EdgeOne(EO) | 
 | 8.| **腾讯云-部署到腾讯云直播** | https://console.cloud.tencent.com/live/ | 
 | 9.| **腾讯云-部署到TKE** | 修改TKE集群密钥配置，支持Opaque和TLS证书类型。注意： 1. serverless集群请使用K8S部署插件； 2. Opaque类型需要【上传到腾讯云】作为前置任务； 3. ApiServer需要开通公网访问（或者certd可访问），实际上底层仍然是通过KubeClient进行部署 | 

docs/guide/plugins/dns-provider.md

@@ -9,18 +9,19 @@
 | 5.| **京东云** | 京东云DNS解析提供商 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
 | 7.| **新网** | 新网域名解析 | 
-| 8.| **cloudflare** | cloudflare dns provider | 
-| 9.| **dns.la** | dns.la | 
-| 10.| **godaddy** | GoDaddy | 
-| 11.| **华为云** | 华为云DNS解析提供商 | 
-| 12.| **namesilo** | namesilo dns provider | 
-| 13.| **雨云** | 雨云DNS解析提供商 | 
-| 14.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 15.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
-| 16.| **西部数码** | west dns provider | 
-| 17.| **Dns提供商Demo** | dns provider示例 | 
-| 18.| **51dns** | 51DNS | 
-| 19.| **新网互联** | 新网互联 | 
+| 8.| **BIND9 DNS** | 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录 | 
+| 9.| **cloudflare** | cloudflare dns provider | 
+| 10.| **dns.la** | dns.la | 
+| 11.| **godaddy** | GoDaddy | 
+| 12.| **华为云** | 华为云DNS解析提供商 | 
+| 13.| **namesilo** | namesilo dns provider | 
+| 14.| **雨云** | 雨云DNS解析提供商 | 
+| 15.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 16.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 17.| **西部数码** | west dns provider | 
+| 18.| **Dns提供商Demo** | dns provider示例 | 
+| 19.| **51dns** | 51DNS | 
+| 20.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.39.1"
+  "version": "1.39.5"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/publishlab/node-acme-client/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.4](https://github.com/publishlab/node-acme-client/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.3](https://github.com/publishlab/node-acme-client/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.39.2](https://github.com/publishlab/node-acme-client/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/publishlab/node-acme-client/commit/10dd89ae62e438a211a15e729559af823a096583))
+
 ## [1.39.1](https://github.com/publishlab/node-acme-client/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.39.1",
+    "version": "1.39.5",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.39.1",
+        "@certd/basic": "^1.39.5",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.9.0",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+    "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/core/acme-client/src/auto.js

@@ -174,7 +174,7 @@ export default async (client, userOpts) => {
 
 
         } catch (e) {
-            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
+            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message || e}`);
             await deactivateAuth(e);
             throw e;
         }

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-23:44
+00:48

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -47,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/core/basic/src/utils/util.log.ts

@@ -19,6 +19,7 @@ export function resetLogConfigure() {
 }
 resetLogConfigure();
 export const logger: ILogger = log4js.getLogger("default") as any;
+logger.addSecret = (secret: string) => {};
 
 export function resetLogFilePath(filePath: string) {
   logFilePath = filePath;
@@ -106,8 +107,8 @@ export class PipelineLogger implements ILogger {
   logger: ILogger;
   customWriter!: (text: string) => void;
 
-  constructor(name: string, write: (text: string) => void) {
-    this.customWriter = write;
+  constructor(name: string, write?: (text: string) => void) {
+    this.customWriter = write || (() => {});
     //@ts-ignore
     this.logger = log4js.getLogger(name);
   }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.39.1",
-    "@certd/plus-core": "^1.39.1",
+    "@certd/basic": "^1.39.5",
+    "@certd/plus-core": "^1.39.5",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/core/pipeline/src/plugin/api.ts

@@ -18,6 +18,7 @@ export type PluginRequestHandleReq<T = any> = {
   input: T;
   data: any;
   record: { id: number; type: string; title: string };
+  fromType?: "sys" | "user"; // sys、user
 };
 
 export type UserInfo = {

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.39.1",
+  "version": "1.39.5",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.39.1",
+    "@certd/basic": "^1.39.5",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+
+### Performance Improvements
+
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/lib-server

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.39.1",
+  "version": "1.39.5",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.39.1",
-    "@certd/basic": "^1.39.1",
-    "@certd/pipeline": "^1.39.1",
-    "@certd/plugin-lib": "^1.39.1",
-    "@certd/plus-core": "^1.39.1",
+    "@certd/acme-client": "^1.39.5",
+    "@certd/basic": "^1.39.5",
+    "@certd/pipeline": "^1.39.5",
+    "@certd/plugin-lib": "^1.39.5",
+    "@certd/plus-core": "^1.39.5",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts

@@ -9,7 +9,7 @@ import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
 import { BaseService, setAdminMode } from '../../../basic/index.js';
 import { executorQueue } from '../../basic/service/executor-queue.js';
-import { isComm } from '@certd/plus-core';
+import { isComm, isPlus } from '@certd/plus-core';
 const { merge } = mergeUtils;
 
 let lastSaveEnvVars = {};
@@ -155,7 +155,9 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
 
   async reloadPublicSettings() {
     const publicSetting = await this.getPublicSettings()
-    setAdminMode(publicSetting.adminMode)
+    if (isPlus()){
+      setAdminMode(publicSetting.adminMode  ) 
+    }
   }
 
   async reloadPrivateSettings() {

packages/libs/lib-server/src/user/access/service/access-service.ts

@@ -244,10 +244,11 @@ export class AccessService extends BaseService<AccessEntity> {
     }
     const newAccess = {
       ...access,
+      userId:-1,
       id: undefined,
       projectId,
     }
-    await this.add(newAccess);
+    await this.repository.save(newAccess);
     return newAccess.id;
   }
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.39.1",
+  "version": "1.39.5",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.39.1",
-    "@certd/basic": "^1.39.1",
-    "@certd/pipeline": "^1.39.1",
-    "@certd/plugin-lib": "^1.39.1",
+    "@certd/acme-client": "^1.39.5",
+    "@certd/basic": "^1.39.5",
+    "@certd/pipeline": "^1.39.5",
+    "@certd/plugin-lib": "^1.39.5",
     "psl": "^1.9.0",
     "punycode.js": "^2.3.1"
   },
@@ -38,5 +38,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,27 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.39.1",
+  "version": "1.39.5",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.11",
     "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.39.1",
-    "@certd/basic": "^1.39.1",
-    "@certd/pipeline": "^1.39.1",
-    "@certd/plus-core": "^1.39.1",
+    "@certd/acme-client": "^1.39.5",
+    "@certd/basic": "^1.39.5",
+    "@certd/pipeline": "^1.39.5",
+    "@certd/plus-core": "^1.39.5",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "590ff67fcb40ff8ba0f7b2a9592b51d9fb54a2ef"
+  "gitHead": "aacee4a94c2e2481be8a307fb5a6a5d04a09dda7"
 }

packages/plugins/plugin-lib/src/cert/cert-reader.ts

@@ -2,6 +2,7 @@ import fs from "fs";
 import os from "os";
 import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
+import cryptoLib from "crypto";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
 import { uniq } from "lodash-es";
@@ -119,9 +120,28 @@ export class CertReader {
     const detail = crypto.readCertificateInfo(crt.toString());
     const effective = detail.notBefore;
     const expires = detail.notAfter;
+    const fingerprints = CertReader.getFingerprintX509(crt);
+    // @ts-ignore
+    detail.fingerprints = fingerprints;
     return { detail, effective, expires };
   }
 
+  static getFingerprintX509(crt: string) {
+    try {
+      // 创建X509Certificate实例
+      const cert = new cryptoLib.X509Certificate(crt);
+      // 获取指纹
+      return {
+        fingerprint: cert.fingerprint,
+        fingerprint256: cert.fingerprint256,
+        fingerprint512: cert.fingerprint512,
+      };
+    } catch (error) {
+      console.error("处理证书失败:", error.message);
+      return null;
+    }
+  }
+
   getAllDomains() {
     const { detail } = this.getCrtDetail();
     const domains = [];

packages/plugins/plugin-lib/src/cert/dns-provider/api.ts

@@ -1,5 +1,5 @@
 import { HttpClient, ILogger, utils } from "@certd/basic";
-import { IAccess, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
+import { IAccess, IAccessService, IServiceGetter, PageRes, PageSearch, Registrable } from "@certd/pipeline";
 
 export type DnsProviderDefine = Registrable & {
   accessType: string;
@@ -26,6 +26,7 @@ export type DnsProviderContext = {
   utils: typeof utils;
   domainParser: IDomainParser;
   serviceGetter: IServiceGetter;
+  accessGetter?: IAccessService;
 };
 
 export type DomainRecord = {

packages/plugins/plugin-lib/src/cert/dns-provider/base.ts

@@ -1,5 +1,5 @@
 import { HttpClient, ILogger } from "@certd/basic";
-import { PageRes, PageSearch } from "@certd/pipeline";
+import { IAccessService, PageRes, PageSearch } from "@certd/pipeline";
 import punycode from "punycode.js";
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, DomainRecord, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
@@ -59,6 +59,11 @@ export async function createDnsProvider(opts: { dnsProviderType: string; context
   if (dnsProviderDefine.deprecated) {
     context.logger.warn(dnsProviderDefine.deprecated);
   }
+
+  if (!context.accessGetter) {
+    const accessGetter: IAccessService = await context.serviceGetter.get("accessService");
+    context.accessGetter = accessGetter;
+  }
   // @ts-ignore
   const dnsProvider: IDnsProvider = new DnsProviderClass();
   dnsProvider.setCtx(context);

packages/plugins/plugin-lib/src/common/util.ts

@@ -43,6 +43,7 @@ export function createRemoteSelectInputDefine(opts?: {
   pager?: boolean;
   component?: any;
   value?: any;
+  pageSize?: number;
 }) {
   const title = opts?.title || "请选择";
   const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -54,13 +55,11 @@ export function createRemoteSelectInputDefine(opts?: {
   const helper = opts?.helper || "请选择";
   const search = opts?.search ?? false;
   const pager = opts?.pager ?? false;
-  let mode = "tags";
-  if (opts.multi === false) {
-    mode = undefined;
-  } else {
-    mode = opts?.mode ?? "tags";
+  let mode = "default";
+  const multi = opts?.multi ?? true;
+  if (multi) {
+    mode = "tags";
   }
-
   const item = {
     title,
     component: {
@@ -72,6 +71,8 @@ export function createRemoteSelectInputDefine(opts?: {
       action,
       search,
       pager,
+      multi,
+      pageSize: opts?.pageSize,
       watches: [certDomainsInputKey, accessIdInputKey, ...watches],
       ...opts.component,
     },

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,54 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Bug Fixes
+
+* 修复修改分组报错的bug ([224db7d](https://github.com/certd/certd/commit/224db7da57dbdddf25bcac7faa0a29eb228c5a33))
+
+### Performance Improvements
+
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+* 修复查看证书详情页面错位的bug ([7f37df4](https://github.com/certd/certd/commit/7f37df42274e657892d92e868ceac67e139f3bf2))
+* 修复选择插件页面无法滚动的bug ([d8425bc](https://github.com/certd/certd/commit/d8425bc9c5ee81bb669706c6de6bad69d7c38d8e))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复多选框只能单选的bug ([12700e1](https://github.com/certd/certd/commit/12700e1754319513ac02822ff1588d63420b964e))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* 修复提示支付失败的bug ([12fed34](https://github.com/certd/certd/commit/12fed34e109f3254de664813954081a52513bd38))
+* 修复修改项目名称后，没有同步刷新的bug ([3abee72](https://github.com/certd/certd/commit/3abee72fee286864b665033b23b172ef0ea92d83))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化阿里云连接超时时长为10秒，支持配置环境变量 ([1588461](https://github.com/certd/certd/commit/1588461633bd275765daa96fc68320abb58d616d))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.39.1",
+  "version": "1.39.5",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.39.1",
-    "@certd/pipeline": "^1.39.1",
+    "@certd/lib-iframe": "^1.39.5",
+    "@certd/pipeline": "^1.39.5",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/plugins/common/api-test.vue

@@ -19,6 +19,7 @@ defineOptions({
   name: "ApiTest",
 });
 
+const fromType: any = inject("getFromType");
 const getScope: any = inject("get:scope");
 const getPluginType: any = inject("get:plugin:type", () => {
   return "access";
@@ -55,6 +56,7 @@ const doTest = async () => {
         action: props.action,
         input,
         record,
+        fromType,
       },
       {
         onError(err: any) {

packages/ui/certd-client/src/components/plugins/common/remote-select.vue

@@ -1,7 +1,7 @@
 <template>
   <div class="remote-select">
     <div class="flex flex-row">
-      <a-select class="remote-select-input" show-search mode="tags" :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="updateValue($event)">
+      <a-select ref="selectRef" class="remote-select-input" show-search :filter-option="filterOption" :options="optionsRef" :value="value" v-bind="attrs" @click="onClick" @update:value="updateValue($event)">
         <template #dropdownRender="{ menuNode: menu }">
           <template v-if="search">
             <div class="flex w-full" style="padding: 4px 8px">
@@ -44,6 +44,8 @@ defineOptions({
   name: "RemoteSelect",
 });
 
+const selectRef = ref(null);
+
 const VNodes = defineComponent({
   props: {
     vnodes: {
@@ -62,6 +64,7 @@ const props = defineProps<
     search?: boolean;
     pager?: boolean;
     multi?: boolean;
+    pageSize?: number;
   } & ComponentPropsType
 >();
 
@@ -70,12 +73,15 @@ const emit = defineEmits<{
 }>();
 
 function updateValue(value: any) {
-  if (props.multi) {
-    emit("update:value", value);
-  } else {
-    const last = value?.[value.length - 1];
-    emit("update:value", last);
-  }
+  // if (props.multi !== false) {
+  //   emit("update:value", value);
+  // } else {
+  //   const last = value?.[value.length - 1];
+  //   emit("update:value", last);
+  //   selectRef.value.blur();
+  // }
+
+  emit("update:value", value);
 }
 
 const attrs = useAttrs();
@@ -90,7 +96,6 @@ const getPluginType: any = inject("get:plugin:type", () => {
   return "plugin";
 });
 
-debugger;
 const searchKeyRef = ref("");
 const optionsRef = ref([]);
 const message = ref("");
@@ -99,7 +104,7 @@ const loading = ref(false);
 const pagerRef: Ref = ref({
   pageNo: 1,
   total: 0,
-  pageSize: 100,
+  pageSize: props.pageSize || 100,
 });
 const getOptions = async () => {
   if (loading.value) {

packages/ui/certd-client/src/components/plugins/lib/index.ts

@@ -13,11 +13,12 @@ export type RequestHandleReq<T = any> = {
   data?: any;
   input: T;
   record?: any;
+  fromType?: string; // sys、user
 };
 
 export async function doRequest(req: RequestHandleReq, opts: any = {}) {
   const url = `/pi/handle/${req.type}`;
-  const { typeName, action, data, input, record } = req;
+  const { typeName, action, data, input, record, fromType } = req;
   const res = await request({
     url,
     method: "post",
@@ -27,6 +28,7 @@ export async function doRequest(req: RequestHandleReq, opts: any = {}) {
       data,
       input,
       record,
+      fromType,
     },
     ...opts,
   });

packages/ui/certd-client/src/components/project-selector/index.vue

@@ -18,7 +18,8 @@
     </template>
     <div class="rounded pl-3 pr-3 px-2 py-1 flex-center flex pointer items-center bg-accent h-10 button-text" title="当前项目">
       <!-- <fs-icon icon="ion:apps" class="mr-1"></fs-icon> -->
-      当前项目：{{ projectStore.currentProject?.name || "..." }}
+      <span class="hidden md:flex"> 当前项目：</span>
+      <span class="text-ellipsis">{{ projectStore.currentProject?.name || "..." }}</span>
       <fs-icon :icon="currentIcon" class="ml-5"></fs-icon>
     </div>
   </a-dropdown>
@@ -58,7 +59,7 @@ const currentIcon = computed(() => {
 <style lang="less">
 .project-selector {
   &.button-text {
-    min-width: 150px;
+    min-width: 100px;
     max-width: 250px;
     overflow: hidden;
     text-overflow: ellipsis;

packages/ui/certd-client/src/components/vip-button/vip-modal-content.vue

@@ -90,7 +90,7 @@
     <div class="mt-10">
       <div class="w-100 flex-col md:flex-row">
         <span>{{ t("vip.site_id") }}：</span>
-        <fs-copyable v-model="computedSiteId" class="mr-2"></fs-copyable>
+        <fs-copyable v-model="computedSiteId" class="mr-2 inline-flex"></fs-copyable>
         <a @click="goBindAccount">{{ t("vip.not_effective") }}</a>
       </div>
     </div>

packages/ui/certd-client/src/layout/components/user-info/index.vue

@@ -1,6 +1,6 @@
 <template>
   <a-dropdown>
-    <div class="fs-user-info">{{ t("user.greeting") }}，{{ userStore.getUserInfo?.nickName || userStore.getUserInfo?.username }}</div>
+    <div class="fs-user-info" @click="goUserProfile">{{ t("user.greeting") }}，{{ userStore.getUserInfo?.nickName || userStore.getUserInfo?.username }}</div>
     <template #overlay>
       <a-menu>
         <a-menu-item>

packages/ui/certd-client/src/layout/layout-basic.vue

@@ -48,6 +48,9 @@ const avatar = computed(() => {
 async function handleLogout() {
   await userStore.logout(true);
 }
+function goUserProfile() {
+  router.push("/certd/mine/user-profile");
+}
 
 const settingStore = useSettingStore();
 
@@ -90,7 +93,7 @@ const projectStore = useProjectStore();
       </div>
     </template>
     <template #user-dropdown>
-      <UserDropdown :avatar="avatar" :menus="menus" :text="userStore.userInfo?.nickName || userStore.userInfo?.username" description="" tag-text="" @logout="handleLogout" />
+      <UserDropdown :avatar="avatar" :menus="menus" :text="userStore.userInfo?.nickName || userStore.userInfo?.username" description="" tag-text="" @logout="handleLogout" @user-profile="goUserProfile" />
     </template>
     <template #lock-screen>
       <LockScreen :avatar @to-login="handleLogout" />

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -103,4 +103,6 @@ export default {
   deviceNameHelper: "Please enter the device name， used to identify the device",
   passkeyRegisterHelper: "Site domain change will invalidate passkey",
   userInfo: "User Info",
+  securitySettingTip: "2FA Setting",
+  securitySetting: "2FA Setting",
 };

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -105,4 +105,6 @@ export default {
   deviceNameHelper: "请输入当前设备名称，绑定多个时好做区分",
   passkeyRegisterHelper: "1、站点域名变更会导致passkey失效;\n2、同一设备同一个用户绑定多次只有最后一次的有效，之前绑定的会失效，需要手动删除",
   userInfo: "账号信息",
+  securitySettingTip: "2FA设置",
+  securitySetting: "2FA设置",
 };

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -782,7 +782,7 @@ export default {
       oauthOnlyHelper: "是否仅使用第三方登录，关闭密码登录（注意：请务必在测试第三方登录功能正常后再开启，否则会导致无法登录）\n 如果无法登录，请访问 http://你的certd地址/#/login?oauthOnly=false 来临时关闭此模式",
       enablePasskey: "启用Passkey登录",
       passkeyHostnameNotSame: "当前域名与主绑定域名不同",
-      passkeyEnabledHelper: "1、站点必须启用https \n2、域名不要变，否则会导致已注册的passkey失效 \n3、域名以主绑定域名为准，当前主域名:{0}",
+      passkeyEnabledHelper: "1、站点必须启用https \n2、passkey的rpId以主绑定域名为准，当前主域名:{0} \n3、站点域名不能变，否则会导致已注册的passkey失效。",
       email: {
         templates: "邮件模板",
         templateType: "模板类型",

packages/ui/certd-client/src/style/common.less

@@ -21,8 +21,10 @@ div#app {
   height: 100%;
 }
 
-pre.pre {
-  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+pre{
+  &.pre,&.helper{
+   font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji" !important;
+  }
 }
 
 h1,

packages/ui/certd-client/src/vben/layouts/widgets/user-dropdown/user-dropdown.vue

@@ -67,7 +67,7 @@ const props = withDefaults(defineProps<Props>(), {
   hoverDelay: 500,
 });
 
-const emit = defineEmits<{ logout: [] }>();
+const emit = defineEmits<{ logout: []; userProfile: [] }>();
 
 const { globalLockScreenShortcutKey, globalLogoutShortcutKey } = usePreferences();
 const lockStore = useLockStore();
@@ -132,6 +132,11 @@ function handleSubmitLogout() {
   logoutModalApi.close();
 }
 
+function handleUserProfile() {
+  emit("userProfile");
+  openPopover.value = false;
+}
+
 if (enableShortcutKey.value) {
   const keys = useMagicKeys();
   whenever(keys["Alt+KeyQ"]!, () => {
@@ -173,7 +178,7 @@ if (enableShortcutKey.value) {
     </DropdownMenuTrigger>
     <DropdownMenuContent class="mr-2 min-w-[240px] p-0 pb-1">
       <div ref="refContent">
-        <DropdownMenuLabel class="flex items-center p-3">
+        <DropdownMenuLabel class="flex items-center p-3 pointer" @click="handleUserProfile">
           <VbenAvatar :alt="text" :src="avatar" class="size-12" dot dot-class="bottom-0 right-1 border-2 size-4 bg-green-500" />
           <div class="ml-2 w-full">
             <div v-if="tagText || text || $slots.tagText" class="text-foreground mb-1 flex items-center text-sm font-medium">

packages/ui/certd-client/src/views/certd/access/api.ts

@@ -3,6 +3,7 @@ import { request } from "/src/api/service";
 export function createAccessApi(from = "user") {
   const apiPrefix = from === "sys" ? "/sys/access" : "/pi/access";
   return {
+    from,
     async GetList(query: any) {
       if (query?.query) {
         delete query.query.access;

packages/ui/certd-client/src/views/certd/access/common.tsx

@@ -6,6 +6,7 @@ import SecretPlainGetter from "/@/views/certd/access/access-selector/access/secr
 import { utils } from "/@/utils";
 
 export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any) {
+  provide("getFromType", api.from);
   provide("accessApi", api);
   provide("get:plugin:type", () => {
     return "access";

packages/ui/certd-client/src/views/certd/mine/user-profile.vue

@@ -35,19 +35,23 @@
                 </a-tag>
               </div>
             </div>
-            <div class="action-buttons">
+            <div class="action-buttons gap-2">
               <a-button type="primary" class="action-btn" @click="doUpdate">
                 {{ t("authentication.updateProfile") }}
               </a-button>
-              <change-password-button class="ml-10" :show-button="true" />
+              <change-password-button :show-button="true" />
+
+              <a-button type="primary" class="action-btn" @click="goSecuritySetting">
+                {{ t("authentication.securitySettingTip") }}
+              </a-button>
             </div>
           </div>
         </div>
       </div>
 
       <div class="flex flex-wrap">
-        <div class="w-full md:w-1/2 md:pr-2">
-          <div v-if="settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="bindings-card md:rounded">
+        <div v-if="settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="w-full md:w-1/2">
+          <div class="bindings-card md:rounded">
             <div class="card-title">
               <fs-icon icon="ion:link-outline" class="title-icon" />
               <span>第三方账号绑定</span>
@@ -80,15 +84,15 @@
           </div>
         </div>
 
-        <div class="w-full md:w-1/2 md:pl-2">
-          <div v-if="settingStore.sysPublic.passkeyEnabled && settingStore.isPlus" class="passkey-card md:rounded">
+        <div v-if="settingStore.sysPublic.passkeyEnabled && settingStore.isPlus" class="w-full md:w-1/2">
+          <div class="passkey-card md:rounded">
             <div class="card-title">
               <fs-icon icon="ion:finger-print" class="title-icon" />
               <span>Passkey 安全密钥</span>
             </div>
             <div class="passkey-list">
               <div v-for="passkey in passkeys" :key="passkey.id" class="passkey-item">
-                <div class="passkey-icon">
+                <div class="passkey-icon hidden md:flex">
                   <fs-icon icon="ion:finger-print" class="icon" />
                 </div>
                 <div class="passkey-info">
@@ -122,7 +126,7 @@
               <template #icon><fs-icon icon="ion:add-circle-outline" /></template>
               注册新的Passkey
             </a-button>
-            <pre class="helper">{{ t("authentication.passkeyRegisterHelper") }}</pre>
+            <pre class="helper pre">{{ t("authentication.passkeyRegisterHelper") }}</pre>
           </div>
         </div>
       </div>
@@ -142,6 +146,7 @@ import { useSettingStore } from "/@/store/settings";
 import { isEmpty } from "lodash-es";
 import { dict } from "@fast-crud/fast-crud";
 import dayjs from "dayjs";
+import { useRouter } from "vue-router";
 
 const { t } = useI18n();
 
@@ -175,6 +180,11 @@ function doUpdate() {
   });
 }
 
+const router = useRouter();
+function goSecuritySetting() {
+  router.push("/certd/mine/security");
+}
+
 const oauthBounds = ref([]);
 const oauthProviders = ref([]);
 
@@ -278,20 +288,32 @@ async function doRegisterPasskey(deviceName: string) {
     //   type: "public-key",
     // }));
 
-    const credential = await (navigator.credentials as any).create({
-      publicKey: {
-        challenge: Uint8Array.from(atob(options.challenge.replace(/-/g, "+").replace(/_/g, "/")), c => c.charCodeAt(0)),
-        rp: options.rp,
-        pubKeyCredParams: options.pubKeyCredParams,
-        timeout: options.timeout || 60000,
-        attestation: options.attestation,
-        // excludeCredentials: excludeCredentials,
-        user: {
-          id: new TextEncoder().encode(options.userId + ""),
-          name: userInfo.value.username,
-          displayName: deviceName,
-        },
+    console.log("passkey register options:", options, JSON.stringify(options));
+    const publicKey = {
+      challenge: Uint8Array.from(atob(options.challenge.replace(/-/g, "+").replace(/_/g, "/")), c => c.charCodeAt(0)),
+      rp: options.rp,
+      pubKeyCredParams: options.pubKeyCredParams,
+      timeout: options.timeout || 60000,
+      // attestation: options.attestation,
+      // excludeCredentials: excludeCredentials,
+      // extensions: options.extensions,
+      // authenticatorSelection: options.authenticatorSelection,
+      // hints: options.hints,
+      user: {
+        id: new TextEncoder().encode(options.userId + ""),
+        name: userInfo.value.username + "@" + deviceName,
+        displayName: deviceName,
       },
+      // 关键配置在这里 👇
+      authenticatorSelection: {
+        residentKey: "required", // 或 "preferred"，请求创建可发现凭证
+        requireResidentKey: true, // 为兼容旧浏览器，设置与 residentKey 相同的值
+        userVerification: "preferred", // 用户验证策略
+      },
+    };
+    console.log("passkey register publicKey:", publicKey, JSON.stringify(publicKey));
+    const credential = await (navigator.credentials as any).create({
+      publicKey,
     });
 
     if (!credential) {
@@ -308,9 +330,9 @@ async function doRegisterPasskey(deviceName: string) {
       },
     };
     console.log("credential", credential, response);
-    debugger;
 
     const verifyRes: any = await api.verifyPasskeyRegistration(response, options.challenge, deviceName);
+    console.log("verifyRes:", verifyRes, JSON.stringify(verifyRes));
     await loadPasskeys();
   } catch (e: any) {
     console.error("Passkey注册失败:", e);
@@ -491,16 +513,17 @@ onMounted(async () => {
 .profile-container {
   display: flex;
   flex-direction: column;
-  gap: 20px;
+  gap: 10px;
   // max-width: 1000px;
 
   .profile-card,
   .bindings-card,
   .passkey-card {
-    background: linear-gradient(135deg, #ffffff 0%, #f8f9fa 100%);
+    background: #fff;
     box-shadow: 0 4px 20px rgba(0, 0, 0, 0.08);
     overflow: hidden;
     transition: all 0.3s ease;
+    margin: 5px;
   }
 
   .bindings-card,
@@ -721,7 +744,6 @@ onMounted(async () => {
   .passkey-icon {
     width: 48px;
     height: 48px;
-    display: flex;
     align-items: center;
     justify-content: center;
     background: linear-gradient(135deg, #11998e 0%, #38ef7d 100%);
@@ -749,8 +771,8 @@ onMounted(async () => {
   .passkey-meta {
     display: flex;
     flex-wrap: wrap;
-    gap: 12px;
-    font-size: 13px;
+    gap: 4px;
+    font-size: 12px;
   }
 
   .meta-item {

packages/ui/certd-client/src/views/certd/open/openkey/api.ts

@@ -50,4 +50,12 @@ export const openkeyApi = {
       data: { id },
     });
   },
+
+  async GetSecret(id: number) {
+    return await request({
+      url: apiPrefix + "/getSecret",
+      method: "post",
+      data: { id },
+    });
+  },
 };

packages/ui/certd-client/src/views/certd/open/openkey/crud.tsx

@@ -145,6 +145,23 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           column: {
             width: 580,
             sorter: true,
+            cellRender: ({ row, value }) => {
+              async function getSecret(id: number) {
+                row.keySecret = await api.GetSecret(id);
+              }
+              if (value.includes("*")) {
+                return (
+                  <div class="flex items-center flex-between">
+                    {value}
+                    <a-button type="primary" size="small" onClick={() => getSecret(row.id)}>
+                      查看密钥
+                    </a-button>
+                  </div>
+                );
+              } else {
+                return <fs-copyable model-value={value}></fs-copyable>;
+              }
+            },
           },
         },
         scope: {

packages/ui/certd-client/src/views/certd/pipeline/api.ts

@@ -154,6 +154,7 @@ export type CertInfo = {
   ic: string;
   der: string;
   pfx: string;
+  detail: any;
 };
 
 export async function GetCert(pipelineId: number): Promise<CertInfo> {

packages/ui/certd-client/src/views/certd/pipeline/cert-view.vue

@@ -1,12 +1,47 @@
 <template>
   <div class="cert-view">
-    <a-list item-layout="vertical" :data-source="certFiles">
+    <div class="cert-detail mt-4">
+      <a-descriptions class="w-full" bordered :column="2" size="small">
+        <a-descriptions-item label="主域名">
+          <a-tag color="blue">{{ props.cert.detail?.domains?.commonName || "-" }}</a-tag>
+        </a-descriptions-item>
+        <a-descriptions-item label="颁发机构">
+          <a-tag color="green">{{ props.cert.detail?.issuer?.commonName || "-" }}</a-tag>
+        </a-descriptions-item>
+        <a-descriptions-item label="备用域名" :span="2">
+          <a-tag v-for="(domain, index) in props.cert.detail?.domains?.altNames || []" :key="index" color="blue">
+            {{ domain }}
+          </a-tag>
+          <span v-if="!props.cert.detail?.domains?.altNames?.length">-</span>
+        </a-descriptions-item>
+        <a-descriptions-item label="生效时间">
+          {{ formatDate(props.cert.detail?.notBefore) }}
+        </a-descriptions-item>
+        <a-descriptions-item label="过期时间">
+          {{ formatDate(props.cert.detail?.notAfter) }}
+        </a-descriptions-item>
+        <a-descriptions-item label="指纹">
+          <div class="w-full flex flex-col fingerprint">
+            <div class="flex flex-nowrap">
+              <span class="font-bold label">SHA-1:</span> <fs-copyable class="inline-flex overflow-ellipsis text" :model-value="props.cert.detail?.fingerprints?.fingerprint || '-'"></fs-copyable>
+            </div>
+            <div class="flex flex-nowrap mt-1">
+              <span class="font-bold label">SHA-256:</span> <fs-copyable class="inline-flex overflow-ellipsis text" :model-value="props.cert.detail?.fingerprints?.fingerprint256 || '-'"></fs-copyable>
+            </div>
+            <div class="flex flex-nowrap mt-1">
+              <span class="font-bold label">SHA-512:</span> <fs-copyable class="inline-flex overflow-ellipsis text" :model-value="props.cert.detail?.fingerprints?.fingerprint512 || '-'"></fs-copyable>
+            </div>
+          </div>
+        </a-descriptions-item>
+      </a-descriptions>
+    </div>
+    <a-list item-layout="vertical" :data-source="certFiles" class="cert-content">
       <template #renderItem="{ item }">
         <a-list-item key="item.key">
           <a-list-item-meta>
             <template #title>
               <div class="title">
-                <div>{{ item.name }}({{ item.fileName }})</div>
+                <div class="font-bold">{{ item.name }}({{ item.fileName }})</div>
                 <fs-copyable :model-value="item.content" :button="{ show: false }">
                   <a-tag color="success">复制</a-tag>
                 </fs-copyable>
@@ -34,10 +69,25 @@ const certFiles = ref([
   { name: "私钥", fileName: "private.pem", key: "key", content: props.cert.key },
   { name: "中间证书", fileName: "chain.pem", key: "ic", content: props.cert.ic },
 ]);
+
+function formatDate(dateStr: string): string {
+  if (!dateStr) return "-";
+  const date = new Date(dateStr);
+  return date.toLocaleString("zh-CN", {
+    year: "numeric",
+    month: "2-digit",
+    day: "2-digit",
+    hour: "2-digit",
+    minute: "2-digit",
+    second: "2-digit",
+    hour12: false,
+  });
+}
 </script>
 
 <style lang="less">
 .cert-view {
+  margin-right: 25px;
   .title {
     display: flex;
     justify-content: space-between;
@@ -46,5 +96,32 @@ const certFiles = ref([
     margin-block-end: 0px !important;
     margin-top: 10px;
   }
+
+  .cert-detail {
+    table {
+      width: 100%;
+      table-layout: fixed !important;
+    }
+    .ant-descriptions-item-label {
+      width: 90px;
+    }
+    .fingerprint {
+      .label {
+        width: 70px;
+        flex-shrink: 0;
+      }
+      .text {
+        white-space: nowrap;
+        overflow: hidden;
+        flex-grow: 1;
+      }
+    }
+  }
+  .cert-content {
+    .ant-list-item {
+      padding-left: 0;
+      padding-right: 0;
+    }
+  }
 }
 </style>

packages/ui/certd-client/src/views/certd/pipeline/certd-form/use.tsx

@@ -115,7 +115,7 @@ export function useCertPipelineCreator() {
       label: "name",
     });
 
-    const DEFAULT_RENEW_DAYS = settingStore.sysPublic.defaultCertRenewDays || settingStore.sysPublic.defaultWillExpireDays || 15;
+    const DEFAULT_RENEW_DAYS = settingStore.sysPublic.defaultCertRenewDays || settingStore.sysPublic.defaultWillExpireDays || 20;
 
     merge(inputs, {
       renewDays: {
@@ -347,7 +347,7 @@ export function useCertPipelineCreator() {
                     title: "申请证书",
                     runnableType: "step",
                     input: {
-                      renewDays: 15,
+                      renewDays: 20,
                       ...pluginInput,
                     },
                     strategy: {

packages/ui/certd-client/src/views/certd/pipeline/detail.vue

@@ -30,12 +30,13 @@ const pipelineOptions: PipelineOptions = {
     return {
       pipeline: {
         id: detail.pipeline.id,
-        userId: detail.pipeline.userId,
         stages: [],
         triggers: [],
         ...JSON.parse(detail.pipeline.content || "{}"),
         type: detail.pipeline.type,
         from: detail.pipeline.from,
+        userId: detail.pipeline.userId,
+        projectId: detail.pipeline.projectId,
       },
       validTime: detail.pipeline.validTime,
       webhookKey: detail.pipeline.webhookKey,

packages/ui/certd-client/src/views/certd/pipeline/index.vue

@@ -42,7 +42,7 @@
           <change-group v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-group>
           <change-notification v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-notification>
           <change-trigger v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-trigger>
-          <change-project v-if="hasActionPermission('write')" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-project>
+          <change-project v-if="hasActionPermission('write') && settingStore.isEnterprise" :selected-row-keys="selectedRowKeys" @change="batchFinished"></change-project>
         </div>
       </div>
       <template #form-bottom>

packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue

@@ -25,7 +25,7 @@
           </a-row>
         </template>
         <div class="flex-col h-100 overflow-hidden md:ml-5 md:mr-5 step-form-body">
-          <a-tabs v-model:active-key="pluginGroupActive" tab-position="left" class="flex-1 overflow-hidden">
+          <a-tabs v-model:active-key="pluginGroupActive" tab-position="left" class="flex-1 overflow-hidden h-full">
             <template v-for="group of computedPluginGroups" :key="group.key">
               <a-tab-pane v-if="(group.key === 'admin' && userStore.isAdmin) || group.key !== 'admin'" :key="group.key" class="scroll-y">
                 <template #tab>

packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/task-form/index.vue

@@ -72,14 +72,13 @@ import * as _ from "lodash-es";
 import { nanoid } from "nanoid";
 import PiStepForm from "../step-form/index.vue";
 import { Modal } from "ant-design-vue";
-import { CopyOutlined } from "@ant-design/icons-vue";
 import VDraggable from "vuedraggable";
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
 import { filter } from "lodash-es";
 export default {
   name: "PiTaskForm",
-  components: { CopyOutlined, PiStepForm, VDraggable },
+  components: { PiStepForm, VDraggable },
   props: {
     editMode: {
       type: Boolean,

packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue

@@ -805,9 +805,11 @@ export default defineComponent({
         let errorMessages: any = [];
         let errorIndex = 1;
         eachSteps(pp, (step: any, task: any, stage: any) => {
-          if (step.disabled !== true) {
-            stepIds.push(step.id);
+          if (step.disabled === true) {
+            return;
           }
+          stepIds.push(step.id);
+
           if (step.input) {
             for (const key in step.input) {
               const value = step.input[key];

packages/ui/certd-client/src/views/framework/login/index.vue

@@ -46,21 +46,11 @@
               </a-form-item>
             </template>
           </a-tab-pane>
-          <a-tab-pane key="passkey" :tab="t('authentication.passkeyTab')">
-            <template v-if="formState.loginType === 'passkey'">
-              <div v-if="!passkeySupported" class="text-red-500 text-sm mt-2 text-center mb-10">
-                {{ t("authentication.passkeyNotSupported") }}
-              </div>
-            </template>
-          </a-tab-pane>
         </a-tabs>
         <a-form-item>
-          <a-button v-if="formState.loginType !== 'passkey'" type="primary" size="large" html-type="button" :loading="loading" class="login-button" @click="handleFinish">
+          <a-button type="primary" size="large" html-type="button" :loading="loading" class="login-button" @click="handleFinish">
             {{ queryBindCode ? t("authentication.bindButton") : t("authentication.loginButton") }}
           </a-button>
-          <a-button v-else type="primary" size="large" html-type="button" :loading="loading" class="login-button" :disabled="!passkeySupported" @click="handlePasskeyLogin">
-            {{ t("authentication.passkeyLogin") }}
-          </a-button>
         </a-form-item>
         <a-form-item>
           <div class="mt-2 flex justify-between items-center">
@@ -73,7 +63,6 @@
                 {{ t("authentication.forgotPassword") }}
               </a>
             </div>
-
             <router-link v-if="hasRegisterTypeEnabled() && !queryBindCode" class="register" :to="{ name: 'register' }">
               {{ t("authentication.registerLink") }}
             </router-link>
@@ -81,7 +70,7 @@
         </a-form-item>
       </template>
 
-      <div v-if="!queryBindCode && settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="w-full">
+      <div v-if="!queryBindCode && (settingStore.sysPublic.oauthEnabled || settingStore.sysPublic.passkeyEnabled) && settingStore.isPlus" class="w-full">
         <oauth-footer :oauth-only="isOauthOnly"></oauth-footer>
       </div>
     </a-form>
@@ -195,57 +184,6 @@ const twoFactor = reactive({
   verifyCode: "",
 });
 
-const passkeySupported = ref(false);
-const passkeyEnabled = ref(false);
-
-const checkPasskeySupport = () => {
-  passkeySupported.value = false;
-  if (typeof window !== "undefined" && "credentials" in navigator && "PublicKeyCredential" in window) {
-    passkeySupported.value = true;
-  }
-};
-
-const handlePasskeyLogin = async () => {
-  if (!passkeySupported.value) {
-    notification.error({ message: t("authentication.passkeyNotSupported") });
-    return;
-  }
-
-  loading.value = true;
-  try {
-    const optionsResponse: any = await request({
-      url: "/passkey/generateAuthentication",
-      method: "post",
-    });
-    const options = optionsResponse;
-
-    const credential = await (navigator.credentials as any).get({
-      publicKey: {
-        challenge: Uint8Array.from(atob(options.challenge.replace(/-/g, "+").replace(/_/g, "/")), c => c.charCodeAt(0)),
-        rpId: options.rpId,
-        allowCredentials: options.allowCredentials || [],
-        timeout: options.timeout || 60000,
-      },
-    });
-
-    if (!credential) {
-      throw new Error("Passkey认证失败");
-    }
-
-    const loginRes: any = await UserApi.loginByPasskey({
-      credential,
-      challenge: options.challenge,
-    });
-
-    await userStore.onLoginSuccess(loginRes);
-  } catch (e: any) {
-    console.error("Passkey登录失败:", e);
-    notification.error({ message: e.message || "Passkey登录失败" });
-  } finally {
-    loading.value = false;
-  }
-};
-
 const handleFinish = async () => {
   loading.value = true;
   try {
@@ -294,9 +232,7 @@ const isOauthOnly = computed(() => {
   return sysPublicSettings.oauthOnly && settingStore.isPlus && sysPublicSettings.oauthEnabled;
 });
 
-onMounted(() => {
-  checkPasskeySupport();
-});
+onMounted(() => {});
 </script>
 
 <style lang="less">

packages/ui/certd-client/src/views/framework/login/passkey-login.vue

@@ -0,0 +1,85 @@
+<template>
+  <div v-if="passkeyEnabled && isPlus" class="oauth-icon-button" :class="{ pointer: passkeySupported }" @click="handlePasskeyLogin">
+    <div><fs-icon icon="ion:finger-print-outline" :class="{ 'text-blue-600': passkeySupported, 'text-gray-400': !passkeySupported }" class="text-40" /></div>
+    <div class="ellipsis title" :title="t('authentication.passkeyLogin')" :class="{ 'text-gray-400': !passkeySupported }">{{ t("authentication.passkeyLogin") }}</div>
+  </div>
+</template>
+
+<script lang="ts" setup>
+import { ref, computed, onMounted } from "vue";
+import { useI18n } from "/@/locales";
+import { useSettingStore } from "/@/store/settings";
+import { notification } from "ant-design-vue";
+import { request } from "/src/api/service";
+import * as UserApi from "/src/store/user/api.user";
+import { useUserStore } from "/src/store/user";
+
+const { t } = useI18n();
+const settingStore = useSettingStore();
+const userStore = useUserStore();
+
+const loading = ref(false);
+const passkeySupported = ref(false);
+
+const passkeyEnabled = computed(() => settingStore.sysPublic.passkeyEnabled);
+const isPlus = computed(() => settingStore.isPlus);
+
+const checkPasskeySupport = () => {
+  passkeySupported.value = false;
+  if (typeof window !== "undefined" && "credentials" in navigator && "PublicKeyCredential" in window) {
+    passkeySupported.value = true;
+  }
+};
+
+const handlePasskeyLogin = async () => {
+  if (!passkeySupported.value) {
+    notification.error({ message: t("authentication.passkeyNotSupported") });
+    return;
+  }
+
+  loading.value = true;
+  try {
+    const optionsResponse: any = await request({
+      url: "/passkey/generateAuthentication",
+      method: "post",
+    });
+    const options = optionsResponse;
+
+    console.log("passkey authentication options:", options, JSON.stringify(options));
+    const credential = await (navigator.credentials as any).get({
+      publicKey: {
+        challenge: Uint8Array.from(atob(options.challenge.replace(/-/g, "+").replace(/_/g, "/")), c => c.charCodeAt(0)),
+        rpId: options.rpId,
+        allowCredentials: options.allowCredentials || [],
+        timeout: options.timeout || 60000,
+        authenticatorSelection: {
+          residentKey: "required",
+          requireResidentKey: true,
+          userVerification: "preferred",
+        },
+      },
+    });
+
+    console.log("passkey authentication credential:", credential, JSON.stringify(credential));
+    if (!credential) {
+      throw new Error("Passkey认证失败");
+    }
+
+    const loginRes: any = await UserApi.loginByPasskey({
+      credential,
+      challenge: options.challenge,
+    });
+
+    await userStore.onLoginSuccess(loginRes);
+  } catch (e: any) {
+    console.error("Passkey登录失败:", e);
+    notification.error({ message: e.message || "Passkey登录失败" });
+  } finally {
+    loading.value = false;
+  }
+};
+
+onMounted(() => {
+  checkPasskeySupport();
+});
+</script>

packages/ui/certd-client/src/views/framework/oauth/oauth-footer.vue

@@ -3,7 +3,8 @@
     <div class="oauth-title">
       <div class="oauth-title-text">{{ computedTitle }}</div>
     </div>
-    <div class="flex justify-center items-center gap-4">
+    <div class="flex justify-center items-center gap-4 flex-wrap md:flex-nowrap">
+      <passkey-login></passkey-login>
       <template v-for="item in oauthProviderList" :key="item.type">
         <div v-if="item.addonId" class="oauth-icon-button pointer" @click="goOauthLogin(item.name)">
           <div><fs-icon :icon="item.icon" class="text-blue-600 text-40" /></div>
@@ -19,6 +20,7 @@ import * as api from "./api";
 import { useI18n } from "vue-i18n";
 import { useSettingStore } from "/@/store/settings";
 import { useRoute } from "vue-router";
+import PasskeyLogin from "../login/passkey-login.vue";
 
 const oauthProviderList = ref([]);
 const props = defineProps<{

packages/ui/certd-client/src/views/sys/cname/provider/crud.tsx

@@ -122,7 +122,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           title: t("certd.dnsProviderAuthorization"),
           type: "dict-select",
           dict: dict({
-            url: "/pi/access/list",
+            url: "/sys/access/list",
             value: "id",
             label: "name",
           }),
@@ -133,6 +133,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               type: compute(({ form }) => {
                 return form.dnsProviderType;
               }),
+              from: "sys",
             },
             rules: [{ required: true, message: t("certd.requiredField") }],
           },

packages/ui/certd-client/src/views/sys/plugin/config-editor.vue

@@ -122,7 +122,7 @@ const editableKeys = ref([
     },
     defaultRender(item: any) {
       return () => {
-        return <pre class={"helper"}>{item["helper"]}</pre>;
+        return <pre class={"helper pre"}>{item["helper"]}</pre>;
       };
     },
     editRender(item: any) {

packages/ui/certd-client/src/views/sys/settings/tabs/oauth.vue

@@ -6,7 +6,7 @@
           <a-switch v-model:checked="formState.public.passkeyEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
           <vip-button class="ml-5" mode="button"></vip-button>
         </div>
-        <pre class="helper">{{ t("certd.sys.setting.passkeyEnabledHelper", [bindDomain]) }}</pre>
+        <pre class="helper pre">{{ t("certd.sys.setting.passkeyEnabledHelper", [bindDomain]) }}</pre>
         <div v-if="!bindDomainIsSame" class="text-red-500 text-sm mt-2">
           {{ t("certd.sys.setting.passkeyHostnameNotSame") }}
         </div>

packages/ui/certd-client/vite.config.ts

@@ -88,7 +88,7 @@ export default (req: any) => {
       host: "0.0.0.0",
       port: 3008,
       fs: devServerFs,
-      allowedHosts: ["localhost", "127.0.0.1", "yfy.docmirror.cn", "docmirror.top", "*"],
+      allowedHosts: ["localhost", "127.0.0.1", "yfy.docmirror.cn", "docmirror.top", "*", "local.dev"],
       proxy: {
         // with options
         "/api": {
@@ -100,7 +100,7 @@ export default (req: any) => {
         "/certd/api": {
           //配套后端 https://github.com/fast-crud/fs-server-js
           target: "http://127.0.0.1:7001/api",
-          rewrite: path => path.replace(/^\/certd\/api/, ""),
+          rewrite: (path: any) => path.replace(/^\/certd\/api/, ""),
           //忽略证书
           // agent: new https.Agent({ rejectUnauthorized: false }),
         },

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,48 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.39.5](https://github.com/certd/certd/compare/v1.39.4...v1.39.5) (2026-03-18)
+
+### Performance Improvements
+
+* 移除passkey的counter递增校验 ([68b669d](https://github.com/certd/certd/commit/68b669d3ff3e13b931939093320ce7237bb02b1b))
+* passkey 支持Bitwarden ([29f44c6](https://github.com/certd/certd/commit/29f44c67c808bed9ff1c9d4884d39a1a62d043a7))
+* passkey登录放到下方其他登录位置 ([1413e1a](https://github.com/certd/certd/commit/1413e1aff4aabcfd471716338c210fbcfd76c8f9))
+
+## [1.39.4](https://github.com/certd/certd/compare/v1.39.3...v1.39.4) (2026-03-17)
+
+### Bug Fixes
+
+* 修复阿里云证书订单翻页问题 ([6d43623](https://github.com/certd/certd/commit/6d43623f459a7594599e50a7ed89d67fcc775518))
+
+### Performance Improvements
+
+* 优化passkey ([9e12412](https://github.com/certd/certd/commit/9e12412f5fa7800df1d7efaf62cd8fd5d79bb569))
+
+## [1.39.3](https://github.com/certd/certd/compare/v1.39.2...v1.39.3) (2026-03-17)
+
+### Bug Fixes
+
+* 修复旧版1panel插件 报sslIds is not iterable的错误 ([50db6f0](https://github.com/certd/certd/commit/50db6f0765e7ec9a5698cd99540d90e188634fb1))
+
+## [1.39.2](https://github.com/certd/certd/compare/v1.39.1...v1.39.2) (2026-03-16)
+
+### Bug Fixes
+
+* 修复当证书更新后第一次站点检查会报与主站证书过期时间不一致错误的bug ([dd999b6](https://github.com/certd/certd/commit/dd999b60a4fe3507ff5e0109d637b4e891b28bdd))
+* 修复京东云报错不准确的bug ([10dd89a](https://github.com/certd/certd/commit/10dd89ae62e438a211a15e729559af823a096583))
+* 修复群晖测试时报addSecret undefine错误 ([5eb4aa3](https://github.com/certd/certd/commit/5eb4aa3a0eab9ffa729c8e813cbf973d9683cc13))
+* cname provider授权修改为sys级别 ([d01bfbe](https://github.com/certd/certd/commit/d01bfbec96a3a2109ec864953b0c9e8c1f95b97b))
+
+### Performance Improvements
+
+* 查看证书增加证书详情显示，包括域名，过期时间，颁发机构，指纹等 ([0b9933d](https://github.com/certd/certd/commit/0b9933df1e8d1685d14271435a8a7488974cc47b))
+* 获取阿里证书订单id组件增加翻页功能，突破50的上限 ([d79db3b](https://github.com/certd/certd/commit/d79db3bd3f0d5ad39664bb47ec3814d43ad93304))
+* 优化个人账户页面 ([e506116](https://github.com/certd/certd/commit/e50611666ef731a903d7bdd8eb62333b97e2cc5b))
+* 支持批量转移流水线到其他项目 ([8a3841f](https://github.com/certd/certd/commit/8a3841f6382b53ce2343307fb035e74fa5383fef))
+* 支持passkey登录 ([10b7644](https://github.com/certd/certd/commit/10b7644bb7ba5f82776537bc0c4f5eb95d5f8e4e))
+* dns-provider 支持bind9 ，support bind9 ([76d12d6](https://github.com/certd/certd/commit/76d12d60624c0672fd3717a80a2cfef6845b14b8))
+
 ## [1.39.1](https://github.com/certd/certd/compare/v1.39.0...v1.39.1) (2026-03-09)
 
 ### Performance Improvements

packages/ui/certd-server/db/migration-mysql/v10040__passkey.sql

@@ -0,0 +1,20 @@
+
+CREATE TABLE `sys_passkey`
+(
+  `id`          bigint PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `user_id`     bigint      NOT NULL,
+  `device_name` varchar(100) NOT NULL,
+  `passkey_id`  varchar(100) NOT NULL,
+  `public_key`  varchar(1024) NOT NULL,
+  `counter`     bigint      NOT NULL,
+  `transports`  varchar(512) NULL,
+  `registered_at` bigint      NOT NULL,
+  `create_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+
+CREATE INDEX `index_passkey_user_id` ON `sys_passkey` (`user_id`);
+CREATE INDEX `index_passkey_passkey_id` ON `sys_passkey` (`passkey_id`);
+
+ALTER TABLE `sys_passkey` ENGINE = InnoDB;

packages/ui/certd-server/db/migration-mysql/v10041__access_code.sql

@@ -0,0 +1,12 @@
+ALTER TABLE cd_access ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX `index_access_key_id` ON `cd_access` (`key_id`);
+update cd_access set key_id = id where key_id is null;
+
+ALTER TABLE pi_notification ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX `index_notification_key_id` ON `pi_notification` (`key_id`);
+update pi_notification set key_id = id where key_id is null;
+
+
+ALTER TABLE cd_addon ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX `index_addon_key_id` ON `cd_addon` (`key_id`);
+update cd_addon set key_id = id where key_id is null;

packages/ui/certd-server/db/migration-pg/v10040__passkey.sql

@@ -0,0 +1,18 @@
+
+CREATE TABLE "sys_passkey"
+(
+  "id"          bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+  "user_id"     bigint      NOT NULL,
+  "device_name" varchar(100) NOT NULL,
+  "passkey_id"  varchar(100) NOT NULL,
+  "public_key"  varchar(1024) NOT NULL,
+  "counter"     bigint      NOT NULL,
+  "transports"  varchar(512) NULL,
+  "registered_at" bigint      NOT NULL,
+  "create_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
+
+
+CREATE INDEX "index_passkey_user_id" ON "sys_passkey" ("user_id");
+CREATE INDEX "index_passkey_passkey_id" ON "sys_passkey" ("passkey_id");

packages/ui/certd-server/db/migration-pg/v10041__access_code.sql

@@ -0,0 +1,12 @@
+ALTER TABLE cd_access ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX "index_access_key_id" ON "cd_access" ("key_id");
+update cd_access set key_id = id where key_id is null;
+
+ALTER TABLE pi_notification ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX "index_notification_key_id" ON "pi_notification" ("key_id");
+update pi_notification set key_id = id where key_id is null;
+
+
+ALTER TABLE cd_addon ADD COLUMN  key_id varchar(100) NULL;
+CREATE INDEX "index_addon_key_id" ON "cd_addon" ("key_id");
+update cd_addon set key_id = id where key_id is null;

packages/ui/certd-server/metadata/access_bind9.yaml

@@ -0,0 +1,46 @@
+name: bind9
+title: BIND9 DNS 授权
+desc: 通过 SSH 连接到 BIND9 服务器，使用 nsupdate 命令管理 DNS 记录
+icon: clarity:host-line
+input:
+  sshAccessId:
+    title: SSH 授权
+    helper: 选择已配置的 SSH 授权
+    component:
+      name: access-selector
+      type: ssh
+      vModel: modelValue
+    required: true
+  dnsServer:
+    title: DNS 服务器地址
+    helper: BIND9 DNS 服务器地址，用于 nsupdate 命令
+    component:
+      placeholder: 192.168.182.100
+  dnsPort:
+    title: DNS 服务器端口
+    helper: BIND9 DNS 服务器端口，用于 nsupdate 命令，默认为 53
+    value: 53
+    component:
+      name: a-input-number
+      placeholder: '53'
+  testRequest:
+    title: 测试
+    component:
+      name: api-test
+      type: access
+      typeName: bind9
+      action: TestRequest
+    mergeScript: |2-
+
+               return {
+                  component:{
+                    form: ctx.compute(({form})=>{
+                      return form
+                    })
+                  },
+               }
+              
+    helper: 点击测试 SSH 连接和 nsupdate 命令
+pluginType: access
+type: builtIn
+scriptFilePath: /plugins/plugin-bind9/access.js

packages/ui/certd-server/metadata/deploy_1PanelDeployToPanel.yaml

@@ -54,6 +54,7 @@ input:
       action: onGetNodes
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_1PanelDeployToWebsitePlugin.yaml

@@ -54,6 +54,7 @@ input:
       action: onGetNodes
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId
@@ -82,6 +83,7 @@ input:
       action: onGetSSLIds
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AcePanelDeployToWebsite.yaml

@@ -51,6 +51,7 @@ input:
       action: onGetWebsiteList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToALB.yaml

@@ -66,11 +66,13 @@ input:
     component:
       name: remote-select
       vModel: value
+      mode: default
       type: plugin
       typeName: AliyunDeployCertToALB
       action: onGetRegionList
       search: false
       pager: false
+      multi: false
       watches:
         - certDomains
         - accessId
@@ -99,6 +101,7 @@ input:
       action: onGetLoadBalanceList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId
@@ -127,6 +130,7 @@ input:
       action: onGetListenerList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToAll.yaml

@@ -116,6 +116,7 @@ input:
       action: onGetProductList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId
@@ -145,6 +146,7 @@ input:
       action: onGetContactList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToESA.yaml

@@ -80,6 +80,7 @@ input:
       action: onGetSiteList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToFC.yaml

@@ -111,6 +111,7 @@ input:
       action: onGetDomainList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToGA.yaml

@@ -62,10 +62,12 @@ input:
     component:
       name: remote-select
       vModel: value
+      mode: default
       type: plugin
       action: onGetAcceleratorList
       search: false
       pager: false
+      multi: false
       watches:
         - certDomains
         - accessId
@@ -93,6 +95,7 @@ input:
       action: onGetListenerList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId
@@ -134,6 +137,7 @@ input:
       action: onGetAdditionalDomainList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId

packages/ui/certd-server/metadata/deploy_AliyunDeployCertToNLB.yaml

@@ -66,11 +66,13 @@ input:
     component:
       name: remote-select
       vModel: value
+      mode: default
       type: plugin
       typeName: AliyunDeployCertToNLB
       action: onGetRegionList
       search: false
       pager: false
+      multi: false
       watches:
         - certDomains
         - accessId
@@ -99,6 +101,7 @@ input:
       action: onGetLoadBalanceList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId
@@ -127,6 +130,7 @@ input:
       action: onGetListenerList
       search: false
       pager: false
+      multi: true
       watches:
         - certDomains
         - accessId