v1.37.11

https://github.com/certd/certd/issues/586

.vscode/settings.json

@@ -4,5 +4,10 @@
     "typescript.tsc.autoDetect": "watch",
     "git.scanRepositories": [
         "./packages/pro"
-    ]
+    ],
+    "editor.defaultFormatter": "dbaeumer.vscode-eslint",
+    "[typescript]": {
+        "editor.defaultFormatter": "vscode.typescript-language-features"
+    },
+    "editor.tabSize": 2
 }

CHANGELOG.md

@@ -3,6 +3,75 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+* openapi 成功后失败都返回msg ([6e735bb](https://github.com/certd/certd/commit/6e735bbd1e29712e939f775a4db974db70e3b4b0))
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 ### Bug Fixes

README.md

@@ -16,6 +16,7 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永
 
 > 流水线数量现已调整为无限制，欢迎大家使用
 
+
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
@@ -151,29 +152,30 @@ https://certd.handfree.work/
 
 
 ## 八、捐赠
-************************
-支持开源，为爱发电，我已入驻爱发电
-https://afdian.com/a/greper
+
+开源为什么要做专业版收费？
+1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star，也差点凉凉，幸亏有另外大佬接手用爱发电）    
+2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
+3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突     
 
 发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
+1. 可加入发电专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
+2. 您的需求我们将优先实现，并且可能将作为专业版功能提供
+3. 获得专业版功能
 
 专业版特权对比
 
-| 功能      | 免费版                                   | 专业版                            |
+| 功能      | 免费版                                   | 专业版                     |
 |---------|---------------------------------------|--------------------------------|
-| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
-| 域名数量 | 无限制                                   | 无限制                            |
-| 证书流水线条数 | 无限制                                   | 无限制                            |
-| 站点证书监控  | 限制1条                                  | 无限制                            |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
-| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 免费证书申请  | 免费无限制                        | 免费无限制                      |
+| 域名数量      | 无限制                           | 无限制                          |
+| 证书流水线条数 | 无限制                           | 无限制                          |
+| 站点证书监控  | 限制1条                           | 无限制                          |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件     |     群晖、威联通、proxmox等  |
+| 通知         | 邮件通知、自定义webhook            | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+| 批量操作      | 无                               | 流水线模版，流水线复制，批量运行，批量设置通知、定时等 |
+| VIP群        | 无                               | 可加，一对一技术支持，必要时可申请远程协助  |
 
-************************
-
-************************
 
 ## 九、贡献代码
 

docker/run/docker-compose.yaml

@@ -9,8 +9,7 @@ services:
     restart: unless-stopped # 自动重启
     volumes:
       #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
-      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
-      - /data/certd:/app/data
+      - /data/certd:/app/data # 只要修改冒号前面的，冒号后面的/app/data切记切记不要动
       #- /volume1/docker/certd:/app/data:delegated  #群晖使用这个配置
       #   ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准，考虑挂载localtime文件
       #- /etc/localtime:/etc/localtime

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,58 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 ### Bug Fixes

docs/guide/install/docker/index.md

@@ -57,6 +57,10 @@ https://your_server_ip:7002
 
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   # 请务必确保 /app/data 这个路径没有改动，固定写死
+```
 :::
 
 

docs/guide/install/upgrade.md

@@ -10,6 +10,12 @@
 
 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+很多人docker不太会配置，数据目录没有映射出来，升级导致数据丢失
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   #  请务必确保 /app/data 这个路径没有改动，固定写死
+```
+具体备份方法可以参考上面每种部署方式升级方法后面的备份章节
 :::
 
 ## 升级日志

docs/guide/open/index.md

@@ -19,9 +19,15 @@ header中传入x-certd-token即可调用开放接口
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
 
 
-## 补充说明
-1.证书申请接口支持证书id和域名两种方式获取证书。
-2.autoApply=true将在没有证书时自动触发申请，申请过程中会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
+## 参数
+支持证书id和域名两种方式获取证书。
+
+## 创建新的证书申请
+参数autoApply=true，将在没有证书时自动触发申请证书，检查逻辑如下：
+1. 如果证书仓库里面有，且没有过期，就直接返回证书
+2. 如果没有或者已过期，就会去找流水线，有就触发流水线执行
+3. 如果没有流水线，就创建一个流水线，触发运行（`注意：需要提前在域名管理中配置好域名校验方式，否则会申请失败`）
+4. 再次采用相同参数请求接口，如果在申请过程中，就会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
 
 
 ## SDK

docs/guide/plugins/deploy.md

@@ -1,5 +1,5 @@
 # 任务插件
-共 `102` 款任务插件    
+共 `103` 款任务插件    
 ## 1. 证书申请
 
 | 序号 | 名称 | 说明 |
@@ -29,18 +29,19 @@
 | 6.| **白山云-更新证书** |  | 
 | 7.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
 | 8.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 9.| **多吉云-部署到多吉云CDN** |  | 
-| 10.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
-| 11.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
-| 12.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
-| 13.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
-| 14.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
-| 15.| **FlexCDN-更新证书** |  | 
-| 16.| **farcdn-更新证书** | www.farcdn.net | 
-| 17.| **雨云-更新证书** | app.rainyun.com | 
-| 18.| **网宿-更新证书** | 网宿证书自动更新 | 
-| 19.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
-| 20.| **APISIX-更新证书** | 自动更新APISIX证书 | 
+| 9.| **西数-部署到虚拟主机** | 西部数码部署证书到虚拟主机 | 
+| 10.| **多吉云-部署到多吉云CDN** |  | 
+| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 16.| **FlexCDN-更新证书** |  | 
+| 17.| **farcdn-更新证书** | www.farcdn.net | 
+| 18.| **雨云-更新证书** | app.rainyun.com | 
+| 19.| **网宿-更新证书** | 网宿证书自动更新 | 
+| 20.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
+| 21.| **APISIX-更新证书** | 自动更新APISIX证书 | 
 ## 4. 面板
 
 | 序号 | 名称 | 说明 |
@@ -61,7 +62,7 @@
 | 14.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 | 15.| **飞牛NAS-部署证书** |  | 
 | 16.| **Proxmox-上传证书到Proxmox** |  | 
-| 17.| **Dokploy-更新证书** | 自动更新Dokploy证书 | 
+| 17.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 ## 5. 阿里云
 
 | 序号 | 名称 | 说明 |

docs/guide/plugins/dns-provider.md

@@ -9,15 +9,16 @@
 | 5.| **新网** | 新网域名解析 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
 | 7.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 8.| **华为云** | 华为云DNS解析提供商 | 
-| 9.| **西部数码** | west dns provider | 
-| 10.| **dns.la** | dns.la | 
-| 11.| **雨云** | 雨云DNS解析提供商 | 
-| 12.| **cloudflare** | cloudflare dns provider | 
-| 13.| **namesilo** | namesilo dns provider | 
-| 14.| **godaddy** | GoDaddy | 
-| 15.| **51dns** | 51DNS | 
-| 16.| **新网互联** | 新网互联 | 
+| 8.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 9.| **华为云** | 华为云DNS解析提供商 | 
+| 10.| **西部数码** | west dns provider | 
+| 11.| **dns.la** | dns.la | 
+| 12.| **雨云** | 雨云DNS解析提供商 | 
+| 13.| **cloudflare** | cloudflare dns provider | 
+| 14.| **namesilo** | namesilo dns provider | 
+| 15.| **godaddy** | GoDaddy | 
+| 16.| **51dns** | 51DNS | 
+| 17.| **新网互联** | 新网互联 | 
 
 <style module>
 table th:first-of-type {

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.37.5"
+  "version": "1.37.11"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,37 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/publishlab/node-acme-client/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/publishlab/node-acme-client/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/publishlab/node-acme-client/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.9](https://github.com/publishlab/node-acme-client/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.8](https://github.com/publishlab/node-acme-client/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.7](https://github.com/publishlab/node-acme-client/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/publishlab/node-acme-client/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/publishlab/node-acme-client/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/publishlab/node-acme-client/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Performance Improvements
+
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/publishlab/node-acme-client/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+
 ## [1.37.5](https://github.com/publishlab/node-acme-client/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.37.5",
+    "version": "1.37.11",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.37.5",
+        "@certd/basic": "^1.37.11",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -70,5 +70,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+    "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/core/acme-client/src/auto.js

@@ -4,6 +4,9 @@
 import { readCsrDomains } from "./crypto/index.js";
 import { wait } from "./wait.js";
 import { CancelError } from "./error.js";
+import { domainUtils } from '@certd/basic';
+
+
 
 
 const defaultOpts = {
@@ -65,7 +68,7 @@ export default async (client, userOpts) => {
      * Parse domains from CSR
      */
 
-    log("[auto] Parsing domains from Certificate Signing Request ");
+    log("[auto] Parsing domains from Certificate Signing Request");
     const { commonName, altNames } = readCsrDomains(opts.csr);
     const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));
 
@@ -76,9 +79,21 @@ export default async (client, userOpts) => {
      */
 
     log("[auto] Placing new certificate order with ACME provider");
-    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
-    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+
+    let hasIp = false
+    const orderPayload = { identifiers: uniqueDomains.map((d) =>{
+        // 判断是否为IP（v4或v6），否则按域名处理
+        const type = domainUtils.isIp(d) ? 'ip' : 'dns';
+        if(type === 'ip'){
+            hasIp = true
+        }
+        return { type, value: d }
+    }) };
+    if (opts.profile && client.sslProvider.startsWith("letsencrypt") ){
         orderPayload.profile = opts.profile;
+        if(hasIp){
+            orderPayload.profile = "shortlived"
+        }
     }
     const order = await client.createOrder(orderPayload);
     const authorizations = await client.getAuthorizations(order);

packages/core/acme-client/src/client.js

@@ -7,7 +7,7 @@ import { createHash } from 'crypto';
 import  { getPemBodyAsB64u } from './crypto/index.js';
 import HttpClient from './http.js';
 import AcmeApi from './api.js';
-import verify from './verify.js';
+import {createChallengeFn} from './verify.js';
 import * as util from './util.js';
 import auto from './auto.js';
 import { CancelError } from './error.js';
@@ -492,6 +492,9 @@ class AcmeClient {
             throw new Error('Unable to verify ACME challenge, URL not found');
         }
 
+        const {challenges} = createChallengeFn({logger:this.logger});
+ 
+        const verify = challenges
         if (typeof verify[challenge.type] === 'undefined') {
             throw new Error(`Unable to verify ACME challenge, unknown type: ${challenge.type}`);
         }
@@ -507,7 +510,12 @@ class AcmeClient {
         };
 
         this.log('Waiting for ACME challenge verification（等待ACME检查验证）');
-        return util.retry(verifyFn, this.backoffOpts);
+
+
+        const log = (...args)=>{
+            this.logger.info(...args)
+        }
+        return util.retry(verifyFn, this.backoffOpts,log);
     }
 
     /**

packages/core/acme-client/src/index.js

@@ -21,6 +21,9 @@ export const directory = {
         staging: 'https://acme-staging-v02.api.letsencrypt.org/directory',
         production: 'https://acme-v02.api.letsencrypt.org/directory',
     },
+    letsencrypt_staging: {
+        production: 'https://acme-staging-v02.api.letsencrypt.org/directory',
+    },
     zerossl: {
         staging: 'https://acme.zerossl.com/v2/DV90',
         production: 'https://acme.zerossl.com/v2/DV90',
@@ -28,9 +31,28 @@ export const directory = {
     sslcom:{
       staging: 'https://acme.ssl.com/sslcom-dv-rsa',
       production: 'https://acme.ssl.com/sslcom-dv-rsa',
+      ec: 'https://acme.ssl.com/sslcom-dv-ecc',
     }
 };
 
+export function getDirectoryUrl(opts) {
+  const {sslProvider, pkType} = opts
+  const list= directory[sslProvider]
+  if (!list) {
+    throw new Error(`sslProvider ${sslProvider} not found`)
+  }
+  let pkTypePrefix = pkType || 'rsa'
+  if (pkType) {
+   pkTypePrefix = pkType.toLowerCase().split("_")[0]
+  }
+
+  if (pkTypePrefix && list[pkTypePrefix]) {
+    return list[pkTypePrefix]
+  }
+
+  return list.production
+}
+
 /**
  * Crypto
  */

packages/core/acme-client/src/util.js

@@ -48,7 +48,7 @@ class Backoff {
  * @returns {Promise}
  */
 
-async function retryPromise(fn, attempts, backoff) {
+async function retryPromise(fn, attempts, backoff, logger = log) {
     let aborted = false;
 
     try {
@@ -60,12 +60,12 @@ async function retryPromise(fn, attempts, backoff) {
             throw e;
         }
 
-        log(`Promise rejected: ${e.message}`);
+        logger(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
+        logger(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
-        return retryPromise(fn, attempts, backoff);
+        return retryPromise(fn, attempts, backoff, logger);
     }
 }
 
@@ -80,9 +80,9 @@ async function retryPromise(fn, attempts, backoff) {
  * @returns {Promise}
  */
 
-function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
+function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}, logger = log) {
     const backoff = new Backoff({ min, max });
-    return retryPromise(fn, attempts, backoff);
+    return retryPromise(fn, attempts, backoff, logger);
 }
 
 /**
@@ -216,21 +216,21 @@ function formatResponseError(resp) {
  * @returns {Promise<string>} Root domain name
  */
 
-async function resolveDomainBySoaRecord(recordName) {
+async function resolveDomainBySoaRecord(recordName, logger = log) {
     try {
         await dns.resolveSoa(recordName);
-        log(`找到${recordName}的SOA记录`);
+        logger(`找到${recordName}的SOA记录`);
         return recordName;
     }
     catch (e) {
-        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
+        logger(`找不到${recordName}的SOA记录,继续往主域名查找`);
         const parentRecordName = recordName.split('.').slice(1).join('.');
 
         if (!parentRecordName.includes('.')) {
             throw new Error('SOA record查找失败');
         }
 
-        return resolveDomainBySoaRecord(parentRecordName);
+        return resolveDomainBySoaRecord(parentRecordName,logger);
     }
 }
 
@@ -241,18 +241,18 @@ async function resolveDomainBySoaRecord(recordName) {
  * @returns {Promise<dns.Resolver>} DNS resolver
  */
 
-async function getAuthoritativeDnsResolver(recordName) {
-    log(`获取域名${recordName}的权威NS服务器: `);
+async function getAuthoritativeDnsResolver(recordName, logger = log) {
+    logger(`获取域名${recordName}的权威NS服务器: `);
     const resolver = new dns.Resolver();
 
     try {
         /* Resolve root domain by SOA */
-        const domain = await resolveDomainBySoaRecord(recordName);
+        const domain = await resolveDomainBySoaRecord(recordNam,logger);
 
         /* Resolve authoritative NS addresses */
-        log(`获取到权威NS服务器name: ${domain}`);
+        logger(`获取到权威NS服务器name: ${domain}`);
         const nsRecords = await dns.resolveNs(domain);
-        log(`域名权威NS服务器：${nsRecords}`);
+        logger(`域名权威NS服务器：${nsRecords}`);
         const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
         const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);
 
@@ -261,16 +261,16 @@ async function getAuthoritativeDnsResolver(recordName) {
         }
 
         /* Authoritative NS success */
-        log(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
+        logger(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
         resolver.setServers(nsAddresses);
     }
     catch (e) {
-        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
+        logger(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
     }
 
     /* Return resolver */
     const addresses = resolver.getServers();
-    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
+    logger(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
 
     return resolver;
 }

packages/core/acme-client/src/verify.js

@@ -4,14 +4,22 @@
 
 import dnsSdk from "dns"
 import https from 'https'
-import {log} from './logger.js'
+import {log as defaultLog} from './logger.js'
 import axios from './axios.js'
 import * as util from './util.js'
 import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
 
 
 const dns = dnsSdk.promises
-/**
+
+
+export function createChallengeFn(opts = {}){
+    const logger = opts?.logger || {info:defaultLog,error:defaultLog,warn:defaultLog,debug:defaultLog}
+    
+    const log = function(...args){
+        logger.info(...args)
+    }
+    /**
  * Verify ACME HTTP challenge
  *
  * https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
@@ -112,7 +120,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
     return records
 }
 
-export async function walkTxtRecord(recordName,deep = 0) {
+ async function walkTxtRecord(recordName,deep = 0) {
     if(deep >5){
         log(`walkTxtRecord too deep (#${deep}) , skip walk`)
         return []
@@ -136,7 +144,7 @@ export async function walkTxtRecord(recordName,deep = 0) {
     try{
         /* Authoritative DNS resolver */
         log(`从域名权威服务器获取TXT解析记录`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
         const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
         if (res && res.length > 0) {
             for (const item of res) {
@@ -173,7 +181,8 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
     recordValues = [...new Set(recordValues)];
     log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
+        const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
+        throw new Error(err);
     }
 
     log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
@@ -207,12 +216,13 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
     return true;
 }
 
-/**
- * Export API
- */
+    return {
+        challenges:{
+            'http-01': verifyHttpChallenge,
+            'dns-01': verifyDnsChallenge,
+            'tls-alpn-01': verifyTlsAlpnChallenge,
+        },
+        walkTxtRecord,
+    }
 
-export default {
-    'http-01': verifyHttpChallenge,
-    'dns-01': verifyDnsChallenge,
-    'tls-alpn-01': verifyTlsAlpnChallenge,
-};
+}

packages/core/acme-client/types/index.d.ts

@@ -108,12 +108,17 @@ export const directory: {
         staging: string,
         production: string
     },
+    letsencrypt_staging: {
+        production: string
+    },
     zerossl: {
         staging: string,
         production: string
     }
 };
 
+export function getDirectoryUrl(opts:{sslProvider:string, pkType: string}): string;
+
 /**
  * Crypto
  */
@@ -204,7 +209,8 @@ export const agents: any;
 
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;
 
-export function walkTxtRecord(record: any): Promise<string[]>;
+export function createChallengeFn(opts?: {logger?:any}): any;
+// export function walkTxtRecord(record: any): Promise<string[]>;
 export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 
 export const CancelError: typeof CancelError;

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,36 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题 ([51cc084](https://github.com/certd/certd/commit/51cc08411fd2dbab66d769b495dc1b0bf2f2578c))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-05:00
+04:13

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,6 +17,7 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
+    "async-lock": "^1.4.1",
     "axios": "^1.7.2",
     "dayjs": "^1.11.7",
     "http-proxy-agent": "^7.0.2",
@@ -46,5 +47,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/core/basic/src/utils/util.domain.ts

@@ -7,29 +7,29 @@ function match(targetDomains: string | string[], inDomains: string[]) {
     return false;
   }
 
-  if (typeof targetDomains === 'string') {
+  if (typeof targetDomains === "string") {
     targetDomains = [targetDomains];
   }
   for (let targetDomain of targetDomains) {
     let matched = false;
-    if (targetDomain.startsWith('.')) {
-      targetDomain = '*' + targetDomain;
+    if (targetDomain.startsWith(".")) {
+      targetDomain = "*" + targetDomain;
     }
     for (let inDomain of inDomains) {
-      if (inDomain.startsWith('.')) {
-        inDomain = '*' + inDomain;
+      if (inDomain.startsWith(".")) {
+        inDomain = "*" + inDomain;
       }
       if (targetDomain === inDomain) {
         matched = true;
         break;
       }
 
-      if (!inDomain.startsWith('*.')) {
+      if (!inDomain.startsWith("*.")) {
         //不可能匹配
         continue;
       }
       //子域名匹配通配符即可
-      const firstDotIndex = targetDomain.indexOf('.');
+      const firstDotIndex = targetDomain.indexOf(".");
       const targetDomainSuffix = targetDomain.substring(firstDotIndex + 1);
       if (targetDomainSuffix === inDomain.substring(2)) {
         matched = true;
@@ -46,6 +46,32 @@ function match(targetDomains: string | string[], inDomains: string[]) {
   return true;
 }
 
+function isIpv4(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv4Regex = /^(\d{1,3}\.){3}\d{1,3}$/;
+  return isIPv4Regex.test(d);
+}
+
+function isIpv6(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv6Regex = /^([\da-f]{1,4}:){2,7}[\da-f]{1,4}$/i;
+  return isIPv6Regex.test(d);
+}
+
+function isIp(d: string) {
+  if (!d) {
+    return false;
+  }
+  return isIpv4(d) || isIpv6(d);
+}
+
 export const domainUtils = {
   match,
+  isIpv4,
+  isIpv6,
+  isIp,
 };

packages/core/basic/src/utils/util.lock.ts

@@ -1,46 +1,16 @@
-import { logger, utils } from './index.js';
+// @ts-ignore
+import AsyncLock from "async-lock";
 
 export class Locker {
-  locked: Record<string, any> = {};
+  private asyncLocker: AsyncLock;
 
-  async execute(lockStr: string, callback: any) {
-    await this.lock(lockStr);
-    const timeoutId = setTimeout(() => {
-      logger.warn('Lock timeout,自动解锁', lockStr);
-      this.unlock(lockStr);
-    }, 20000);
-    try {
-      return await callback();
-    } finally {
-      clearTimeout(timeoutId);
-      this.unlock(lockStr);
-    }
+  constructor() {
+    this.asyncLocker = new AsyncLock();
   }
 
-  async lock(str: string) {
-    const isLocked = this.isLocked(str);
-    if (isLocked) {
-      let count = 0;
-      while (true) {
-        await utils.sleep(100);
-        if (!this.isLocked(str)) {
-          break;
-        }
-        count++;
-        if (count > 20) {
-          throw new Error('Lock timeout');
-        }
-      }
-    }
-    this.locked[str] = true;
-  }
-
-  unlock(str: string) {
-    delete this.locked[str];
-  }
-
-  isLocked(str: string) {
-    return this.locked[str] ?? false;
+  async execute(lockStr: string, callback: any, options?: { timeout?: number }) {
+    const timeout = options?.timeout ?? 120000;
+    return this.asyncLocker.acquire(lockStr, callback, { timeout });
   }
 }
 

packages/core/basic/test.mjs

@@ -0,0 +1,14 @@
+import { random } from "lodash-es";
+import { locker } from "./dist/utils/util.lock.js";
+
+async function testLocker() {
+  for (let i = 0; i < 10; i++) {
+    await locker.execute("test", async () => {
+      console.log("test", i);
+      await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
+      throw new Error("test error");
+    });
+  }
+}
+
+await testLocker();

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -18,8 +18,8 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.5",
-    "@certd/plus-core": "^1.37.5",
+    "@certd/basic": "^1.37.11",
+    "@certd/plus-core": "^1.37.11",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,13 +1,11 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.37.5",
+  "version": "1.37.11",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
   "scripts": {
-    "test": "cross-env NODE_CONFIG_DIR=./test/config  mocha --recursive --require babel-register",
-    "dev": "babel src --out-dir babel -w",
     "build": "rollup -c ",
     "dev-build": "npm run build",
     "pub": "npm publish"
@@ -15,7 +13,6 @@
   "author": "",
   "license": "Apache",
   "dependencies": {
-    "babel-register": "^6.26.0",
     "buffer": "^5.0.8",
     "create-hash": "^1.1.3",
     "create-hmac": "^1.1.6",
@@ -30,8 +27,6 @@
     "@rollup/plugin-typescript": "^11.0.0",
     "@typescript-eslint/eslint-plugin": "^8.26.1",
     "@typescript-eslint/parser": "^8.26.1",
-    "babel-cli": "^6.26.0",
-    "babel-preset-env": "^1.6.1",
     "chai": "^4.1.2",
     "config": "^1.30.0",
     "cross-env": "^5.1.4",
@@ -61,5 +56,5 @@
       "fetch"
     ]
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.37.5",
+    "@certd/basic": "^1.37.11",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 ### Performance Improvements

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.37.5",
+  "version": "1.37.11",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -28,11 +28,11 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.37.5",
-    "@certd/basic": "^1.37.5",
-    "@certd/pipeline": "^1.37.5",
-    "@certd/plugin-lib": "^1.37.5",
-    "@certd/plus-core": "^1.37.5",
+    "@certd/acme-client": "^1.37.11",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
+    "@certd/plugin-lib": "^1.37.11",
+    "@certd/plus-core": "^1.37.11",
     "@midwayjs/cache": "3.14.0",
     "@midwayjs/core": "3.20.11",
     "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/libs/lib-server/src/basic/base-service.ts

@@ -1,5 +1,5 @@
 import { PermissionException, ValidateException } from './exception/index.js';
-import { In, Repository, SelectQueryBuilder } from 'typeorm';
+import { FindOneOptions, In, Repository, SelectQueryBuilder } from 'typeorm';
 import { Inject } from '@midwayjs/core';
 import { TypeORMDataSourceManager } from '@midwayjs/typeorm';
 import { EntityManager } from 'typeorm/entity-manager/EntityManager.js';
@@ -238,4 +238,8 @@ export abstract class BaseService<T> {
 
     await this.delete(ids);
   }
+
+  async findOne(options: FindOneOptions<T>) {
+    return await this.getRepository().findOne(options);
+  }
 }

packages/libs/lib-server/src/system/settings/service/models.ts

@@ -16,7 +16,7 @@ export class SysPublicSettings extends BaseSettings {
   static __access__ = 'public';
 
   registerEnabled = false;
-  userValidTimeEnabled?:boolean = false;
+  userValidTimeEnabled?: boolean = false;
   passwordLoginEnabled = true;
   usernameRegisterEnabled = true;
   mobileRegisterEnabled = false;
@@ -36,7 +36,7 @@ export class SysPublicSettings extends BaseSettings {
   captchaEnabled = false;
   //验证码类型
   captchaType?: string;
-  captchaAddonId?:number;
+  captchaAddonId?: number;
 
 
 
@@ -49,6 +49,14 @@ export class SysPublicSettings extends BaseSettings {
   // 固定证书有效期天数，0表示不固定
   fixedCertExpireDays?: number;
 
+  // 第三方OAuth配置
+  oauthEnabled?: boolean = false;
+  oauthProviders: Record<string, {
+    type: string;
+    title: string;
+    addonId: number;
+  }> = {};
+
 }
 
 export class SysPrivateSettings extends BaseSettings {
@@ -69,9 +77,9 @@ export class SysPrivateSettings extends BaseSettings {
     type?: string;
     config?: any;
   } = {
-    type: 'aliyun',
-    config: {},
-  };
+      type: 'aliyun',
+      config: {},
+    };
 
   removeSecret() {
     const clone = cloneDeep(this);
@@ -196,7 +204,7 @@ export class SysSuiteSetting extends BaseSettings {
   static __key__ = 'sys.suite';
   static __access__ = 'private';
 
-  enabled:boolean = false;
+  enabled: boolean = false;
 
   registerGift?: {
     productId: number;
@@ -221,11 +229,9 @@ export class SysSafeSetting extends BaseSettings {
   static __access__ = 'private';
 
   // 站点隐藏
-  hidden:SiteHidden = {
+  hidden: SiteHidden = {
     enabled: false,
-    hiddenOpenApi:false,
+    hiddenOpenApi: false,
     autoHiddenTimes: 5,
   };
 }
-
-

packages/libs/lib-server/src/user/addon/api/api.ts

@@ -31,6 +31,7 @@ export type AddonDefine = Registrable & {
     [key: string]: AddonInputDefine;
   };
   showTest?: boolean;
+  icon?: string;
 };
 
 export type AddonInstanceConfig = {

packages/libs/lib-server/src/user/addon/service/addon-service.ts

@@ -76,7 +76,7 @@ export class AddonService extends BaseService<AddonEntity> {
 
 
   getDefineList(addonType: string) {
-    return addonRegistry.getDefineList();
+    return addonRegistry.getDefineList(addonType);
   }
 
   getDefineByType(type: string, prefix?: string) {
@@ -187,4 +187,14 @@ export class AddonService extends BaseService<AddonEntity> {
     });
     return this.buildAddonInstanceConfig(res);
   }
+
+  async getOneByType(req:{addonType:string,type:string,userId:number}) {
+    return await this.repository.findOne({
+      where: {
+        addonType: req.addonType,
+        type: req.type,
+        userId: req.userId
+      }
+    });
+  }
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,30 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.37.5",
+  "version": "1.37.11",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,39 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+* ssl.com支持ecc ([b5ec047](https://github.com/certd/certd/commit/b5ec04723db48422f71041f4043002e7f5b450b1))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Performance Improvements
+
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/plugin-cert

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
     "compile": "tsc --skipLibCheck --watch"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.37.5",
-    "@certd/basic": "^1.37.5",
-    "@certd/pipeline": "^1.37.5",
-    "@certd/plugin-lib": "^1.37.5",
+    "@certd/acme-client": "^1.37.11",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
+    "@certd/plugin-lib": "^1.37.11",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts

@@ -50,7 +50,7 @@ export type CertInfo = {
   one?: string;
   p7b?: string;
 };
-export type SSLProvider = "letsencrypt" | "google" | "zerossl" | "sslcom";
+export type SSLProvider = "letsencrypt" | "google" | "zerossl" | "sslcom" | "letsencrypt_staging";
 export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
 type AcmeServiceOptions = {
   userContext: IContext;
@@ -111,7 +111,7 @@ export class AcmeService {
     await this.userContext.setObj(this.buildAccountKey(email), conf);
   }
 
-  async getAcmeClient(email: string, isTest = false): Promise<acme.Client> {
+  async getAcmeClient(email: string): Promise<acme.Client> {
     const mappings = {};
     if (this.sslProvider === "letsencrypt") {
       mappings["acme-v02.api.letsencrypt.org"] = this.options.reverseProxy || "le.px.certd.handfree.work";
@@ -128,12 +128,7 @@ export class AcmeService {
       await this.saveAccountConfig(email, conf);
       this.logger.info(`创建新的Accountkey:${email}`);
     }
-    let directoryUrl = "";
-    if (isTest) {
-      directoryUrl = acme.directory[this.sslProvider].staging;
-    } else {
-      directoryUrl = acme.directory[this.sslProvider].production;
-    }
+    const directoryUrl = acme.getDirectoryUrl({ sslProvider: this.sslProvider, pkType: this.options.privateKeyType });
     if (this.options.useMappingProxy) {
       urlMapping.enabled = true;
     } else {
@@ -327,13 +322,12 @@ export class AcmeService {
     domainsVerifyPlan?: DomainsVerifyPlan;
     httpUploader?: any;
     csrInfo: any;
-    isTest?: boolean;
     privateKeyType?: string;
     profile?: string;
     preferredChain?: string;
   }): Promise<CertInfo> {
-    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options;
-    const client: acme.Client = await this.getAcmeClient(email, isTest);
+    const { email, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options;
+    const client: acme.Client = await this.getAcmeClient(email);
 
     let domains = options.domains;
     const encodingDomains = [];
@@ -343,7 +337,7 @@ export class AcmeService {
     domains = encodingDomains;
 
     /* Create CSR */
-    const { commonName, altNames } = this.buildCommonNameByDomains(domains);
+    const { altNames } = this.buildCommonNameByDomains(domains);
     let privateKey = null;
     const privateKeyType = options.privateKeyType || "rsa_2048";
     const privateKeyArr = privateKeyType.split("_");
@@ -370,15 +364,13 @@ export class AcmeService {
       //兼容老版本
       createCsr = acme.forge.createCsr;
     }
-    const [key, csr] = await createCsr(
-      {
-        commonName,
-        ...csrInfo,
-        altNames,
-        // emailAddress: email,
-      },
-      privateKey
-    );
+    const csrData: any = {
+      // commonName,
+      ...csrInfo,
+      altNames,
+      // emailAddress: email,
+    };
+    const [key, csr] = await createCsr(csrData, privateKey);
 
     if (dnsProvider == null && domainsVerifyPlan == null) {
       throw new Error("dnsProvider 、 domainsVerifyPlan不能都为空");
@@ -423,7 +415,7 @@ export class AcmeService {
   }
 
   buildCommonNameByDomains(domains: string | string[]): {
-    commonName: string;
+    commonName?: string;
     altNames: string[] | undefined;
   } {
     if (typeof domains === "string") {
@@ -432,14 +424,14 @@ export class AcmeService {
     if (domains.length === 0) {
       throw new Error("domain can not be empty");
     }
-    const commonName = domains[0];
-    let altNames: undefined | string[] = undefined;
-    if (domains.length > 1) {
-      altNames = _.slice(domains, 1);
-    }
+    // const commonName = domains[0];
+    // let altNames: undefined | string[] = undefined;
+    // if (domains.length > 1) {
+    //   altNames = _.slice(domains, 1);
+    // }
     return {
-      commonName,
-      altNames,
+      // commonName,
+      altNames: domains,
     };
   }
 

packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts

@@ -36,6 +36,7 @@ export class CertReader {
   detail: CertificateInfo;
   //毫秒时间戳
   effective: number;
+  //毫秒时间戳
   expires: number;
   constructor(certInfo: CertInfo) {
     this.cert = certInfo;

packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts

@@ -137,6 +137,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         { value: "google", label: "Google（免费）", icon: "flat-color-icons:google" },
         { value: "zerossl", label: "ZeroSSL（免费）", icon: "emojione:digit-zero" },
         { value: "sslcom", label: "SSL.com（仅主域名和www免费）", icon: "la:expeditedssl" },
+        { value: "letsencrypt_staging", label: "Let's Encrypt测试环境（IP证书）", icon: "simple-icons:letsencrypt" },
       ],
     },
     helper: "Let's Encrypt：申请最简单\nGoogle：大厂光环，兼容性好，仅首次需要翻墙获取EAB授权\nZeroSSL：需要EAB授权，无需翻墙\nSSL.com：仅主域名和www免费,必须设置CAA记录",
@@ -412,7 +413,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
   async onInit() {
     let eab: EabAccess = null;
 
-    if (this.sslProvider && this.sslProvider !== "letsencrypt") {
+    if (this.sslProvider && !this.sslProvider.startsWith("letsencrypt")) {
       if (this.sslProvider === "google" && this.googleAccessId) {
         this.logger.info("当前正在使用 google服务账号授权获取EAB");
         const googleAccess = await this.getAccess(this.googleAccessId);
@@ -495,7 +496,6 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         dnsProvider,
         domainsVerifyPlan,
         csrInfo,
-        isTest: false,
         privateKeyType: this.privateKeyType,
         profile: this.certProfile,
         preferredChain: this.preferredChain,

packages/plugins/plugin-lib/.eslintrc

@@ -17,6 +17,7 @@
     "@typescript-eslint/ban-ts-ignore": "off",
     "@typescript-eslint/no-explicit-any": "off",
     "@typescript-eslint/no-empty-function": "off",
-    "@typescript-eslint/no-unused-vars": "off"
+    "@typescript-eslint/no-unused-vars": "off",
+    "max-len": [0, 160, 2, { "ignoreUrls": true }]
   }
 }

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,35 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Performance Improvements
+
+*  ssh支持ppk格式私钥 ([575ae16](https://github.com/certd/certd/commit/575ae164c863d0b1f9fa0890549a2ee7472fb469))
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.37.5",
+  "version": "1.37.11",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -22,8 +22,8 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.5",
-    "@certd/pipeline": "^1.37.5",
+    "@certd/basic": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -35,7 +35,7 @@
     "rimraf": "^5.0.5",
     "socks": "^2.8.3",
     "socks-proxy-agent": "^8.0.4",
-    "ssh2": "^1.15.0",
+    "ssh2": "1.17.0",
     "strip-ansi": "^7.1.0",
     "tencentcloud-sdk-nodejs": "^4.0.1005"
   },
@@ -53,5 +53,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }

packages/plugins/plugin-lib/src/index.ts

@@ -7,4 +7,5 @@ export * from "./qiniu/index.js";
 export * from "./ctyun/index.js";
 export * from "./oss/index.js";
 export * from "./s3/index.js";
-export * from "./lib/index.js";
+export * from "./lib/index.js";
+export * from "./service/index.js";

packages/plugins/plugin-lib/src/service/index.ts

@@ -0,0 +1 @@
+export * from "./site-info.js";

packages/plugins/plugin-lib/src/service/site-info.ts

@@ -0,0 +1,7 @@
+export type SiteInfo = {
+  siteUrl: string;
+};
+
+export interface ISiteInfoGetter {
+  getSiteInfo(): Promise<SiteInfo>;
+}

packages/plugins/plugin-lib/src/tencent/access.ts

@@ -64,4 +64,8 @@ export class TencentAccess extends BaseAccess {
   intlDomain() {
     return this.isIntl() ? "intl." : "";
   }
+
+  buildEndpoint(endpoint: string) {
+    return `${this.intlDomain()}${endpoint}`;
+  }
 }

packages/plugins/plugin-lib/src/tencent/lib/ssl-client.ts

@@ -36,7 +36,7 @@ export class TencentSslClient {
 
   checkRet(ret: any) {
     if (!ret || ret.Error) {
-      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message);
+      throw new Error("请求失败：" + ret.Error.Code + "," + ret.Error.Message + ",requestId" + ret.RequestId);
     }
   }
 
@@ -70,43 +70,33 @@ export class TencentSslClient {
   }
 
   async deployCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.DeployCertificateInstance(params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DeployCertificateInstance", params);
   }
 
   async DescribeHostUploadUpdateRecordDetail(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("DescribeHostUploadUpdateRecordDetail", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("DescribeHostUploadUpdateRecordDetail", params);
   }
 
   async UploadUpdateCertificateInstance(params: any) {
-    const client = await this.getSslClient();
-    const res = await client.request("UploadUpdateCertificateInstance", params);
-    this.checkRet(res);
-    return res;
+    return await this.doRequest("UploadUpdateCertificateInstance", params);
   }
 
   async DescribeCertificates(params: { Limit?: number; Offset?: number; SearchKey?: string }) {
-    const client = await this.getSslClient();
-    const res = await client.DescribeCertificates({
+    return await this.doRequest("DescribeCertificates", {
       ExpirationSort: "ASC",
       ...params,
     });
-    this.checkRet(res);
-    return res;
   }
 
   async doRequest(action: string, params: any) {
     const client = await this.getSslClient();
-    if (!client[action]) {
-      throw new Error(`action ${action} not found`);
+    try {
+      const res = await client.request(action, params);
+      this.checkRet(res);
+      return res;
+    } catch (e) {
+      this.logger.error(`action ${action} error: ${e.message},requestId=${e.RequestId}`);
+      throw e;
     }
-    const res = await client[action](params);
-    this.checkRet(res);
-    return res;
   }
 }

packages/ui/Dockerfile

@@ -19,6 +19,8 @@ RUN apk add --no-cache openjdk8
 WORKDIR /app/
 COPY --from=builder /workspace/certd-server/ /app/
 
+COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
+
 ENV LEGO_VERSION=4.22.2
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
 RUN mkdir -p $LEGO_DOWNLOAD_DIR

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,53 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复备注撑开表格行高的bug ([c7b298c](https://github.com/certd/certd/commit/c7b298c46f0d52b43bd2bb17b374e7970a446446))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+
+### Performance Improvements
+
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Performance Improvements
+
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.37.5",
+  "version": "1.37.11",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -106,8 +106,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.37.5",
-    "@certd/pipeline": "^1.37.5",
+    "@certd/lib-iframe": "^1.37.11",
+    "@certd/pipeline": "^1.37.11",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-tip.vue

@@ -6,7 +6,12 @@
         <div>1. 解析记录应该添加在{{ record.domain }}域名下</div>
         <div>2. 要添加的是CNAME类型的记录，不是TXT</div>
         <div>3. 核对记录值是否是:{{ record.recordValue }}</div>
-        <div>4. 运行下面的命令,查看解析是否正确 <fs-copyable :style="{ color: '#52c41a' }" :model-value="nslookupCmd"></fs-copyable></div>
+        <div>
+          4. 在验证中状态下，运行下面的命令,查看cname和txt解析是否正确
+          <fs-copyable :style="{ color: '#52c41a' }" :model-value="nslookupCmd"></fs-copyable>
+          或者
+          <fs-copyable :style="{ color: '#52c41a' }" :model-value="digCmd"></fs-copyable>
+        </div>
         <div>5. 如果以上检查都没有问题，则可能是DNS解析生效时间比较慢，某些提供商延迟可能高达几个小时</div>
       </div>
     </template>
@@ -23,4 +28,8 @@ const props = defineProps<{
 const nslookupCmd = computed(() => {
   return `nslookup -q=txt _acme-challenge.${props.record.domain}`;
 });
+
+const digCmd = computed(() => {
+  return `dig _acme-challenge.${props.record.domain}`;
+});
 </script>

packages/ui/certd-client/src/components/vip-button/index.vue

@@ -340,6 +340,13 @@ function openUpgrade() {
   function showManualActivation() {
     manualActiveFlag.value = true;
   }
+
+  function goBindAccount() {
+    modalRef?.destroy();
+    router.push({
+      path: "/sys/account",
+    });
+  }
   const modalRef = modal.success({
     title,
     maskClosable: true,
@@ -367,6 +374,9 @@ function openUpgrade() {
           <div class="mt-10">
             {t("vip.current")} {vipLabel} {t("vip.activated_expire_time")}
             {settingStore.expiresText}
+            <a class="ml-15" href="https://app.handfree.work/subject/#/page/detail/1" target="_blank">
+              {t("vip.learn_more")}
+            </a>
           </div>
         );
       }
@@ -439,6 +449,10 @@ function openUpgrade() {
             <div class="flex-o w-100">
               <span>{t("vip.site_id")}：</span>
               <fs-copyable v-model={computedSiteId.value}></fs-copyable>
+
+              <a class="ml-2" onClick={goBindAccount}>
+                {t("vip.not_effective")}
+              </a>
             </div>
           </div>
           {plusInfo}

packages/ui/certd-client/src/layout/layout-outside.vue

@@ -1,8 +1,8 @@
 <template>
   <div id="userLayout" :class="['user-layout-wrapper']">
-    <div class="login-container flex-center">
-      <div class="user-layout-content flex-center flex-col">
-        <div class="top flex flex-col items-center justify-center">
+    <div class="login-container flex justify-start">
+      <div class="user-layout-content flex-col justify-start">
+        <div class="top flex flex-col items-center justify-start">
           <div class="header flex flex-row items-center">
             <img :src="siteInfo.loginLogo" class="logo" alt="logo" />
             <span class="title"></span>
@@ -10,8 +10,9 @@
           <div class="desc">{{ siteInfo.slogan }}</div>
         </div>
 
-        <router-view />
-
+        <div class="flex-1 flex flex-col justify-start items-center">
+          <router-view />
+        </div>
         <div class="footer">
           <div class="copyright">
             <span v-if="!settingStore.isComm">

packages/ui/certd-client/src/locales/langs/en-US/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "Please enter your password",
   mobilePlaceholder: "Please enter your mobile number",
   loginButton: "Log In",
+  bindButton: "Bind Account",
   forgotPassword: "Forgot password?",
   forgotAdminPassword: "Forgot admin password?",
   registerLink: "Register",

packages/ui/certd-client/src/locales/langs/en-US/certd.ts

@@ -760,6 +760,13 @@ export default {
       fixedCertExpireDays: "Fixed Cert Expire Days",
       fixedCertExpireDaysHelper: "Fixed cert expiration days, helpful for table list progress bar display",
       fixedCertExpireDaysRecommend: "Recommend 90",
+
+      enableOauth: "Enable OAuth2 Login",
+      oauthEnabledHelper: "Whether to enable OAuth2 login",
+      oauthProviders: "OAuth2 Login Providers",
+      oauthType: "OAuth2 Login Type",
+      oauthConfig: "OAuth2 Login Config",
+      oauthProviderSelectorPlaceholder: "Please select OAuth2 login provider",
     },
   },
   modal: {

packages/ui/certd-client/src/locales/langs/en-US/vip.ts

@@ -98,4 +98,6 @@ export default {
   already_comm: "Already Business Edition, can't change to Professional Edition",
   already_perpetual_plus: "You already have a perpetual Professional Edition, can't upgrade",
   confirm: "Confirm",
+  not_effective: "Not effective?",
+  learn_more: "More privileges",
 };

packages/ui/certd-client/src/locales/langs/zh-CN/authentication.ts

@@ -57,6 +57,7 @@ export default {
   passwordPlaceholder: "请输入密码",
   mobilePlaceholder: "请输入手机号",
   loginButton: "登录",
+  bindButton: "绑定账号",
   forgotPassword: "忘记密码？",
   forgotAdminPassword: "忘记管理员密码？",
   registerLink: "注册",

packages/ui/certd-client/src/locales/langs/zh-CN/certd.ts

@@ -604,7 +604,7 @@ export default {
   limitUserPipelineCountHelper: "0为不限制",
   enableSelfRegistration: "开启自助注册",
   enableUserValidityPeriod: "开启用户有效期",
-  userValidityPeriodHelper: "有效期内用户可正常使用，失效后流水线将被停用",
+  userValidityPeriodHelper: "有效期内用户可正常使用，失效后用户的流水线将被停用",
   enableUsernameRegistration: "开启用户名注册",
   enableEmailRegistration: "开启邮箱注册",
   proFeature: "专业版功能",
@@ -761,6 +761,13 @@ export default {
       fixedCertExpireDays: "固定证书有效期天数",
       fixedCertExpireDaysHelper: "固定证书有效期天数，有助于列表进度条整齐显示",
       fixedCertExpireDaysRecommend: "推荐90",
+
+      enableOauth: "启用第三方登录",
+      oauthEnabledHelper: "是否启用第三方登录",
+      oauthProviders: "第三方登录提供商",
+      oauthType: "第三方登录类型",
+      oauthConfig: "第三方登录配置",
+      oauthProviderSelectorPlaceholder: "请选择第三方登录提供商",
     },
   },
   modal: {

packages/ui/certd-client/src/locales/langs/zh-CN/vip.ts

@@ -97,4 +97,6 @@ export default {
   already_comm: "已经是商业版了，不能降级为专业版",
   already_perpetual_plus: "您已经是永久专业版了，无法继续升级",
   confirm: "确认",
+  not_effective: "VIP没有生效?",
+  learn_more: "更多特权(加VIP群等)",
 };

packages/ui/certd-client/src/router/source/outside.ts

@@ -32,6 +32,14 @@ export const outsideResource = [
         path: "/forgotPassword",
         component: "/framework/forgot-password/index.vue",
       },
+      {
+        meta: {
+          title: "第三方登录回调",
+        },
+        name: "oauthCallback",
+        path: "/oauth/callback/:type",
+        component: "/framework/oauth/oauth-callback.vue",
+      },
     ],
   },
   ...errorPage,

packages/ui/certd-client/src/store/settings/api.basic.ts

@@ -59,6 +59,17 @@ export type SysPublicSetting = {
 
   // 固定证书有效期天数，0表示不固定
   fixedCertExpireDays?: number;
+
+  // 第三方OAuth配置
+  oauthEnabled?: boolean;
+  oauthProviders?: Record<
+    string,
+    {
+      type: string;
+      title: string;
+      addonId: number;
+    }
+  >;
 };
 export type SuiteSetting = {
   enabled?: boolean;

packages/ui/certd-client/src/vben/layouts/widgets/check-updates/check-updates.vue

@@ -117,7 +117,6 @@ onUnmounted(() => {
     :confirm-text="$t('common.refresh')"
     :fullscreen-button="false"
     :title="$t('ui.widgets.checkUpdatesTitle')"
-    centered
     content-class="px-8 min-h-10"
     footer-class="border-none mb-3 mr-3"
     header-class="border-none"

packages/ui/certd-client/src/vben/layouts/widgets/user-dropdown/user-dropdown.vue

@@ -156,7 +156,6 @@ if (enableShortcutKey.value) {
     :confirm-text="$t('common.confirm')"
     :fullscreen-button="false"
     :title="$t('common.prompt')"
-    centered
     content-class="px-8 min-h-10"
     footer-class="border-none mb-3 mr-3"
     header-class="border-none"

packages/ui/certd-client/src/views/certd/addon/addon-selector/index.vue

@@ -82,6 +82,7 @@ function createCrudOptionsWithApi(opts: any) {
   opts.context = {
     api,
     addonType: props.addonType,
+    type: props.type,
   };
   return createCrudOptions(opts);
 }

packages/ui/certd-client/src/views/certd/addon/api.ts

@@ -1,7 +1,8 @@
 import { request } from "/src/api/service";
 import { RequestHandleReq } from "/@/components/plugins/lib";
+import { AddonTypeDefines } from "./types";
 
-export function createAddonApi(opts: { from: any; addonType: string }) {
+export function createAddonApi(opts: { from: any; addonType: string } = { from: "user", addonType: "" }) {
   let apiPrefix = "/addon";
   if (opts.from === "sys") {
     apiPrefix = "/sys/addon";
@@ -128,15 +129,6 @@ export function createAddonApi(opts: { from: any; addonType: string }) {
   };
 }
 
-export const AddonTypeDefines = {
-  captcha: {
-    name: "captcha",
-    title: "验证码",
-    showDefault: false,
-    showTest: false,
-  },
-};
-
 export function getAddonTypeDefine(addonType: string) {
   return AddonTypeDefines[addonType];
 }

packages/ui/certd-client/src/views/certd/addon/common.tsx

@@ -110,7 +110,8 @@ export function getCommonColumnDefine(crudExpose: any, typeRef: any, api: any, a
       type: "dict-select",
       dict: addonTypeDictRef,
       search: {
-        show: false,
+        show: true,
+        valueChange: null,
       },
       column: {
         width: 200,

packages/ui/certd-client/src/views/certd/addon/crud.tsx

@@ -5,7 +5,12 @@ import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, EditReq,
 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
   const api = context.api;
   const addonType = context.addonType;
+  const type = context.type;
   const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
+    if (query.query?.body) {
+      delete query.query.body;
+    }
+
     return await api.GetList(query);
   };
   const editRequest = async (req: EditReq) => {
@@ -44,6 +49,12 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           },
         },
       },
+      addForm: {
+        initialForm: {
+          addonType: addonType,
+          type: type,
+        },
+      },
       rowHandle: {
         width: 200,
       },

packages/ui/certd-client/src/views/certd/addon/index.vue

@@ -20,7 +20,7 @@ import { addonProvide } from "/@/views/certd/addon/common";
 export default defineComponent({
   name: "AddonManager",
   setup() {
-    const api = createAddonApi();
+    const api = createAddonApi({ from: "user", addonType: "" });
     addonProvide(api);
     const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });
 

packages/ui/certd-client/src/views/certd/addon/types.ts

@@ -0,0 +1,15 @@
+export interface AddonTypeDefine {
+  name: string;
+  title: string;
+  showDefault: boolean;
+  showTest: boolean;
+}
+
+export const AddonTypeDefines: Record<string, AddonTypeDefine> = {
+  captcha: {
+    name: "captcha",
+    title: "验证码",
+    showDefault: false,
+    showTest: false,
+  },
+};

packages/ui/certd-client/src/views/certd/cert/domain/crud.tsx

@@ -184,7 +184,8 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
               name: "AccessSelector",
               vModel: "modelValue",
               type: compute(({ form }) => {
-                return form.dnsProviderType;
+                const type = form.dnsProviderType || "aliyun";
+                return dnsProviderTypeDict?.dataMap[type]?.accessType;
               }),
             },
             show: compute(({ form }) => {

packages/ui/certd-client/src/views/certd/mine/api.ts

@@ -22,3 +22,36 @@ export async function UpdateProfile(form: any) {
     data: form,
   });
 }
+
+export async function GetOauthBounds() {
+  return await request({
+    url: "/oauth/bounds",
+    method: "POST",
+  });
+}
+
+export async function GetOauthProviders() {
+  return await request({
+    url: "/oauth/providers",
+    method: "POST",
+  });
+}
+
+export async function UnbindOauth(type: string) {
+  return await request({
+    url: "/oauth/unbind",
+    method: "POST",
+    data: { type },
+  });
+}
+
+export async function OauthBoundUrl(type: string) {
+  return await request({
+    url: "/oauth/login",
+    method: "POST",
+    data: {
+      type,
+      forType: "bind",
+    },
+  });
+}

packages/ui/certd-client/src/views/certd/mine/user-profile.vue

@@ -15,7 +15,14 @@
         </a-descriptions-item>
         <a-descriptions-item :label="t('authentication.email')">{{ userInfo.email }}</a-descriptions-item>
         <a-descriptions-item :label="t('authentication.phoneNumber')">{{ userInfo.phoneCode }}{{ userInfo.mobile }}</a-descriptions-item>
-        <a-descriptions-item></a-descriptions-item>
+        <a-descriptions-item v-if="settingStore.sysPublic.oauthEnabled && settingStore.isPlus" label="第三方账号绑定">
+          <div v-for="item in computedOauthBounds" :key="item.name" class="flex items-center gap-2">
+            <fs-icon :icon="item.icon" class="mr-2 text-blue-500" />
+            <span class="mr-2 w-36">{{ item.title }}</span>
+            <a-button v-if="item.bound" type="link" danger @click="unbind(item.name)">解绑</a-button>
+            <a-button v-else type="primary" @click="bind(item.name)">绑定</a-button>
+          </div>
+        </a-descriptions-item>
         <a-descriptions-item :label="t('common.handle')">
           <a-button type="primary" @click="doUpdate">{{ t("authentication.updateProfile") }}</a-button>
           <change-password-button class="ml-10" :show-button="true"> </change-password-button>
@@ -27,10 +34,12 @@
 
 <script lang="ts" setup>
 import * as api from "./api";
-import { Ref, ref } from "vue";
+import { computed, onMounted, Ref, ref } from "vue";
 import ChangePasswordButton from "/@/views/certd/mine/change-password-button.vue";
 import { useI18n } from "/src/locales";
 import { useUserProfile } from "./use";
+import { Modal } from "ant-design-vue";
+import { useSettingStore } from "/@/store/settings";
 
 const { t } = useI18n();
 
@@ -38,13 +47,13 @@ defineOptions({
   name: "UserProfile",
 });
 
+const settingStore = useSettingStore();
+
 const userInfo: Ref = ref({});
 
 const getUserInfo = async () => {
   userInfo.value = await api.getMineInfo();
 };
-getUserInfo();
-
 const { openEditProfileDialog } = useUserProfile();
 
 function doUpdate() {
@@ -54,4 +63,51 @@ function doUpdate() {
     },
   });
 }
+
+const oauthBounds = ref([]);
+const oauthProviders = ref([]);
+async function loadOauthBounds() {
+  const res = await api.GetOauthBounds();
+  oauthBounds.value = res;
+}
+async function loadOauthProviders() {
+  const res = await api.GetOauthProviders();
+  oauthProviders.value = res;
+}
+
+const computedOauthBounds = computed(() => {
+  const list = oauthProviders.value.map(item => {
+    const bound = oauthBounds.value.find(bound => bound.type === item.name);
+    return {
+      ...item,
+      bound,
+    };
+  });
+  return list;
+});
+
+async function unbind(type: string) {
+  Modal.confirm({
+    title: "确认解绑吗？",
+    okText: "确认",
+    okType: "danger",
+    onOk: async () => {
+      await api.UnbindOauth(type);
+      await loadOauthBounds();
+    },
+  });
+}
+
+async function bind(type: string) {
+  //获取第三方登录URL
+  const res = await api.OauthBoundUrl(type);
+  const loginUrl = res.loginUrl;
+  window.location.href = loginUrl;
+}
+
+onMounted(async () => {
+  await getUserInfo();
+  await loadOauthBounds();
+  await loadOauthProviders();
+});
 </script>

packages/ui/certd-client/src/views/certd/monitor/site/crud.tsx

@@ -555,10 +555,11 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
           search: {
             show: false,
           },
-          type: "text",
+          type: "textarea",
           column: {
             width: 200,
             sorter: true,
+            ellipsis: true,
             cellRender({ value }) {
               return <a-tooltip title={value}>{value}</a-tooltip>;
             },

packages/ui/certd-client/src/views/certd/monitor/site/ip/crud.tsx

@@ -350,6 +350,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
             show: false,
           },
           column: {
+            ellipsis: true,
             width: 200,
             sorter: true,
             tooltip: true,

packages/ui/certd-client/src/views/certd/pipeline/api.ts

@@ -62,7 +62,7 @@ export async function GetDetail(id: any) {
   });
 }
 
-export async function Save(pipelineEntity: any) {
+export async function Save(pipelineEntity: any): Promise<{ id: number; version: number }> {
   return await request({
     url: apiPrefix + "/save",
     method: "post",

packages/ui/certd-client/src/views/certd/pipeline/cert-upload/use.tsx

@@ -204,7 +204,7 @@ export function useCertUpload() {
                 notifications,
               };
 
-              const id = await api.Save({
+              const { id } = await api.Save({
                 title: pipeline.title,
                 content: JSON.stringify(pipeline),
                 keepHistoryCount: 30,

packages/ui/certd-client/src/views/certd/pipeline/certd-form/use.tsx

@@ -367,7 +367,7 @@ export function useCertPipelineCreator() {
 
       pipeline = setRunnableIds(pipeline);
       const groupId = form.groupId;
-      const id = await api.Save({
+      const { id } = await api.Save({
         title: pipeline.title,
         content: JSON.stringify(pipeline),
         keepHistoryCount: 30,

packages/ui/certd-client/src/views/certd/pipeline/detail.vue

@@ -20,8 +20,8 @@ defineOptions({
   name: "PipelineDetail",
 });
 const route = useRoute();
-const pipelineId: Ref = ref(route.query.id);
-const historyId = ref(route.query.historyId as string);
+const pipelineId: Ref = ref(parseInt((route.query.id as string) || "0"));
+const historyId: Ref = ref(parseInt((route.query.historyId as string) || "0"));
 const pluginStore = usePluginStore();
 const pipelineOptions: PipelineOptions = {
   async getPipelineDetail({ pipelineId }) {

packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue

@@ -327,11 +327,11 @@ export default defineComponent({
   },
   props: {
     pipelineId: {
-      type: [Number, String],
+      type: Number,
       default: 0,
     },
     historyId: {
-      type: [Number, String],
+      type: Number,
       default: 0,
     },
     editMode: {
@@ -348,6 +348,7 @@ export default defineComponent({
   emits: ["update:modelValue", "update:editMode"],
   setup(props, ctx) {
     const { t } = useI18n();
+    //右侧选中的pipeline
     const currentPipeline: Ref<any> = ref({});
     const pipeline: Ref<any> = ref({});
     const pipelineEntity: Ref<any> = ref({});
@@ -399,7 +400,7 @@ export default defineComponent({
       currentPipeline.value = currentHistory.value.pipeline;
     };
 
-    async function loadHistoryList(reload = false) {
+    async function loadHistoryList(reload = false, historyId: number) {
       if (props.editMode) {
         return;
       }
@@ -416,11 +417,11 @@ export default defineComponent({
       histories.value = historyList;
 
       if (historyList.length > 0) {
-        //@ts-ignore
-        if (props.historyId > 0) {
-          const found = historyList.find(item => {
+        if (historyId > 0) {
+          //如果传递了history，优先显示历史记录作为当前
+          const found = histories.value.find(item => {
             //字符串==int
-            return item.id == props.historyId;
+            return item.id == historyId;
           });
           if (found) {
             await changeCurrentHistory(found);
@@ -428,7 +429,8 @@ export default defineComponent({
           }
         }
         //@ts-ignore
-        if (historyList[0]?.version === pipeline.value.version) {
+        if (historyList[0]?.version === pipeline.value?.version) {
+          //如果当前的流水线版本与历史记录最后一条一致，则将该记录设置为current
           await changeCurrentHistory(historyList[0]);
         }
       }
@@ -482,7 +484,7 @@ export default defineComponent({
         if (editMode) {
           changeCurrentHistory();
         } else if (histories.value.length > 0) {
-          if (histories.value[0].pipeline.version === pipeline.value.version) {
+          if (histories.value[0].pipeline?.version === pipeline.value?.version) {
             changeCurrentHistory(histories.value[0]);
           }
         }
@@ -508,7 +510,7 @@ export default defineComponent({
           detail.pipeline
         );
         pipeline.value = currentPipeline.value;
-        await loadHistoryList(true);
+        await loadHistoryList(true, props.historyId);
       },
       {
         immediate: true,
@@ -740,7 +742,11 @@ export default defineComponent({
             //@ts-ignore
             await changeCurrentHistory(null);
             if (histories.value.length > 0) {
-              pipeline.value = histories.value[0].pipeline;
+              //看是不是最新的pipeline版本
+              if (pipeline.value?.version !== histories.value[0].pipeline?.version) {
+                const detail: PipelineDetail = await props.options.getPipelineDetail({ pipelineId: pipeline.value.id });
+                pipeline.value = detail.pipeline;
+              }
             }
 
             await props.options.doTrigger({ pipelineId: pipeline.value.id, stepId: stepId });

packages/ui/certd-client/src/views/certd/pipeline/pipeline/type.ts

@@ -16,7 +16,7 @@ export type RunHistory = {
 
 export type PipelineOptions = {
   doTrigger(options: { pipelineId: number; stepId?: string }): Promise<void>;
-  doSave(pipelineConfig: Pipeline): Promise<void>;
+  doSave(pipelineConfig: Pipeline): Promise<{ id: number; version: number }>;
   getPipelineDetail(query: { pipelineId: number }): Promise<PipelineDetail>;
   getHistoryList(query: { pipelineId: number }): Promise<RunHistory[]>;
   getHistoryDetail(query: { historyId: number }): Promise<RunHistory>;

packages/ui/certd-client/src/views/framework/login/index.vue

@@ -7,14 +7,14 @@
           <template v-if="formState.loginType === 'password'">
             <!--      <div class="login-title">登录</div>-->
             <a-form-item required has-feedback name="username" :rules="rules.username">
-              <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off">
+              <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off" @keydown.enter="handleFinish">
                 <template #prefix>
                   <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
                 </template>
               </a-input>
             </a-form-item>
             <a-form-item has-feedback name="password" :rules="rules.password">
-              <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off">
+              <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off" @keyup.enter="handleFinish">
                 <template #prefix>
                   <fs-icon icon="ion:lock-closed-outline"></fs-icon>
                 </template>
@@ -22,7 +22,7 @@
             </a-form-item>
 
             <a-form-item v-if="settingStore.sysPublic.captchaEnabled" has-feedback required name="captcha" :rules="rules.captcha">
-              <CaptchaInput v-model:model-value="formState.captcha"></CaptchaInput>
+              <CaptchaInput v-model:model-value="formState.captcha" @keydown.enter="handleFinish"></CaptchaInput>
             </a-form-item>
           </template>
         </a-tab-pane>
@@ -37,7 +37,7 @@
             </a-form-item>
 
             <a-form-item has-feedback name="smsCaptcha">
-              <CaptchaInput v-model:model-value="formState.smsCaptcha"></CaptchaInput>
+              <CaptchaInput v-model:model-value="formState.smsCaptcha" @keydown.enter="handleFinish"></CaptchaInput>
             </a-form-item>
 
             <a-form-item name="smsCode" :rules="rules.smsCode">
@@ -48,24 +48,26 @@
       </a-tabs>
       <a-form-item>
         <a-button type="primary" size="large" html-type="button" :loading="loading" class="login-button" @click="handleFinish">
-          {{ t("authentication.loginButton") }}
+          {{ queryBindCode ? t("authentication.bindButton") : t("authentication.loginButton") }}
         </a-button>
 
-        <div v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled" class="mt-2">
-          <router-link :to="{ name: 'forgotPassword' }">
-            {{ t("authentication.forgotPassword") }}
-          </router-link>
-        </div>
-      </a-form-item>
+        <div class="mt-2 flex justify-between items-center">
+          <div class="flex items-center gap-2">
+            <language-toggle class="text-blue-500"></language-toggle>
+            <router-link v-if="!!settingStore.sysPublic.selfServicePasswordRetrievalEnabled && !queryBindCode" :to="{ name: 'forgotPassword' }">
+              {{ t("authentication.forgotPassword") }}
+            </router-link>
+          </div>
 
-      <a-form-item class="user-login-other">
-        <div class="flex flex-between justify-between items-center">
-          <language-toggle class="color-blue"></language-toggle>
-          <router-link v-if="hasRegisterTypeEnabled()" class="register" :to="{ name: 'register' }">
+          <router-link v-if="hasRegisterTypeEnabled() && !queryBindCode" class="register" :to="{ name: 'register' }">
             {{ t("authentication.registerLink") }}
           </router-link>
         </div>
       </a-form-item>
+
+      <div v-if="!queryBindCode && settingStore.sysPublic.oauthEnabled && settingStore.isPlus" class="w-full">
+        <oauth-footer></oauth-footer>
+      </div>
     </a-form>
     <a-form v-else ref="twoFactorFormRef" class="user-layout-login" :model="twoFactor" v-bind="layout">
       <div class="mb-10 flex flex-center">请打开您的Authenticator APP，获取动态验证码。</div>
@@ -80,7 +82,7 @@
         <loading-button type="primary" size="large" html-type="button" class="login-button" :click="handleTwoFactorSubmit">OTP验证登录</loading-button>
       </a-form-item>
 
-      <a-form-item class="user-login-other">
+      <a-form-item class="mt-10">
         <a class="register" @click="twoFactor.loginId = null"> 返回 </a>
       </a-form-item>
     </a-form>
@@ -96,12 +98,18 @@ import { useI18n } from "/@/locales";
 import { LanguageToggle } from "/@/vben/layouts";
 import CaptchaInput from "/@/components/captcha/captcha-input.vue";
 import { useRoute } from "vue-router";
+import OauthFooter from "/@/views/framework/oauth/oauth-footer.vue";
+import * as oauthApi from "../oauth/api";
+import { notification } from "ant-design-vue";
 export default defineComponent({
   name: "LoginPage",
-  components: { LanguageToggle, SmsCode, CaptchaInput },
+  components: { LanguageToggle, SmsCode, CaptchaInput, OauthFooter },
   setup() {
     const { t } = useI18n();
     const route = useRoute();
+
+    const queryBindCode = ref(route.query.bindCode as string | undefined);
+
     const urlLoginType = route.query.loginType as string | undefined;
     const verifyCodeInputRef = ref();
     const loading = ref(false);
@@ -160,6 +168,13 @@ export default defineComponent({
       },
     };
 
+    async function afterLoginSuccess() {
+      if (queryBindCode.value) {
+        await oauthApi.BindUser(queryBindCode.value);
+        notification.success({ message: "绑定第三方账号成功" });
+      }
+    }
+
     const twoFactor = reactive({
       loginId: "",
       verifyCode: "",
@@ -167,9 +182,10 @@ export default defineComponent({
 
     const handleTwoFactorSubmit = async () => {
       await userStore.loginByTwoFactor(twoFactor);
+      afterLoginSuccess();
     };
 
-    const handleFinish = async (values: any) => {
+    const handleFinish = async () => {
       loading.value = true;
       try {
         // formState.captcha = await doCaptchaValidate();
@@ -178,6 +194,7 @@ export default defineComponent({
         // }
         const loginType = formState.loginType;
         await userStore.login(loginType, toRaw(formState));
+        afterLoginSuccess();
       } catch (e: any) {
         //@ts-ignore
         if (e.code === 10020) {
@@ -233,6 +250,7 @@ export default defineComponent({
       settingStore,
       captchaInputRef,
       captchaInputForSmsCode,
+      queryBindCode,
     };
   },
 });

packages/ui/certd-client/src/views/framework/oauth/api.ts

@@ -0,0 +1,53 @@
+import { request } from "/src/api/service";
+
+const apiPrefix = "/oauth";
+
+export async function OauthLogin(type: string, forType?: string) {
+  return await request({
+    url: apiPrefix + `/login`,
+    method: "post",
+    data: {
+      type,
+      forType: forType || "login",
+    },
+  });
+}
+
+export async function OauthToken(type: string, validationCode: string) {
+  return await request({
+    url: apiPrefix + `/token`,
+    method: "post",
+    data: {
+      type,
+      validationCode,
+    },
+  });
+}
+
+export async function AutoRegister(type: string, code: string) {
+  return await request({
+    url: apiPrefix + `/autoRegister`,
+    method: "post",
+    data: {
+      validationCode: code,
+      type,
+    },
+  });
+}
+
+export async function BindUser(code: string) {
+  return await request({
+    url: apiPrefix + `/bind`,
+    method: "post",
+    data: {
+      validationCode: code,
+    },
+  });
+}
+
+export async function GetOauthProviders() {
+  return await request({
+    url: apiPrefix + "/providers",
+    method: "post",
+  });
+}

packages/ui/certd-client/src/views/framework/oauth/oauth-callback.vue

@@ -0,0 +1,127 @@
+<template>
+  <div class="oauth-callback-page">
+    <div class="oauth-callback-content">
+      <div v-if="!bindRequired" class="oauth-callback-title">
+        <span v-if="!error">登录中...</span>
+        <span v-else>{{ error }}</span>
+      </div>
+      <div v-else class="oauth-callback-title mt-10">
+        <div>第三方（{{ oauthType }}）登录成功，您还未绑定账号，请选择</div>
+
+        <div class="mt-10">
+          <a-button class="w-full mt-10" type="primary" @click="goBindUser">绑定已有账号</a-button>
+          <a-button v-if="settingStore.sysPublic.registerEnabled" class="w-full mt-10" type="primary" @click="autoRegister">创建新账号</a-button>
+        </div>
+
+        <div class="w-full mt-10">
+          <router-link to="/login" class="w-full mt-10" type="primary">返回登录页</router-link>
+        </div>
+      </div>
+    </div>
+  </div>
+</template>
+
+<script setup lang="ts">
+import { ref, onMounted } from "vue";
+import * as api from "./api";
+import { useRoute, useRouter } from "vue-router";
+import { useUserStore } from "/@/store/user";
+import { notification } from "ant-design-vue";
+import { useSettingStore } from "/@/store/settings";
+
+const route = useRoute();
+const router = useRouter();
+const settingStore = useSettingStore();
+const oauthType = route.params.type as string;
+const validationCode = route.query.validationCode as string;
+const forType = route.query.forType as string;
+const error = ref(route.query.error as string);
+const userStore = useUserStore();
+
+const bindRequired = ref(false);
+const bindCode = ref("");
+
+async function handleOauthToken() {
+  //处理第三方登录回调
+  const res = await api.OauthToken(oauthType, validationCode);
+  if (res.token) {
+    //登录成功
+    userStore.onLoginSuccess(res);
+    //跳转到首页
+    router.replace("/");
+    return;
+  }
+  if (res.bindRequired) {
+    //需要绑定
+    bindRequired.value = true;
+    bindCode.value = res.validationCode;
+  }
+}
+
+onMounted(async () => {
+  if (error.value) {
+    return;
+  }
+
+  if (forType === "bind") {
+    //绑定第三方账号
+    await api.BindUser(validationCode);
+    notification.success({
+      message: "绑定成功",
+    });
+    //跳转到首页
+    router.replace("/certd/mine/user-profile");
+    return;
+  }
+
+  await handleOauthToken();
+});
+
+async function goBindUser() {
+  //绑定已有账号
+  router.replace({
+    path: "/login",
+    query: {
+      bindCode: bindCode.value,
+    },
+  });
+}
+
+async function autoRegister() {
+  //自动注册账号
+  const res = await api.AutoRegister(oauthType, bindCode.value);
+  //登录成功
+  userStore.onLoginSuccess(res);
+  //跳转到首页
+  router.replace("/");
+}
+</script>
+<style lang="less">
+.oauth-callback-page {
+  display: flex;
+  justify-content: center;
+  align-items: center;
+  gap: 16px;
+  width: 100%;
+  .oauth-callback-content {
+    display: flex;
+    justify-content: center;
+    align-items: center;
+    gap: 16px;
+    padding: 16px;
+    border-radius: 16px;
+    box-shadow: 0 0 16px rgba(0, 0, 0, 0.1);
+    width: 500px;
+    max-width: 90%;
+    margin: 0 auto;
+    margin-top: 50px;
+    margin-bottom: 100px;
+    min-height: 200px;
+
+    .oauth-callback-title {
+      font-size: 16px;
+      font-weight: 500;
+    }
+  }
+}
+</style>

packages/ui/certd-client/src/views/framework/oauth/oauth-footer.vue

@@ -0,0 +1,85 @@
+<template>
+  <div class="oauth-footer relative">
+    <div class="oauth-title">
+      <div class="oauth-title-text">其他方式登录</div>
+    </div>
+    <div v-for="item in oauthList" :key="item.type">
+      <div class="oauth-icon-button pointer" @click="goOauthLogin(item.name)">
+        <div><fs-icon :icon="item.icon" class="text-blue-600 text-40" /></div>
+        <div>{{ item.title }}</div>
+      </div>
+    </div>
+  </div>
+</template>
+<script setup lang="ts">
+import { onMounted, ref } from "vue";
+import * as api from "./api";
+
+const oauthList = ref([]);
+
+onMounted(async () => {
+  oauthList.value = await api.GetOauthProviders();
+});
+
+async function goOauthLogin(type: string) {
+  //获取第三方登录URL
+  const res = await api.OauthLogin(type);
+  const loginUrl = res.loginUrl;
+  window.location.href = loginUrl;
+}
+</script>
+<style lang="less">
+.oauth-footer {
+  width: 100%;
+  display: flex;
+  flex-direction: column;
+  justify-content: center;
+  align-items: center;
+  gap: 16px;
+
+  .oauth-title {
+    width: 100%;
+    font-size: 14px;
+    font-weight: 500;
+    color: #8c8c8c;
+    position: relative;
+    .oauth-title-text {
+      position: relative;
+      z-index: 1;
+      text-align: center;
+      &::after {
+        content: "";
+        position: absolute;
+        top: 50%;
+        left: 0;
+        width: 36%;
+        height: 0.5px;
+        background-color: #8c8c8c;
+      }
+      &::before {
+        content: "";
+        position: absolute;
+        top: 50%;
+        right: 0;
+        width: 36%;
+        height: 0.5px;
+        background-color: #8c8c8c;
+      }
+    }
+  }
+
+  .oauth-icon-button {
+    display: flex;
+    flex-direction: column;
+    justify-content: center;
+    align-items: center;
+    gap: 8px;
+    padding: 8px 8px;
+    border-radius: 100px;
+    .fs-icon {
+      font-size: 36px;
+      color: #006be6 !important;
+    }
+  }
+}
+</style>

packages/ui/certd-client/src/views/sys/account/index.vue

@@ -31,7 +31,8 @@ const iframeSrcRef = computed(() => {
   if (!settingStore.installInfo.accountServerBaseUrl) {
     return "#/app/certd/home";
   }
-  return `${settingStore.installInfo.accountServerBaseUrl}/#/app/certd/home`;
+  const timestamp = Date.now();
+  return `${settingStore.installInfo.accountServerBaseUrl}/#/app/certd/home?t=${timestamp}`;
 });
 
 type SubjectInfo = {

packages/ui/certd-client/src/views/sys/settings/api.ts

@@ -111,3 +111,10 @@ export async function GetSmsTypeDefine(type: string) {
     },
   });
 }
+
+export async function GetOauthProviders() {
+  return await request({
+    url: apiPrefix + "/oauth/providers",
+    method: "post",
+  });
+}

packages/ui/certd-client/src/views/sys/settings/index.vue

@@ -66,7 +66,7 @@ function onChange(value: string) {
 <style lang="less">
 .page-sys-settings {
   .sys-settings-form {
-    width: 800px;
+    width: 900px;
     max-width: 100%;
     padding: 20px;
   }

packages/ui/certd-client/src/views/sys/settings/tabs/register.vue

@@ -56,6 +56,38 @@
         </template>
       </template>
 
+      <a-form-item :label="t('certd.sys.setting.enableOauth')" :name="['public', 'oauthEnabled']">
+        <div class="flex-o">
+          <a-switch v-model:checked="formState.public.oauthEnabled" :disabled="!settingsStore.isPlus" :title="t('certd.plusFeature')" />
+          <vip-button class="ml-5" mode="button"></vip-button>
+        </div>
+      </a-form-item>
+      <a-form-item v-if="formState.public.oauthEnabled" :label="t('certd.sys.setting.oauthProviders')" :name="['public', 'oauthProviders']">
+        <div class="flex flex-wrap">
+          <table class="w-full table-auto border-collapse border border-gray-400">
+            <thead>
+              <tr>
+                <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthType") }}</th>
+                <th class="border border-gray-300 px-4 py-2 w-1/2">{{ t("certd.sys.setting.oauthConfig") }}</th>
+              </tr>
+            </thead>
+            <tbody>
+              <tr v-for="(item, key) of oauthProviders" :key="key">
+                <td class="border border-gray-300 px-4 py-2">
+                  <div class="flex items-center" :title="item.desc">
+                    <fs-icon :icon="item.icon" class="mr-2 text-blue-600" />
+                    {{ item.title }}
+                  </div>
+                </td>
+                <td class="border border-gray-300 px-4 py-2">
+                  <AddonSelector v-model:model-value="item.addonId" addon-type="oauth" from="sys" :type="item.name" :placeholder="t('certd.sys.setting.oauthProviderSelectorPlaceholder')" />
+                </td>
+              </tr>
+            </tbody>
+          </table>
+        </div>
+      </a-form-item>
+
       <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
         <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
       </a-form-item>
@@ -64,14 +96,14 @@
 </template>
 
 <script setup lang="tsx">
-import { reactive, ref, Ref } from "vue";
+import { computed, reactive, ref, Ref } from "vue";
 import { GetSmsTypeDefine, SysSettings } from "/@/views/sys/settings/api";
 import * as api from "/@/views/sys/settings/api";
 import { merge } from "lodash-es";
 import { useSettingStore } from "/@/store/settings";
 import { notification } from "ant-design-vue";
 import { useI18n } from "/src/locales";
-
+import AddonSelector from "../../../certd/addon/addon-selector/index.vue";
 const { t } = useI18n();
 
 defineOptions({
@@ -158,6 +190,34 @@ async function loadTypeDefine(type: string) {
   smsTypeDefineInputs.value = inputs;
 }
 
+const oauthProviders = ref([]);
+async function loadOauthProviders() {
+  let list: any = await api.GetOauthProviders();
+  oauthProviders.value = list;
+  for (const item of list) {
+    const type = item.name;
+    const provider = formState.public.oauthProviders?.[type];
+    if (provider) {
+      item.addonId = provider.addonId;
+    }
+  }
+}
+
+function fillOauthProviders(form: any) {
+  const providers: any = {};
+  for (const item of oauthProviders.value) {
+    const type = item.name;
+    providers[type] = {
+      type: type,
+      title: item.title,
+      icon: item.icon,
+      addonId: item.addonId || null,
+    };
+  }
+  form.public.oauthProviders = providers;
+  return providers;
+}
+
 async function loadSysSettings() {
   const data: any = await api.SysSettingsGet();
   merge(formState, data);
@@ -172,6 +232,7 @@ async function loadSysSettings() {
   if (!settingsStore.isComm) {
     formState.public.smsLoginEnabled = false;
   }
+  await loadOauthProviders();
 }
 
 const saveLoading = ref(false);
@@ -180,6 +241,7 @@ const settingsStore = useSettingStore();
 const onFinish = async (form: any) => {
   try {
     saveLoading.value = true;
+    fillOauthProviders(form);
     await api.SysSettingsSave(form);
     await settingsStore.loadSysSettings();
     notification.success({

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,52 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.37.11](https://github.com/certd/certd/compare/v1.37.10...v1.37.11) (2025-11-28)
+
+### Bug Fixes
+
+* 修复阿里云 waf tlsVersion参数缺失导致部署失败的问题 ([2fabee6](https://github.com/certd/certd/commit/2fabee647acf64afe689f5bea3603028cd0ba4a2))
+* 修复域名管理无法创建tencent-eo dns授权的bug ([3406bb5](https://github.com/certd/certd/commit/3406bb5a4a56bb310cddc1a1f410c70909fd129b))
+
+### Performance Improvements
+
+* 优化天翼云cdn 等待5秒部署完成 ([53c88ad](https://github.com/certd/certd/commit/53c88ad5afe66a3f7c38b9b759747918913a4edc))
+* 支持oidc单点登录 ([ec75afb](https://github.com/certd/certd/commit/ec75afbc44139dbe9da534d8a8c08a5b91f86d3c))
+
+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Performance Improvements
+
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)
 
 ### Bug Fixes

packages/ui/certd-server/db/migration-mysql/v10034__oauth_bound.sql

@@ -0,0 +1,14 @@
+
+CREATE TABLE `cd_oauth_bound`
+(
+  `id`          bigint PRIMARY KEY AUTO_INCREMENT NOT NULL,
+  `user_id`     bigint      NOT NULL,
+  `type`        varchar(512) NOT NULL,
+  `open_id`     varchar(512) NOT NULL,
+  `create_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  `update_time` timestamp     NOT NULL DEFAULT CURRENT_TIMESTAMP
+);
+
+
+CREATE INDEX `index_oauth_bound_user_id` ON `cd_oauth_bound` (`user_id`);
+CREATE INDEX `index_oauth_bound_open_id` ON `cd_oauth_bound` (`open_id`);

packages/ui/certd-server/db/migration-pg/v10034__oauth_bound.sql

@@ -0,0 +1,14 @@
+
+CREATE TABLE "cd_oauth_bound"
+(
+  "id"          bigint PRIMARY KEY GENERATED BY DEFAULT AS IDENTITY NOT NULL,
+  "user_id"     bigint      NOT NULL,
+  "type"        varchar(512) NOT NULL,
+  "open_id"     varchar(512) NOT NULL,
+  "create_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time" timestamp     NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
+
+
+CREATE INDEX "index_oauth_bound_user_id" ON "cd_oauth_bound" ("user_id");
+CREATE INDEX "index_oauth_bound_open_id" ON "cd_oauth_bound" ("open_id");