v1.34.7

- 将系统设置参数注入移至 outputContext读取输入参数之后
-修复了某些情况下系统设置参数可能被覆盖的问题
- 优化了代码结构，提高了可读性和维护性

.github/workflows/build-image-for-test.yml

@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -43,7 +44,7 @@ jobs:
 #          cache: 'npm'
 #        working-directory: ./packages/ui/certd-client
       - run: |
-          npm install -g pnpm@8.15.7
+          npm install -g pnpm
           pnpm install
           npm run build
         working-directory: ./packages/ui/certd-client
@@ -61,19 +62,38 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
           username: ${{ secrets.dockerhub_username }}
           password: ${{ secrets.dockerhub_password }}
 
-      - name: Build default platforms
+#      - name: Build default platforms
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/amd64,linux/arm64
+#          push: true
+#          context: ./packages/ui/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
+#            greper/certd-dev:latest
+#            ghcr.io/${{ github.repository }}:dev-latest
+
+      - name: Build armv7
         uses: docker/build-push-action@v6
         with:
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/arm/v7
           push: true
           context: ./packages/ui/
           tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
-            greper/certd-dev:latest
-
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            greper/certd:armv7
+            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7

.github/workflows/build-image.yml

@@ -10,6 +10,7 @@ on:
 #    - cron: '17 19 * * *'
 permissions:
   contents: read
+  packages: write
 
 jobs:
   build-certd-image:
@@ -19,6 +20,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          lfs: true
 
       - name: get_certd_version
         id: get_certd_version
@@ -42,7 +44,7 @@ jobs:
 #          cache: 'npm'
 #        working-directory: ./packages/ui/certd-client
       - run: |
-          npm install -g pnpm@8.15.7
+          npm install -g pnpm
           pnpm install
           npm run build
         working-directory: ./packages/ui/certd-client
@@ -60,6 +62,13 @@ jobs:
           username: ${{ secrets.aliyun_cs_username }}
           password: ${{ secrets.aliyun_cs_password }}
 
+      - name: Login to GitHub Packages
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+  
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
@@ -77,7 +86,8 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}
             greper/certd:latest
             greper/certd:${{steps.get_certd_version.outputs.result}}
-
+            ghcr.io/${{ github.repository }}:latest
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}
       - name: Build armv7
         uses: docker/build-push-action@v6
         with:
@@ -89,15 +99,17 @@ jobs:
             registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
             greper/certd:armv7
             greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+            ghcr.io/${{ github.repository }}:armv7
+            ghcr.io/${{ github.repository }}:${{steps.get_certd_version.outputs.result}}-armv7
 
-      - name: Build agent
-        uses: docker/build-push-action@v6
-        with:
-          platforms: linux/amd64,linux/arm64
-          push: true
-          context: ./packages/ui/agent/
-          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
-            greper/certd-agent:latest
-            greper/certd-agent:${{steps.get_certd_version.outputs.result}}
+#      - name: Build agent
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/amd64,linux/arm64
+#          push: true
+#          context: ./packages/ui/agent/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:latest
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-agent:${{steps.get_certd_version.outputs.result}}
+#            greper/certd-agent:latest
+#            greper/certd-agent:${{steps.get_certd_version.outputs.result}}

.github/workflows/sync-to-gitee-dev.yml

@@ -16,6 +16,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          lfs: true
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.github/workflows/sync-to-gitee.yml

@@ -16,6 +16,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
+          lfs: true
       - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
         run: |
           git config --global user.name "xiaojunnuo"

.gitignore

@@ -17,11 +17,12 @@ gen
 /test/*.private.*
 
 /*.log
+nohup.out
 
 /packages/ui/*/.idea
 /packages/ui/*/node_modules
 /packages/*/node_modules
-/pnpm-lock.yaml
+#/pnpm-lock.yaml
 
 
 tsconfig.tsbuildinfo
@@ -29,3 +30,5 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
+
+test.js

.npmrc

@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true

CHANGELOG.md

@@ -3,6 +3,715 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/certd/certd/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+* 修复宝塔授权测试按钮显示错误的bug ([048696e](https://github.com/certd/certd/commit/048696ee9386491bb68592fb3a47d1c900bb68bf))
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+* 支持部署证书到unicloud ([a63d687](https://github.com/certd/certd/commit/a63d687f1c573159f0857693f37602b0e1e44072))
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+### Bug Fixes
+
+* 修复二次认证登录进入错误账号的bug ([e3930e0](https://github.com/certd/certd/commit/e3930e07172dd7903cb0f6ff26e0e3e828ba3e77))
+
+### Features
+
+* 从yaml文件注册插件 ([deb3893](https://github.com/certd/certd/commit/deb38938204b29543f36d3266249958faaaa6b66))
+
+### Performance Improvements
+
+* 优化cdnfly插件，支持自动匹配域名部署 ([afd59e9](https://github.com/certd/certd/commit/afd59e9933b2650f41c5d47684c171b93b962065))
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
+* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+* 修复token过期后，疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
+* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
+* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
+* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+### Performance Improvements
+
+* 添加部署证书至火山 Live ([abea80e](https://github.com/certd/certd/commit/abea80e3ab9b1672aebe1c5d5e856693b29931a8))
+* 优化首页插件列表展示 ([9b8f60b](https://github.com/certd/certd/commit/9b8f60b64b5f9a3db7dfa9b3dcbd9201984358d0))
+* 证书申请支持51dns ([8638fc9](https://github.com/certd/certd/commit/8638fc91ff34fccaf12ff9874fd3fa9d2a8c18b7))
+* 支持51dns ([96a0900](https://github.com/certd/certd/commit/96a0900edc95dcfd9acccf9d13592f12f5a09b3d))
+* ssh PTY模式登录设置 ([8385bcc](https://github.com/certd/certd/commit/8385bcc2d7f2411a07748bb5c53f9eaf4d38d7cc))
+* ssh伪终端模式优化，windows下不开启 ([42dfe93](https://github.com/certd/certd/commit/42dfe936b773b7bdd82ca3378363252ffffd7b71))
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+### Bug Fixes
+
+* 上传商用证书，直接粘贴文本报错的问题；修复无法上传ec加密证书的bug ([5750bb7](https://github.com/certd/certd/commit/5750bb706779da274d8e7a87e71416cb64d2df79))
+* 修复下载证书时提示token已过期的问题 ([0e07ae6](https://github.com/certd/certd/commit/0e07ae6ce84dcb9279d3c44060d621566afa593c))
+
+### Performance Improvements
+
+* 更新license时同时绑定url ([78367af](https://github.com/certd/certd/commit/78367af8307f801e778c76d49f0918c21ffe032f))
+* 切换到不同的分组后再打开创建对话框，会自动选择分组 ([893dcd4](https://github.com/certd/certd/commit/893dcd4f2487891199ed3e5a3d47a79a75efc942))
+* 新增部署到火山引擎ALB/CLB、上传到证书中心 ([c9a3e3d](https://github.com/certd/certd/commit/c9a3e3d9d26f964c7af7b56667936f1414fbf42a))
+* 优化/api缓存为0 ([dc05cd4](https://github.com/certd/certd/commit/dc05cd481f186b13375192be965000e6b4b429a5))
+* 优化华为cdn插件引用ccm证书 ([b565b4b](https://github.com/certd/certd/commit/b565b4b3b919b71b98ea2517670bc1ef00e00dc9))
+* 优化证书流水线创建，支持选择分组 ([d613aa8](https://github.com/certd/certd/commit/d613aa8f3e85d8dc475ef1b62d49394ce7fd7d24))
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+### Performance Improvements
+
+* 登录支持双重认证 ([48aef25](https://github.com/certd/certd/commit/48aef25b3f6499d674ca4e4ef16f4c62399fb735))
+* 多重认证登录 ([0f82cf4](https://github.com/certd/certd/commit/0f82cf409bc60706ab07e4ca4f272b9a1ca7eecb))
+* 优化部署到华为云CDN，支持先上传到ccm，再使用证书id部署，修复offline状态下导致部署报错的bug ([79df39a](https://github.com/certd/certd/commit/79df39acabab10ae7e1864dadcdc186bb007a3c5))
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+### Bug Fixes
+
+* 补充类型断言 ([2143dff](https://github.com/certd/certd/commit/2143dff2ae96e6a78bef9f0498e36f8cd9e6941f))
+* 修复腾讯云部署到任意资源插件，无法使用之前已上传的腾讯云证书问题 ([32c714d](https://github.com/certd/certd/commit/32c714d1b6e68c71a74a7452115040c87ac4bfdc))
+
+### Performance Improvements
+
+* 插件支持导入导出 ([cf8abb4](https://github.com/certd/certd/commit/cf8abb45282070c8ba91469f93fd379fabf1f74a))
+* 支持上传证书到华为云CCM ([cfd3b66](https://github.com/certd/certd/commit/cfd3b66be9ebf53a26693057e70ed60c3f116be9))
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+### Bug Fixes
+
+* 修复登录错误次数过多阻止再次登录逻辑 ([bf4d191](https://github.com/certd/certd/commit/bf4d191c8bd2f9209eb6768f662b9c77de99e998))
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+### Bug Fixes
+
+* 修复某些情况下无法输出日志的bug ([70101bf](https://github.com/certd/certd/commit/70101bfa7ade65678d9202c804bbae2cb808b594))
+
+### Performance Improvements
+
+* 修复内置插件分页查询逻辑 ([a2710dd](https://github.com/certd/certd/commit/a2710ddc2525e4e637fd157f0180e6d3b801c8be))
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+### Bug Fixes
+
+* 修复阿里云cdn证书部署失败问题，增加certname参数传入 ([965dc2c](https://github.com/certd/certd/commit/965dc2cb476f690af716f291c6b20ba98be0c8f0))
+* 修复ssh插件报length空指针的bug ([9c4cbe1](https://github.com/certd/certd/commit/9c4cbe17a22b548611cf1fbefecc83a421788e42))
+
+### Performance Improvements
+
+* 镜像支持armv7 ([f78cbed](https://github.com/certd/certd/commit/f78cbed4d817859721fdafe7d348864848d0dfbf))
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+### Bug Fixes
+
+* 升级mysql驱动，支持mysql8最新版本的认证 ([2f5ed3a](https://github.com/certd/certd/commit/2f5ed3aead97641f2c80d692a50226839016df0b))
+* 修复eab授权，没有email绑定的bug ([2f1683b](https://github.com/certd/certd/commit/2f1683b26acebbfb7d6e2d751435be04a4e7cab4))
+
+### Features
+
+* 支持在线自定义插件，无需源码开发 ([d0d9d68](https://github.com/certd/certd/commit/d0d9d68fe6740f6ff49fe40b7c9917c5a2e4b442))
+* **lego:** support set key type ([f3bf4fa](https://github.com/certd/certd/commit/f3bf4faee0be5bdbfdbcf70a502849ed4c8ed4c4))
+* release image to ghcr ([9b536af](https://github.com/certd/certd/commit/9b536af9e656dc89e2a87078c129cad6f591e467))
+
+### Performance Improvements
+
+* 修复tab页缓存问题 ([64e5449](https://github.com/certd/certd/commit/64e5449ab3c6b219b0e89eddad14bfb6b71a0650))
+* 隐藏运行策略选项 ([2951df0](https://github.com/certd/certd/commit/2951df0cd94c23e2efee84ff1b843055aac56cae))
+* 增加手动上传证书功能说明 ([5d083a1](https://github.com/certd/certd/commit/5d083a153637caddbc6f44e915d9fb2d1ae87b33))
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 创建cname记录移除域名两端的空格 ([903a413](https://github.com/certd/certd/commit/903a4131ab5f42c8286cd2150ed1032d486fda2f))
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/certd/certd/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/certd/certd/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/certd/certd/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+* 又拍云支持云存储 ([9339b78](https://github.com/certd/certd/commit/9339b78f801d193472c0af25749e8e7a27ffb7af))
+* 又拍云支持云存储 ([8449f85](https://github.com/certd/certd/commit/8449f8580da90c1f6b5d02d07c3236ebaf6cf161))
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Bug Fixes
+
+* 修复ssh支持键盘事件登录 ([8145808](https://github.com/certd/certd/commit/8145808c4370364377b4ffe3ae88ff465b49f20b))
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+*  tab增加图标显示 ([a03ae5a](https://github.com/certd/certd/commit/a03ae5a216a1df2c1d3da12ae18dcd0f089a92d3))
+* 升级lego版本到4.22.2 ([4e15556](https://github.com/certd/certd/commit/4e15556e5e8100719497edb1729570d5a29668e1))
+* 优化华为dns接口报错信息输出 ([bf30b7a](https://github.com/certd/certd/commit/bf30b7afaef623dd8126570344f1fcc2c06f1215))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Bug Fixes
+
+* 修复华为云dns接口请求出错的bug ([caa15b4](https://github.com/certd/certd/commit/caa15b47355363cbb8847f415ff12363cd53eeda))
+* 修复某些情况下站点证书监控报undefined.includes的错误 ([0b6618f](https://github.com/certd/certd/commit/0b6618ff709322a0eeba78953c8c6e9d073d083a))
+* 修复网站证书监控https port设置无效的bug ([cc8da0c](https://github.com/certd/certd/commit/cc8da0cf130f0c469371b59ac5bd04567f4a4414))
+
+### Performance Improvements
+
+* 站点监控保存时异步检查 ([993bc74](https://github.com/certd/certd/commit/993bc7432fce2d954e9897ed85b54f22150bfc7e))
+* dns支持火山引擎 ([99ff879](https://github.com/certd/certd/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Bug Fixes
+
+* 修复编辑通知勾选默认，导致出现多个默认通知的bug ([6cd7bdd](https://github.com/certd/certd/commit/6cd7bddc37da8b0d7b9860fd9a26ddfe84c869a7))
+* 修复网站监控无法设置端口的bug ([27a8a57](https://github.com/certd/certd/commit/27a8a57cf52b4bf83d628aa3049be1efaa74f29c))
+* 修复lego模式无法创建流水线的bug ([687bb8a](https://github.com/certd/certd/commit/687bb8a2376d0de7b72739a174e4a9560581f866))
+
+### Performance Improvements
+
+* 优化通知格式 ([c3c5006](https://github.com/certd/certd/commit/c3c5006daa39c20624cb58864f2b92b230a38a7a))
+* 优化scp上传 ([e51123a](https://github.com/certd/certd/commit/e51123a95131cc76d655937488caf08956a67020))
+* 优化txt本地校验效率 ([fd507f2](https://github.com/certd/certd/commit/fd507f269253607e68c5c099c99e0de11636f229))
+* 支持又拍云cdn ([fd0536b](https://github.com/certd/certd/commit/fd0536bd4b41f15b6b5d42e0b447f0dcbf73b8a8))
+* 支持又拍云cdn ([57389a7](https://github.com/certd/certd/commit/57389a79a1a61c45d081712562f8b33c9633158e))
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+### Performance Improvements
+
+* 增加服务器时间警告 ([d66ade4](https://github.com/certd/certd/commit/d66ade4e4783850b6c7625c6f164a5a0fc0aa509))
+* 支持部署到lucky ([e18e399](https://github.com/certd/certd/commit/e18e399ce6529e8c7e36b56c5f674cfdbbd3d3d1))
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+### Bug Fixes
+
+* 修复dns.la无法申请证书的bug ([90b045a](https://github.com/certd/certd/commit/90b045af6d1a4f46986e4b118885c1f050df067c))
+
+### Performance Improvements
+
+* 上传到主机支持scp方式 ([05b6159](https://github.com/certd/certd/commit/05b6159802b9e85b6a410361b60b5c28875b48e7))
+* 优化图标 ([c56f48c](https://github.com/certd/certd/commit/c56f48c1e3c54c4e203fafb380d9091d75681b7e))
+
+## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
+
+### Bug Fixes
+
+* 修复通知选择器无法选择的bug ([f7b88f9](https://github.com/certd/certd/commit/f7b88f9e3b7d9d9122e4fd2003a20c555bd50c7d))
+* 修复证书流水线创建失败的bug ([736fe03](https://github.com/certd/certd/commit/736fe038ebda56648bcc4c12884a700341d2c049))
+
+## [1.31.4](https://github.com/certd/certd/compare/v1.31.3...v1.31.4) (2025-03-21)
+
+### Bug Fixes
+
+* 修复站点监控通知通过webhook发送失败的bug ([9be1ecc](https://github.com/certd/certd/commit/9be1ecc8aab3ea23dd0dc2dab3688f4edb90ef2c))
+* 修复dns.la域名申请失败的bug ([1de8eee](https://github.com/certd/certd/commit/1de8eee6ea8307f3c11626af75303d3cc104bb95))
+
+### Performance Improvements
+
+* 宝塔支持doker站点证书部署 ([589a373](https://github.com/certd/certd/commit/589a373142ef7f50d64d3aa767a90b1f4b64da93))
+* 保存调整后的列宽 ([873f2b6](https://github.com/certd/certd/commit/873f2b618b9d7320045baf69d6da83afe48a780f))
+* 创建证书流水线时，支持更多参数展开 ([36aa7f8](https://github.com/certd/certd/commit/36aa7f82b078a053a102331b3c6f132fb9d492f9))
+* 流水线页面可以鼠标按住左右拖动 ([d85a02f](https://github.com/certd/certd/commit/d85a02feeb3183c5abd6c1ea790d5923a32d7271))
+* 流水线增加上传证书快捷方式 ([425bba6](https://github.com/certd/certd/commit/425bba67c539b734e2a85a83a4f9ecc9b2434fb4))
+* 手动上传证书部署流水线 ([fbb66f3](https://github.com/certd/certd/commit/fbb66f3c4389489aa8a43b194d82bc8cf391607b))
+* 优化选择任务时手机版展示效果 ([d01004d](https://github.com/certd/certd/commit/d01004d53071a75ac91ee21cc96bde9369f77ff3))
+* 站点监控，手动测试也发通知 ([729b19c](https://github.com/certd/certd/commit/729b19c8da60d5efb5baef7cf8df0518e7f6b471))
+* 站点证书监控支持模糊查询 ([0069c0e](https://github.com/certd/certd/commit/0069c0e3992946a8dd6410f299d4fc974ef0e76b))
+* 支持飞书通知 ([b82e1dc](https://github.com/certd/certd/commit/b82e1dcd6217b09a7d7e21cd648bb31de320cadf))
+* 支持手动上传证书并部署 ([a9fffa5](https://github.com/certd/certd/commit/a9fffa5180c83da27b35886aa2e858a92a2c5f94))
+
+## [1.31.3](https://github.com/certd/certd/compare/v1.31.2...v1.31.3) (2025-03-13)
+
+### Bug Fixes
+
+* 修复阿里云fc获取不到列表的bug ([474b337](https://github.com/certd/certd/commit/474b3372d8ce98e6d45900bf8046bc0b3f220686))
+
+### Performance Improvements
+
+* 1panel支持 apikey方式授权 ([170b2af](https://github.com/certd/certd/commit/170b2afb0e3b125e4ed057f633fe895b5ac3ac22))
+* 套餐支持3天7天等选项 ([0d71a8e](https://github.com/certd/certd/commit/0d71a8ee501a0e5bb69decf07e8729026e9d85bf))
+* 证书仓库增加有效期显示 ([be87124](https://github.com/certd/certd/commit/be87124ada7a093f281ca29a45c86b4ea4644ead))
+* 支持部署到天翼云CDN ([82a72e0](https://github.com/certd/certd/commit/82a72e0b497efa043d342ad0e33c083a2de79a05))
+* 支持dns.la ([ee8af18](https://github.com/certd/certd/commit/ee8af18d0ac0af82544d6dda1e4b4c678b733041))
+* cf授权支持配置http代理 ([27386ea](https://github.com/certd/certd/commit/27386ea04d3c1a5aebe3cfdd7ac48185eaa76629))
+
+## [1.31.2](https://github.com/certd/certd/compare/v1.31.1...v1.31.2) (2025-03-12)
+
+### Bug Fixes
+
+* 修复cname记录查找bug ([95fb4e3](https://github.com/certd/certd/commit/95fb4e3e8be6ca13cc43b451f6141d62190ba453))
+
+## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
+
+### Performance Improvements
+
+* 一些手机端适配优化 ([5b8d5dd](https://github.com/certd/certd/commit/5b8d5dd97536456a9d5d1384216eac1093b2dc3d))
+
+# [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
+
+### Bug Fixes
+
+* 修复CDN插件我爱云因更换接口导致部署失败的问题 ([5641c19](https://github.com/certd/certd/commit/5641c19502970f67af19709bddf8c781b1a25bdc))
+* 修复CDN插件我爱云因更换接口导致部署失败的问题 ([0110dfd](https://github.com/certd/certd/commit/0110dfdb70b12dfb0a7a067717f3773ed75aae7c))
+* 修复webhook headers value中带等号是解析错误的bug ([1fe3365](https://github.com/certd/certd/commit/1fe3365e10c464c4c60c82f424cf74fe35b883e0))
+* ProxmoxUploadCert 增加强制部署证书 ([441b15e](https://github.com/certd/certd/commit/441b15ed2fe5a143a5bd5508613b3816ddbff596))
+
+### Performance Improvements
+
+* 历史记录查看详情，可以切换到对应的历史记录日志上去 ([082802e](https://github.com/certd/certd/commit/082802e1197156837800f814728ee0f6b300b18c))
+* 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
+* 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
+* 是否允许爬虫爬取增加ui设置选项 ([779db9d](https://github.com/certd/certd/commit/779db9da705d2dfef36fec21f52bd38af9fc5f2e))
+* 通知支持钉钉群聊机器人 ([fc8bef5](https://github.com/certd/certd/commit/fc8bef5aae522d75d408d8c3aa74543269da5398))
+* 易支付支持固定支付方式，适合没有收银台版本使用 ([81df96b](https://github.com/certd/certd/commit/81df96bf4542ce8d8ef4a428a4460dd554e4719a))
+* 支持易盾RCDN部署 ([065713c](https://github.com/certd/certd/commit/065713cdb6953d16df08585c316c1a7a8eaec437))
+
+## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
+
+### Performance Improvements
+
+* 禁止爬虫爬取本网站 ([5164116](https://github.com/certd/certd/commit/5164116bde60dabac774cdf94f5317ff386e95ca))
+* 上传到阿里云证书名称后缀增加毫秒时间戳 ([9f0ee21](https://github.com/certd/certd/commit/9f0ee219d02907ffe128a5cf10173397d934ccd7))
+* 支持部署到阿里云FC3.0 ([bcaf54d](https://github.com/certd/certd/commit/bcaf54d4cb7bc469486aae6cdb127ae017eb3abb))
+* 支持新版本LeCDN ([44d43f4](https://github.com/certd/certd/commit/44d43f45cb9094619df7494c2a64a51ba77ad116))
+
+## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
+
+**Note:** Version bump only for package root
+
+## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
+
+### Bug Fixes
+
+* 适配最新版1panel密码编码方式 ([78044c0](https://github.com/certd/certd/commit/78044c062e20cdd04f08baef9fb6745bf25eddcf))
+
+## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
+
+### Bug Fixes
+
+* 修复腾讯云CLB多域名同证书部署报错的bug ([c3a5542](https://github.com/certd/certd/commit/c3a55429357e78f4b78c9592d3e5897db2d4d549))
+* 修复新版本1panel密码需要加密，无法登录的问题 ([ada0b71](https://github.com/certd/certd/commit/ada0b7106e97e551783829e4e719f76793a7123d))
+
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+### Bug Fixes
+
+* 当前置任务被删除时进行校验 ([c89686a](https://github.com/certd/certd/commit/c89686a2fda251484930f0ae715417b618c21690))
+* 修复cloudflare删除解析记录报错的bug ([00c2da4](https://github.com/certd/certd/commit/00c2da444f84adb89f3f1226d03294d7c6e3e4f1))
+
+### Performance Improvements
+
+* 上传自定义证书 ([75a38d9](https://github.com/certd/certd/commit/75a38d95f305b4271d9106babe7cffc1c89ae8f3))
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Bug Fixes
+
+* 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
+* 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
+* 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
+
+### Performance Improvements
+
+* 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
+* http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+* 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
+
+### Features
+
+* 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+* 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
+* 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
+* 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
+* 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+### Bug Fixes
+
+* 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
+* 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+### Bug Fixes
+
+* 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
+
+### Performance Improvements
+
+* 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Bug Fixes
+
+* 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
+
+### Performance Improvements
+
+* 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
+* 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+* http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+### Bug Fixes
+
+* 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Bug Fixes
+
+* 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
+* 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
+* 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
+
+### Performance Improvements
+
+* 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
+* 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Bug Fixes
+
+* 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
+* 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
+
+### Features
+
+* 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+* 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
+* 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
+* 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+### Bug Fixes
+
+* 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
+
+### Performance Improvements
+
+* 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+* 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
+* mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
+
+### Performance Improvements
+
+* 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
 ## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
 
 ### Bug Fixes

README.md

@@ -5,48 +5,76 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+> 关于证书续期：
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
+
+
+> 流水线数量现已调整为无限制，欢迎大家使用
 
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     
 
-* 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
-* 邮件通知
-* 私有化部署，数据保存本地，镜像由Github Actions构建，过程公开透明
-* 支持sqlite，postgresql数据库
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装升级非常简单快捷
+* 镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
+
+
+  ![](./docs/images/intro/intro.svg)
 
 
 
 
+ 
 ## 二、在线体验
 
 官方Demo地址，自助注册后体验    
 
-https://certd.handsfree.work/
+https://certd.handfree.work/
 
 > 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用
 
+![首页](./docs/images/start/home.png)
+
 ## 三、使用教程
 
-更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
+仅需3步，让你的证书永不过期
 
+### 1. 创建证书流水线
+![演示](packages/ui/certd-client/public/static/doc/images/1-add.png)
 
-本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
+> 添加成功后，就可以直接运行流水线申请证书了
 
-![演示](packages/ui/certd-client/public/static/doc/images/5-view.png)
-![演示](packages/ui/certd-client/public/static/doc/images/9-start.png)
-![演示](packages/ui/certd-client/public/static/doc/images/10-1-log.png)
+### 2. 添加部署任务
+当然我们一般需要把证书部署到应用上，certd支持海量的部署插件，您可以根据自身实际情况进行选择，比如部署到Nginx、阿里云、腾讯云、K8S、CDN、宝塔、1Panel等等
+
+此处演示部署证书到主机的nginx上    
+![演示](packages/ui/certd-client/public/static/doc/images/5-1-add-host.png)
+
+如果目前的部署插件都无法满足，您也可以手动下载，然后自行部署   
 ![演示](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
-![演示](packages/ui/certd-client/public/static/doc/images/13-1-result.png)
+
+### 3. 定时运行
+![演示](packages/ui/certd-client/public/static/doc/images/12-1-log-success.png)
+
 
 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     
 
-当前支持的部署插件列表
-![演示](./docs/images/plugins/list.png)
+更多教程请访问官方文档 [certd.docmirror.cn](https://certd.docmirror.cn/guide/)
+
+
 
 ## 四、私有化部署
 
@@ -54,10 +82,10 @@ https://certd.handsfree.work/
 
 您可以根据实际情况从如下方式中选择一种方式进行私有化部署：
 
-1. [宝塔面板方式部署](./install/baota/)
-2. [1Panel面板方式部署](./install/1panel/)
-2. [Docker方式部署](./install/docker/)
-3. [源码方式部署](./install/source/)
+1. [宝塔面板方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
+2. [1Panel面板方式部署 推荐](https://certd.docmirror.cn/guide/install/1panel/)
+3. [Docker方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
+4. [源码方式部署 不建议](https://certd.docmirror.cn/guide/install/source/)
 
 #### Docker镜像说明：
 * 国内镜像地址:
@@ -67,56 +95,35 @@ https://certd.handsfree.work/
   * `https://hub.docker.com/r/greper/certd`
   * `greper/certd:latest`
   * `greper/certd:armv7`、`greper/certd:[version]-armv7`
+* GitHub Packages地址:
+  * `ghcr.io/certd/certd:latest`
+  * `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7`
 
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
   * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) 
 
 ![](./docs/images/action/action-build.jpg)
 
-
-## 五、 升级
-如果使用固定版本号
-1. 修改`docker-compose.yaml`中的镜像版本号
-2. 运行`docker compose up -d` 即可
-
-如果使用`latest`版本
-```shell
-#重新拉取镜像
-docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-# 重新启动容器
-docker compose down
-docker compose up -d
-```
-
-> 数据默认存在`/data/certd`目录下，不用担心数据丢失   
+> 注意：
+> * 本应用存储的证书、授权信息等属于高度敏感数据，请做好安全防护
+> * 请务必使用HTTPS协议访问本应用，避免被中间人攻击
+> * 请务必使用web应用防火墙防护本应用，防止XSS、SQL注入等攻击
+> * 请务必做好服务器本身的安全防护，防止数据库泄露
+> * 请务必做好数据备份，避免数据丢失
+> * [更多安全生产建议点我](https://certd.docmirror.cn/guide/feature/safe/)
 
 
-更新日志： [CHANGELOG](./CHANGELOG.md)
+## 五、更多帮助
+请访问官方文档：[https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/)
+
+* 升级方法：[升级方法](https://certd.docmirror.cn/guide/install/upgrade/)
+* 常见问题：[忘记密码](https://certd.docmirror.cn/guide/use/forgotpasswd/)
+* 多数据库：[多数据库配置](https://certd.docmirror.cn/guide/install/database/)
+* 站点安全：[站点安全特性](https://certd.docmirror.cn/guide/feature/safe/)
+* 更新日志：[CHANGELOG](./CHANGELOG.md)
 
 
-## 六、一些说明
-* 本项目ssl证书提供商为letencrypt/Google/ZeroSSL
-* 申请过程遵循acme协议
-* 需要验证域名所有权，一般有两种方式（目前本项目仅支持dns-01）
-  * http-01： 在网站根目录下放置一份txt文件
-  * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式
-* 证书续期：
-  * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
-  * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
-* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
-
-
-## 七、不同平台的设置说明
-
-* 已迁移到新的文档网站，请到常见问题章节查看
-* [最新文档站链接 https://certd.docmirror.cn](https://certd.docmirror.cn/)
-
-## 八、问题处理
-### 7.1 忘记管理员密码   
-[重置管理员密码方法](https://certd.docmirror.cn/guide/use/forgotpasswd/)
-
-## 九、联系作者
+## 六、联系作者
 如有疑问，欢迎加入群聊（请备注certd）
 
 | 加群 | 微信群 | QQ群 |
@@ -130,7 +137,7 @@ docker compose up -d
 | 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |
 
 
-## 十、捐赠
+## 七、捐赠
 ************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
@@ -139,47 +146,41 @@ https://afdian.com/a/greper
 1. 可加入发电专属群，可以获得作者一对一技术支持
 2. 您的需求我们将优先实现，并且将作为专业版功能提供
 3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
-
 
 专业版特权对比
 
-| 功能      | 免费版               | 专业版                   |
-|---------|-------------------|-----------------------|
-| 免费证书申请  | 免费无限制             | 免费无限制                 |
-| 自动部署插件  | 阿里云、腾讯云、七牛云、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 发邮件功能   | 需要配置              | 免配置                   |
-| 证书流水线条数 | 10条               | 无限制                   |
+| 功能      | 免费版                                   | 专业版                            |
+|---------|---------------------------------------|--------------------------------|
+| 免费证书申请  | 免费无限制                                 | 免费无限制                          |
+| 域名数量 | 无限制                                   | 无限制                            |
+| 证书流水线条数 | 无限制                                   | 无限制                            |
+| 站点证书监控  | 限制1条                                  | 无限制                            |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
+| 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
+
 
 ************************
 
-## 十一、贡献代码
+## 八、贡献代码
 
-1. 本地开发 [贡献插件教程](https://certd.docmirror.cn/guide/development/)
+1. 本地开发请参考 [贡献插件向导](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
    1. 可以调整开源协议以使其更严格或更宽松。
    2. 可以用于商业用途。
 
 
 
-## 十二、 开源许可
+## 九、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
-* 允许个人和公司使用、复制、修改和分发本项目，禁止任何形式的商业用途 
+* 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。
 
-## 十三、我的其他项目（求Star）
+
+## 十、我的其他项目（求Star）
 
 | 项目名称                                                    | stars                                                                                                 | 项目描述                              | 
 |---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------------|
 | [袖手AI](https://ai.handsfree.work/)                    |                                                                                                       | 袖手GPT，国内可用，无需FQ，每日免费额度            | 
 | [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
 | [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |                       
-
-
-
-## 十四、更新日志
-
-更新日志：[CHANGELOG](./CHANGELOG.md)
-
-

build-dev.trigger

@@ -1 +1 @@
-21:59
+2

build.trigger

@@ -1 +1 @@
-21:59
+23:45

docker/run/docker-compose.yaml

@@ -1,48 +1,90 @@
 version: '3.3' # 兼容旧版docker-compose
 services:
   certd:
-    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号
+    # 镜像                                                  #  ↓↓↓↓↓ ---- 镜像版本号，建议改成固定版本号,例如：certd:1.29.0
     image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+    # image: ghcr.io/certd/certd:latest                    #   --------- 如果 报镜像not found，可以尝试其他镜像源
+    # image: greper/certd:latest
     container_name: certd # 容器名
     restart: unless-stopped # 自动重启
     volumes:
       #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
+      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
       - /data/certd:/app/data
     ports: # 端口映射
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
+      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号，第二个7001不要动
       - "7001:7001"
-      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露相关服务端口
+      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
       - "7002:7002"
-    dns:
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
-      - 223.5.5.5
-      - 223.6.6.6
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns
-#      - 8.8.8.8
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo EAI_AGAIN 或 getaddrinfo ENOTFOUND 错误，可以尝试设置dns
+#    dns:
+#      - 223.5.5.5      # 阿里云公共dns
+#      - 223.6.6.6
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
 #      - 8.8.4.4
 #    extra_hosts:
-      #  ↓↓↓↓ ---------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
-#      - "localdomain.comm:192.168.1.3"
-    environment: # 环境变量
-      - TZ=Asia/Shanghai
-      # 设置环境变量即可自定义certd配置
-      # 配置项见： packages/ui/certd-server/src/config/config.default.ts
-      # 配置规则： certd_ + 配置项, 点号用_代替
-      #                               ↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
+#        # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
+#      - "localdomain.com:192.168.1.3"
+#        #         ↓↓↓↓ ------------------------------------------------ 直接使用主机的网络，如果网络问题实在找不到原因，可以尝试打开此参数
+#    network_mode: host
+    labels:
+      com.centurylinklabs.watchtower.enable: "true"
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把下面networks的注释放开
+#    networks:
+#      - ip6net
+    environment:
+#             ↓↓↓↓ ----------------------------------------------------- 使用上海东八时区
+#      - TZ=Asia/Shanghai
+#     设置环境变量即可自定义certd配置
+#     配置项见： packages/ui/certd-server/src/config/config.default.ts
+#     配置规则： certd_ + 配置项, 点号用_代替
+#                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
       - certd_system_resetAdminPasswd=false
-      #                            ↓↓↓↓ -------------------------------- 默认同时启动https，https访问地址https://your.domain:7002
-      #- certd_https_key=./data/ssl/cert.key
-      #- certd_https_cert=./data/ssl/cert.crt
-      #- certd_https_enabled=true
-      #- certd_https_port=7002
-      -
-      #                             ↓↓↓↓ ------------------------------- 使用postgresql数据库
-#      - certd_flyway_scriptDir=./db/migration-pg               # 升级脚本目录
-#      - certd_typeorm_dataSource_default_type=postgres         # 数据库类型
-#      - certd_typeorm_dataSource_default_host=localhost        # 数据库地址
-#      - certd_typeorm_dataSource_default_port=5433             # 数据库端口
-#      - certd_typeorm_dataSource_default_username=postgres     # 用户名
-#      - certd_typeorm_dataSource_default_password=yourpasswd   # 密码
-#      - certd_typeorm_dataSource_default_database=certd        # 数据库名
+
+#     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
+#     注意： 选定使用一种数据库之后，不支持更换数据库。
+#     数据库迁移方法：1、使用新数据库重新部署一套，然后将旧数据同步过去，注意flyway_history表的数据不要同步
+#                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库，需要提前创建数据库
+#      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=postgres              # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+#                                    #↓↓↓↓ ----------------------------- 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+#      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=root                  # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+#         ↓↓↓↓ ---------------------------------------------------------  自动升级，上面certd的版本号要保持为latest
+#  certd-updater:  # 添加 Watchtower 服务
+#    image: containrrr/watchtower:latest
+#    container_name: certd-updater
+#    restart: unless-stopped
+#    volumes:
+#      - /var/run/docker.sock:/var/run/docker.sock
+#    # 配置 自动更新
+#    environment:
+#      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
+#      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
+#      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
+#      - WATCHTOWER_POLL_INTERVAL=600       # 每 10 分钟检查一次更新
 
 
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
+#networks:
+#  ip6net:
+#    enable_ipv6: true
+#    ipam:
+#      config:
+#        - subnet: 2001:db8::/64

docs/.vitepress/config.ts

@@ -1,126 +1,155 @@
-import { defineConfig } from "vitepress";
+import {defineConfig} from "vitepress";
 // Import lightbox plugin
 import lightbox from "vitepress-plugin-lightbox";
 
 // https://vitepress.dev/reference/site-config
 export default defineConfig({
-  title: "Certd",
-  description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；证书自动化申请部署流水线；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
-  markdown: {
-    config: (md) => {
-      // Use lightbox plugin
-      md.use(lightbox, {});
-    }
-  },
-  head: [
-    // [
-    //     'meta',
-    //     {
-    //         name: 'viewport',
-    //         content:
-    //           'width=device-width,initial-scale=1,minimfast-cum-scale=1.0,maximum-scale=1.0,user-scalable=no',
-    //     },
-    // ],
-    ["meta", {
-      name: "keywords",
-      content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署,SSL平台，证书管理平台，证书流水线"
-    }],
-    ["meta", { name: "google-site-verification",content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"}],
-      //<meta name="baidu-site-verification" content="codeva-MiWN8Y07Ua" />
-    ["meta", {name: "baidu-site-verification",content: "codeva-MiWN8Y07Ua"}],
-    ["link", { rel: "icon", href: "/static/logo/logo.svg" }]
-  ],
-  themeConfig: {
-    logo: "/static/logo/logo.svg",
-    search: {
-      provider: "local",
-      options: {
-        detailedView: true,
-        translations: {
-          button: {
-            buttonText: "搜索文档",
-            buttonAriaLabel: "搜索文档"
-          },
-          modal: {
-            noResultsText: "无法找到相关结果",
-            resetButtonTitle: "清除查询条件",
-            footer: {
-              selectText: "选择",
-              closeText: "关闭",
-              navigateText: "切换"
+    title: "Certd",
+    titleTemplate: "开源SSL证书管理工具，证书自动化申请部署，让你的网站证书永不过期",
+    description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；证书自动化申请部署流水线；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
+    markdown: {
+        config: (md) => {
+            // Use lightbox plugin
+            md.use(lightbox, {});
+        }
+    },
+    sitemap: {
+        hostname: 'https://certd.docmirror.cn'
+    },
+    head: [
+        // [
+        //     'meta',
+        //     {
+        //         name: 'viewport',
+        //         content:
+        //           'width=device-width,initial-scale=1,minimfast-cum-scale=1.0,maximum-scale=1.0,user-scalable=no',
+        //     },
+        // ],
+        ["meta", {
+            name: "keywords",
+            content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署,SSL平台，证书管理平台，证书流水线"
+        }],
+        // ["meta", { name: "google-site-verification",content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"}],
+        //<meta name="baidu-site-verification" content="codeva-MiWN8Y07Ua" />
+        // ["meta", {name: "baidu-site-verification",content: "codeva-MiWN8Y07Ua"}],
+        ["link", {rel: "icon", href: "/static/logo/logo.svg"}]
+    ],
+    themeConfig: {
+        logo: "/static/logo/logo.svg",
+        search: {
+            provider: "local",
+            options: {
+                detailedView: true,
+                translations: {
+                    button: {
+                        buttonText: "搜索文档",
+                        buttonAriaLabel: "搜索文档"
+                    },
+                    modal: {
+                        noResultsText: "无法找到相关结果",
+                        resetButtonTitle: "清除查询条件",
+                        footer: {
+                            selectText: "选择",
+                            closeText: "关闭",
+                            navigateText: "切换"
+                        }
+                    }
+                }
             }
-          }
-        }
-      }
-    },
-    // https://vitepress.dev/reference/default-theme-config
-    nav: [
-      { text: "首页", link: "/" },
-      { text: "指南", link: "/guide/" },
-      { text: "Demo体验", link: "https://certd.handsfree.work" }
-    ],
-    sidebar: {
-      "/guide/": [
-        {
-          text: "入门",
-          items: [
-            { text: "简介", link: "/guide/" },
-            { text: "快速开始", link: "/guide/start.md" },
-            {
-              text: "私有化部署",
-              items: [
-                { text: "docker部署", link: "/guide/install/docker/" },
-                { text: "宝塔面板部署", link: "/guide/install/baota/" },
-                { text: "1Panel部署", link: "/guide/install/1panel/" },
-                { text: "群晖部署", link: "/guide/use/synology/" },
-                { text: "源码部署", link: "/guide/install/source/" }
-              ]
-            },
-            { text: "演示教程", link: "/guide/tutorial.md" }
+        },
+        // https://vitepress.dev/reference/default-theme-config
+        nav: [
+            {text: "首页", link: "/"},
+            {text: "指南", link: "/guide/"},
+            {text: "Demo体验", link: "https://certd.handfree.work"}
+        ],
+        sidebar: {
+            "/guide/": [
+                {
+                    text: "入门",
+                    items: [
+                        {text: "简介", link: "/guide/"},
+                        {text: "快速开始", link: "/guide/start.md"},
+                        {
+                            text: "私有化部署",
+                            items: [
+                                {text: "docker部署", link: "/guide/install/docker/"},
+                                {text: "宝塔面板部署", link: "/guide/install/baota/"},
+                                {text: "1Panel部署", link: "/guide/install/1panel/"},
+                                {text: "群晖部署", link: "/guide/use/synology/"},
+                                {text: "源码部署", link: "/guide/install/source/"}
+                            ]
+                        },
+                        {text: "演示教程", link: "/guide/tutorial.md"},
+                        {text: "版本升级", link: "/guide/install/upgrade.md"}
+                    ]
+                },
+                {
+                    text: "特性",
+                    items: [
+                        {text: "CNAME代理校验", link: "/guide/feature/cname/index.md"},
+                        {text: "多数据库支持", link: "/guide/install/database.md"},
+                        {text: "开放接口", link: "/guide/open/index.md"},
+                        {
+                            text: "站点安全",  link: "/guide/feature/safe/"
+                        },
+                        {
+                            text: "插件列表", items: [
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
+                                {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
+                                {text: "任务插件", link: "/guide/plugins/deploy.md"},
+                                {text: "通知插件", link: "/guide/plugins/notification.md"},
+                            ]
+                        },
+                    ]
+                },
+                {
+                    text: "常见问题",
+                    items: [
+                        {text: "QA", link: "/guide/qa/use.md"},
+                        {text: "常见报错处理", link: "/guide/qa/"},
+                        {text: "群晖证书部署", link: "/guide/use/synology/"},
+                        {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
+                        {text: "连接windows主机", link: "/guide/use/host/windows.md"},
+                        {text: "Google EAB获取", link: "/guide/use/google/"},
+                        {text: "阿里云相关", link: "/guide/use/aliyun/"},
+                        {text: "忘记密码", link: "/guide/use/forgotpasswd/"},
+                        {text: "数据备份", link: "/guide/use/backup/"},
+                        {text: "Certd本身的证书更新", link: "/guide/use/https/index.md"},
+                        {text: "js脚本插件使用", link: "/guide/use/custom-script/index.md"},
+                        {text: "邮箱配置", link: "/guide/use/email/index.md"},
+                        {text: "IPv6支持", link: "/guide/use/setting/ipv6.md"},
+                        {text: "ESXi", link: "/guide/use/ESXi/index.md"},
+                    ]
+                },
+                {
+                    text: "商业版配置", link: "/guide/use/comm/", items: [
+                        {text: "支付宝配置", link: "/guide/use/comm/payments/alipay.md"},
+                        {text: "微信支付配置", link: "/guide/use/comm/payments/wxpay.md"},
+                        {text: "彩虹易支付配置", link: "/guide/use/comm/payments/yizhifu.md"},
+                    ]
+                },
+                {
+                    text: "其他",
+                    items: [
+                        {text: "贡献代码", link: "/guide/development/index.md"},
+                        {text: "更新日志", link: "/guide/changelogs/CHANGELOG.md"},
+                        {text: "镜像说明", link: "/guide/image.md"},
+                        {text: "联系我们", link: "/guide/contact/"},
+                        {text: "捐赠", link: "/guide/donate/"},
+                        {text: "开源协议", link: "/guide/license/"},
+                        {text: "我的其他开源项目", link: "/guide/link/"},
+                    ]
+                }
+            ],
+        },
 
-          ]
-        },
-        {
-          text: "特性",
-          items: [
-            { text: "CNAME代理校验", link: "/guide/feature/cname/index.md" },
-            { text: "插件列表", link: "/guide/plugins.md" }
-          ]
-        },
-        {
-          text: "常见问题",
-          items: [
-            { text: "群晖证书部署", link: "/guide/use/synology/" },
-            { text: "腾讯云密钥获取", link: "/guide/use/tencent/" },
-            { text: "连接windows主机", link: "/guide/use/host/windows.md" },
-            { text: "Google EAB获取", link: "/guide/use/google/" },
-            { text: "阿里云相关", link: "/guide/use/aliyun/" },
-            { text: "忘记密码", link: "/guide/use/forgotpasswd/" },
-            { text: "数据备份", link: "/guide/use/backup/" },
-            { text: "Certd本身的证书更新", link: "/guide/use/https/index.md" },
-            { text: "如何贡献代码", link: "/guide/development/index.md" },
-          ]
-        },
-        {
-          text: "其他",
-          items: [
-            { text: "更新日志", link: "/guide/changelogs/CHANGELOG.md" },
-            { text: "镜像说明", link: "/guide/image.md" },
-            { text: "联系我们", link: "/guide/contact/" },
-            { text: "捐赠", link: "/guide/donate/" },
-            { text: "开源协议", link: "/guide/license/" },
-            { text: "我的其他开源项目", link: "/guide/link/" },
-
-          ]
+        socialLinks: [
+            {icon: "github", link: "https://github.com/certd/certd"}
+        ],
+        footer: {
+            message: "Certd帮助文档 |  <a href='https://beian.miit.gov.cn/' target='_blank'>粤ICP备14088435号</a> ",
+            copyright: "Copyright © 2021-present <a href='https://handfree.work/' target='_blank'>handfree.work</a> "
         }
-      ]
-    },
-    socialLinks: [
-      { icon: "github", link: "https://github.com/certd/certd" }
-    ],
-    footer: {
-      message: "Certd帮助文档 |  <a href='https://beian.miit.gov.cn/' target='_blank'>粤ICP备14088435号</a> ",
-      copyright: "Copyright © 2021-present <a href='https://handfree.work/' target='_blank'>handfree.work</a> "
     }
-  }
 });

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,808 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
+## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+### Performance Improvements
+
+* 宝塔插件、1panel 改成完全免费版 ([a53b6cd](https://github.com/certd/certd/commit/a53b6cd28ff2ce5662ada82379ea44a06b179b81))
+* 添加 FlexCDN 更新证书插件 ([bf040d4](https://github.com/certd/certd/commit/bf040d4c428d29c06fbaca5e29100e0c583b2b0b))
+* 小助手可以关闭 ([3e2101a](https://github.com/certd/certd/commit/3e2101aa5b56548614102e900d59819ce8c7e97c))
+* 支持部署到maoyun cdn ([68f333f](https://github.com/certd/certd/commit/68f333fb87ce85eed27436ecb0f76351c0ccb0d1))
+* 支持AI分析报错 ([aa96859](https://github.com/certd/certd/commit/aa96859798166426e485947a6590464de189de05))
+
+## [1.34.2](https://github.com/certd/certd/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Bug Fixes
+
+* 修复部署到又拍云强制https无效的bug ([2397097](https://github.com/certd/certd/commit/2397097e4ddcb6f593210598e8779ffd44ac3f8f))
+* 修复刷新流水线页面后，日志不自动更新的bug ([0b2e28b](https://github.com/certd/certd/commit/0b2e28b62dd5eb6804c602083e65c87a9d1d72d2))
+
+### Performance Improvements
+
+* 集成智能问答机器人 ([9dd4905](https://github.com/certd/certd/commit/9dd49054d18ec436a5029444ca55a38adc682933))
+* 支持设置网安备案号 ([d18e431](https://github.com/certd/certd/commit/d18e431e2f08e6b37704032c4ea6fbdd8e971442))
+* http方式支持校验443端口 ([d75fcb7](https://github.com/certd/certd/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/certd/certd/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/certd/certd/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+* 修复宝塔授权测试按钮显示错误的bug ([048696e](https://github.com/certd/certd/commit/048696ee9386491bb68592fb3a47d1c900bb68bf))
+
+### Performance Improvements
+
+* 支持部署证书到火山dcdn ([5f85219](https://github.com/certd/certd/commit/5f852194953dc1b4e6336770f417507b8f5a33ad))
+* 支持部署证书到unicloud ([a63d687](https://github.com/certd/certd/commit/a63d687f1c573159f0857693f37602b0e1e44072))
+
+# [1.34.0](https://github.com/certd/certd/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+### Bug Fixes
+
+* 修复二次认证登录进入错误账号的bug ([e3930e0](https://github.com/certd/certd/commit/e3930e07172dd7903cb0f6ff26e0e3e828ba3e77))
+
+### Features
+
+* 从yaml文件注册插件 ([deb3893](https://github.com/certd/certd/commit/deb38938204b29543f36d3266249958faaaa6b66))
+
+### Performance Improvements
+
+* 优化cdnfly插件，支持自动匹配域名部署 ([afd59e9](https://github.com/certd/certd/commit/afd59e9933b2650f41c5d47684c171b93b962065))
+
+## [1.33.8](https://github.com/certd/certd/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 服务器时间获取不准确的bug ([5d10cbf](https://github.com/certd/certd/commit/5d10cbf18daf94a90a7551641a3b13e3c5fec611))
+* 修复复制流水线无效的bug ([3df20a9](https://github.com/certd/certd/commit/3df20a924f32970b052e2588ea20de095f0ea693))
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/certd/certd/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+* 修复token过期后，疯狂打印token过期信息的bug ([50a5fa1](https://github.com/certd/certd/commit/50a5fa15bb240a125bbc91d2ce1ff3c835888a77))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/certd/certd/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/certd/certd/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+* 数据库备份支持oss ([308d460](https://github.com/certd/certd/commit/308d4600efe2002f199c33b4594d3071784e58ea))
+* 支持阿里云中文域名申请 ([b3468cf](https://github.com/certd/certd/commit/b3468cf7f28228d7c9cf68de6b5a9bbeb67f2c6d))
+* 支持反向代理增加contextPath路径 ([0088929](https://github.com/certd/certd/commit/0088929622160cc922995de9a563e8061686ff34))
+* 支持中文域名 ([162ebfd](https://github.com/certd/certd/commit/162ebfd4e0c25727efb33952d3bbf7420a02e2c3))
+
+## [1.33.7](https://github.com/certd/certd/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+### Performance Improvements
+
+* 添加部署证书至火山 Live ([abea80e](https://github.com/certd/certd/commit/abea80e3ab9b1672aebe1c5d5e856693b29931a8))
+* 优化首页插件列表展示 ([9b8f60b](https://github.com/certd/certd/commit/9b8f60b64b5f9a3db7dfa9b3dcbd9201984358d0))
+* 证书申请支持51dns ([8638fc9](https://github.com/certd/certd/commit/8638fc91ff34fccaf12ff9874fd3fa9d2a8c18b7))
+* 支持51dns ([96a0900](https://github.com/certd/certd/commit/96a0900edc95dcfd9acccf9d13592f12f5a09b3d))
+* ssh PTY模式登录设置 ([8385bcc](https://github.com/certd/certd/commit/8385bcc2d7f2411a07748bb5c53f9eaf4d38d7cc))
+* ssh伪终端模式优化，windows下不开启 ([42dfe93](https://github.com/certd/certd/commit/42dfe936b773b7bdd82ca3378363252ffffd7b71))
+
+## [1.33.6](https://github.com/certd/certd/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+### Bug Fixes
+
+* 上传商用证书，直接粘贴文本报错的问题；修复无法上传ec加密证书的bug ([5750bb7](https://github.com/certd/certd/commit/5750bb706779da274d8e7a87e71416cb64d2df79))
+* 修复下载证书时提示token已过期的问题 ([0e07ae6](https://github.com/certd/certd/commit/0e07ae6ce84dcb9279d3c44060d621566afa593c))
+
+### Performance Improvements
+
+* 更新license时同时绑定url ([78367af](https://github.com/certd/certd/commit/78367af8307f801e778c76d49f0918c21ffe032f))
+* 切换到不同的分组后再打开创建对话框，会自动选择分组 ([893dcd4](https://github.com/certd/certd/commit/893dcd4f2487891199ed3e5a3d47a79a75efc942))
+* 新增部署到火山引擎ALB/CLB、上传到证书中心 ([c9a3e3d](https://github.com/certd/certd/commit/c9a3e3d9d26f964c7af7b56667936f1414fbf42a))
+* 优化/api缓存为0 ([dc05cd4](https://github.com/certd/certd/commit/dc05cd481f186b13375192be965000e6b4b429a5))
+* 优化华为cdn插件引用ccm证书 ([b565b4b](https://github.com/certd/certd/commit/b565b4b3b919b71b98ea2517670bc1ef00e00dc9))
+* 优化证书流水线创建，支持选择分组 ([d613aa8](https://github.com/certd/certd/commit/d613aa8f3e85d8dc475ef1b62d49394ce7fd7d24))
+
+## [1.33.5](https://github.com/certd/certd/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+### Performance Improvements
+
+* 登录支持双重认证 ([48aef25](https://github.com/certd/certd/commit/48aef25b3f6499d674ca4e4ef16f4c62399fb735))
+* 多重认证登录 ([0f82cf4](https://github.com/certd/certd/commit/0f82cf409bc60706ab07e4ca4f272b9a1ca7eecb))
+* 优化部署到华为云CDN，支持先上传到ccm，再使用证书id部署，修复offline状态下导致部署报错的bug ([79df39a](https://github.com/certd/certd/commit/79df39acabab10ae7e1864dadcdc186bb007a3c5))
+
+## [1.33.4](https://github.com/certd/certd/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+### Bug Fixes
+
+* 补充类型断言 ([2143dff](https://github.com/certd/certd/commit/2143dff2ae96e6a78bef9f0498e36f8cd9e6941f))
+* 修复腾讯云部署到任意资源插件，无法使用之前已上传的腾讯云证书问题 ([32c714d](https://github.com/certd/certd/commit/32c714d1b6e68c71a74a7452115040c87ac4bfdc))
+
+### Performance Improvements
+
+* 插件支持导入导出 ([cf8abb4](https://github.com/certd/certd/commit/cf8abb45282070c8ba91469f93fd379fabf1f74a))
+* 支持上传证书到华为云CCM ([cfd3b66](https://github.com/certd/certd/commit/cfd3b66be9ebf53a26693057e70ed60c3f116be9))
+
+## [1.33.3](https://github.com/certd/certd/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+### Bug Fixes
+
+* 修复登录错误次数过多阻止再次登录逻辑 ([bf4d191](https://github.com/certd/certd/commit/bf4d191c8bd2f9209eb6768f662b9c77de99e998))
+
+## [1.33.2](https://github.com/certd/certd/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+### Bug Fixes
+
+* 修复某些情况下无法输出日志的bug ([70101bf](https://github.com/certd/certd/commit/70101bfa7ade65678d9202c804bbae2cb808b594))
+
+### Performance Improvements
+
+* 修复内置插件分页查询逻辑 ([a2710dd](https://github.com/certd/certd/commit/a2710ddc2525e4e637fd157f0180e6d3b801c8be))
+
+## [1.33.1](https://github.com/certd/certd/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+### Bug Fixes
+
+* 修复阿里云cdn证书部署失败问题，增加certname参数传入 ([965dc2c](https://github.com/certd/certd/commit/965dc2cb476f690af716f291c6b20ba98be0c8f0))
+* 修复ssh插件报length空指针的bug ([9c4cbe1](https://github.com/certd/certd/commit/9c4cbe17a22b548611cf1fbefecc83a421788e42))
+
+### Performance Improvements
+
+* 镜像支持armv7 ([f78cbed](https://github.com/certd/certd/commit/f78cbed4d817859721fdafe7d348864848d0dfbf))
+
+# [1.33.0](https://github.com/certd/certd/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+### Bug Fixes
+
+* 升级mysql驱动，支持mysql8最新版本的认证 ([2f5ed3a](https://github.com/certd/certd/commit/2f5ed3aead97641f2c80d692a50226839016df0b))
+* 修复eab授权，没有email绑定的bug ([2f1683b](https://github.com/certd/certd/commit/2f1683b26acebbfb7d6e2d751435be04a4e7cab4))
+
+### Features
+
+* 支持在线自定义插件，无需源码开发 ([d0d9d68](https://github.com/certd/certd/commit/d0d9d68fe6740f6ff49fe40b7c9917c5a2e4b442))
+* **lego:** support set key type ([f3bf4fa](https://github.com/certd/certd/commit/f3bf4faee0be5bdbfdbcf70a502849ed4c8ed4c4))
+* release image to ghcr ([9b536af](https://github.com/certd/certd/commit/9b536af9e656dc89e2a87078c129cad6f591e467))
+
+### Performance Improvements
+
+* 修复tab页缓存问题 ([64e5449](https://github.com/certd/certd/commit/64e5449ab3c6b219b0e89eddad14bfb6b71a0650))
+* 隐藏运行策略选项 ([2951df0](https://github.com/certd/certd/commit/2951df0cd94c23e2efee84ff1b843055aac56cae))
+* 增加手动上传证书功能说明 ([5d083a1](https://github.com/certd/certd/commit/5d083a153637caddbc6f44e915d9fb2d1ae87b33))
+
+# [1.32.0](https://github.com/certd/certd/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 创建cname记录移除域名两端的空格 ([903a413](https://github.com/certd/certd/commit/903a4131ab5f42c8286cd2150ed1032d486fda2f))
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/certd/certd/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/certd/certd/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/certd/certd/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+* 又拍云支持云存储 ([9339b78](https://github.com/certd/certd/commit/9339b78f801d193472c0af25749e8e7a27ffb7af))
+* 又拍云支持云存储 ([8449f85](https://github.com/certd/certd/commit/8449f8580da90c1f6b5d02d07c3236ebaf6cf161))
+
+## [1.31.11](https://github.com/certd/certd/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+### Bug Fixes
+
+* 修复ssh支持键盘事件登录 ([8145808](https://github.com/certd/certd/commit/8145808c4370364377b4ffe3ae88ff465b49f20b))
+
+### Performance Improvements
+
+* 支持部署到京东云cdn ([6f17c70](https://github.com/certd/certd/commit/6f17c700b84965baa01b40fe2abaa0a91bcbaffd))
+* 支持京东云dns申请证书 ([04d79f9](https://github.com/certd/certd/commit/04d79f9117670be504960b018fd49ae3bf7c1c11))
+
+## [1.31.10](https://github.com/certd/certd/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+### Performance Improvements
+
+*  tab增加图标显示 ([a03ae5a](https://github.com/certd/certd/commit/a03ae5a216a1df2c1d3da12ae18dcd0f089a92d3))
+* 升级lego版本到4.22.2 ([4e15556](https://github.com/certd/certd/commit/4e15556e5e8100719497edb1729570d5a29668e1))
+* 优化华为dns接口报错信息输出 ([bf30b7a](https://github.com/certd/certd/commit/bf30b7afaef623dd8126570344f1fcc2c06f1215))
+
+## [1.31.9](https://github.com/certd/certd/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Bug Fixes
+
+* 修复华为云dns接口请求出错的bug ([caa15b4](https://github.com/certd/certd/commit/caa15b47355363cbb8847f415ff12363cd53eeda))
+* 修复某些情况下站点证书监控报undefined.includes的错误 ([0b6618f](https://github.com/certd/certd/commit/0b6618ff709322a0eeba78953c8c6e9d073d083a))
+* 修复网站证书监控https port设置无效的bug ([cc8da0c](https://github.com/certd/certd/commit/cc8da0cf130f0c469371b59ac5bd04567f4a4414))
+
+### Performance Improvements
+
+* 站点监控保存时异步检查 ([993bc74](https://github.com/certd/certd/commit/993bc7432fce2d954e9897ed85b54f22150bfc7e))
+* dns支持火山引擎 ([99ff879](https://github.com/certd/certd/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/certd/certd/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Bug Fixes
+
+* 修复编辑通知勾选默认，导致出现多个默认通知的bug ([6cd7bdd](https://github.com/certd/certd/commit/6cd7bddc37da8b0d7b9860fd9a26ddfe84c869a7))
+* 修复网站监控无法设置端口的bug ([27a8a57](https://github.com/certd/certd/commit/27a8a57cf52b4bf83d628aa3049be1efaa74f29c))
+* 修复lego模式无法创建流水线的bug ([687bb8a](https://github.com/certd/certd/commit/687bb8a2376d0de7b72739a174e4a9560581f866))
+
+### Performance Improvements
+
+* 优化通知格式 ([c3c5006](https://github.com/certd/certd/commit/c3c5006daa39c20624cb58864f2b92b230a38a7a))
+* 优化scp上传 ([e51123a](https://github.com/certd/certd/commit/e51123a95131cc76d655937488caf08956a67020))
+* 优化txt本地校验效率 ([fd507f2](https://github.com/certd/certd/commit/fd507f269253607e68c5c099c99e0de11636f229))
+* 支持又拍云cdn ([fd0536b](https://github.com/certd/certd/commit/fd0536bd4b41f15b6b5d42e0b447f0dcbf73b8a8))
+* 支持又拍云cdn ([57389a7](https://github.com/certd/certd/commit/57389a79a1a61c45d081712562f8b33c9633158e))
+
+## [1.31.7](https://github.com/certd/certd/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+### Performance Improvements
+
+* 增加服务器时间警告 ([d66ade4](https://github.com/certd/certd/commit/d66ade4e4783850b6c7625c6f164a5a0fc0aa509))
+* 支持部署到lucky ([e18e399](https://github.com/certd/certd/commit/e18e399ce6529e8c7e36b56c5f674cfdbbd3d3d1))
+
+## [1.31.6](https://github.com/certd/certd/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+### Bug Fixes
+
+* 修复dns.la无法申请证书的bug ([90b045a](https://github.com/certd/certd/commit/90b045af6d1a4f46986e4b118885c1f050df067c))
+
+### Performance Improvements
+
+* 上传到主机支持scp方式 ([05b6159](https://github.com/certd/certd/commit/05b6159802b9e85b6a410361b60b5c28875b48e7))
+* 优化图标 ([c56f48c](https://github.com/certd/certd/commit/c56f48c1e3c54c4e203fafb380d9091d75681b7e))
+
+## [1.31.5](https://github.com/certd/certd/compare/v1.31.4...v1.31.5) (2025-03-22)
+
+### Bug Fixes
+
+* 修复通知选择器无法选择的bug ([f7b88f9](https://github.com/certd/certd/commit/f7b88f9e3b7d9d9122e4fd2003a20c555bd50c7d))
+* 修复证书流水线创建失败的bug ([736fe03](https://github.com/certd/certd/commit/736fe038ebda56648bcc4c12884a700341d2c049))
+
+## [1.31.4](https://github.com/certd/certd/compare/v1.31.3...v1.31.4) (2025-03-21)
+
+### Bug Fixes
+
+* 修复站点监控通知通过webhook发送失败的bug ([9be1ecc](https://github.com/certd/certd/commit/9be1ecc8aab3ea23dd0dc2dab3688f4edb90ef2c))
+* 修复dns.la域名申请失败的bug ([1de8eee](https://github.com/certd/certd/commit/1de8eee6ea8307f3c11626af75303d3cc104bb95))
+
+### Performance Improvements
+
+* 宝塔支持doker站点证书部署 ([589a373](https://github.com/certd/certd/commit/589a373142ef7f50d64d3aa767a90b1f4b64da93))
+* 保存调整后的列宽 ([873f2b6](https://github.com/certd/certd/commit/873f2b618b9d7320045baf69d6da83afe48a780f))
+* 创建证书流水线时，支持更多参数展开 ([36aa7f8](https://github.com/certd/certd/commit/36aa7f82b078a053a102331b3c6f132fb9d492f9))
+* 流水线页面可以鼠标按住左右拖动 ([d85a02f](https://github.com/certd/certd/commit/d85a02feeb3183c5abd6c1ea790d5923a32d7271))
+* 流水线增加上传证书快捷方式 ([425bba6](https://github.com/certd/certd/commit/425bba67c539b734e2a85a83a4f9ecc9b2434fb4))
+* 手动上传证书部署流水线 ([fbb66f3](https://github.com/certd/certd/commit/fbb66f3c4389489aa8a43b194d82bc8cf391607b))
+* 优化选择任务时手机版展示效果 ([d01004d](https://github.com/certd/certd/commit/d01004d53071a75ac91ee21cc96bde9369f77ff3))
+* 站点监控，手动测试也发通知 ([729b19c](https://github.com/certd/certd/commit/729b19c8da60d5efb5baef7cf8df0518e7f6b471))
+* 站点证书监控支持模糊查询 ([0069c0e](https://github.com/certd/certd/commit/0069c0e3992946a8dd6410f299d4fc974ef0e76b))
+* 支持飞书通知 ([b82e1dc](https://github.com/certd/certd/commit/b82e1dcd6217b09a7d7e21cd648bb31de320cadf))
+* 支持手动上传证书并部署 ([a9fffa5](https://github.com/certd/certd/commit/a9fffa5180c83da27b35886aa2e858a92a2c5f94))
+
+## [1.31.3](https://github.com/certd/certd/compare/v1.31.2...v1.31.3) (2025-03-13)
+
+### Bug Fixes
+
+* 修复阿里云fc获取不到列表的bug ([474b337](https://github.com/certd/certd/commit/474b3372d8ce98e6d45900bf8046bc0b3f220686))
+
+### Performance Improvements
+
+* 1panel支持 apikey方式授权 ([170b2af](https://github.com/certd/certd/commit/170b2afb0e3b125e4ed057f633fe895b5ac3ac22))
+* 套餐支持3天7天等选项 ([0d71a8e](https://github.com/certd/certd/commit/0d71a8ee501a0e5bb69decf07e8729026e9d85bf))
+* 证书仓库增加有效期显示 ([be87124](https://github.com/certd/certd/commit/be87124ada7a093f281ca29a45c86b4ea4644ead))
+* 支持部署到天翼云CDN ([82a72e0](https://github.com/certd/certd/commit/82a72e0b497efa043d342ad0e33c083a2de79a05))
+* 支持dns.la ([ee8af18](https://github.com/certd/certd/commit/ee8af18d0ac0af82544d6dda1e4b4c678b733041))
+* cf授权支持配置http代理 ([27386ea](https://github.com/certd/certd/commit/27386ea04d3c1a5aebe3cfdd7ac48185eaa76629))
+
+## [1.31.2](https://github.com/certd/certd/compare/v1.31.1...v1.31.2) (2025-03-12)
+
+### Bug Fixes
+
+* 修复cname记录查找bug ([95fb4e3](https://github.com/certd/certd/commit/95fb4e3e8be6ca13cc43b451f6141d62190ba453))
+
+## [1.31.1](https://github.com/certd/certd/compare/v1.31.0...v1.31.1) (2025-03-11)
+
+### Performance Improvements
+
+* 一些手机端适配优化 ([5b8d5dd](https://github.com/certd/certd/commit/5b8d5dd97536456a9d5d1384216eac1093b2dc3d))
+
+# [1.31.0](https://github.com/certd/certd/compare/v1.30.6...v1.31.0) (2025-03-10)
+
+### Bug Fixes
+
+* 修复CDN插件我爱云因更换接口导致部署失败的问题 ([5641c19](https://github.com/certd/certd/commit/5641c19502970f67af19709bddf8c781b1a25bdc))
+* 修复CDN插件我爱云因更换接口导致部署失败的问题 ([0110dfd](https://github.com/certd/certd/commit/0110dfdb70b12dfb0a7a067717f3773ed75aae7c))
+* 修复webhook headers value中带等号是解析错误的bug ([1fe3365](https://github.com/certd/certd/commit/1fe3365e10c464c4c60c82f424cf74fe35b883e0))
+* ProxmoxUploadCert 增加强制部署证书 ([441b15e](https://github.com/certd/certd/commit/441b15ed2fe5a143a5bd5508613b3816ddbff596))
+
+### Performance Improvements
+
+* 历史记录查看详情，可以切换到对应的历史记录日志上去 ([082802e](https://github.com/certd/certd/commit/082802e1197156837800f814728ee0f6b300b18c))
+* 流水线同一个阶段任务优化为并行执行 ([efa9c74](https://github.com/certd/certd/commit/efa9c748c5c07fc950af3db742ef9310f1ac9a4b))
+* 升级midwayjs版本 ([057b0b4](https://github.com/certd/certd/commit/057b0b4565e19bb93195633f767b2942e8e40e59))
+* 是否允许爬虫爬取增加ui设置选项 ([779db9d](https://github.com/certd/certd/commit/779db9da705d2dfef36fec21f52bd38af9fc5f2e))
+* 通知支持钉钉群聊机器人 ([fc8bef5](https://github.com/certd/certd/commit/fc8bef5aae522d75d408d8c3aa74543269da5398))
+* 易支付支持固定支付方式，适合没有收银台版本使用 ([81df96b](https://github.com/certd/certd/commit/81df96bf4542ce8d8ef4a428a4460dd554e4719a))
+* 支持易盾RCDN部署 ([065713c](https://github.com/certd/certd/commit/065713cdb6953d16df08585c316c1a7a8eaec437))
+
+## [1.30.6](https://github.com/certd/certd/compare/v1.30.5...v1.30.6) (2025-02-24)
+
+### Performance Improvements
+
+* 禁止爬虫爬取本网站 ([5164116](https://github.com/certd/certd/commit/5164116bde60dabac774cdf94f5317ff386e95ca))
+* 上传到阿里云证书名称后缀增加毫秒时间戳 ([9f0ee21](https://github.com/certd/certd/commit/9f0ee219d02907ffe128a5cf10173397d934ccd7))
+* 支持部署到阿里云FC3.0 ([bcaf54d](https://github.com/certd/certd/commit/bcaf54d4cb7bc469486aae6cdb127ae017eb3abb))
+* 支持新版本LeCDN ([44d43f4](https://github.com/certd/certd/commit/44d43f45cb9094619df7494c2a64a51ba77ad116))
+
+## [1.30.5](https://github.com/certd/certd/compare/v1.30.4...v1.30.5) (2025-02-14)
+
+**Note:** Version bump only for package root
+
+## [1.30.4](https://github.com/certd/certd/compare/v1.30.3...v1.30.4) (2025-02-14)
+
+### Bug Fixes
+
+* 适配最新版1panel密码编码方式 ([78044c0](https://github.com/certd/certd/commit/78044c062e20cdd04f08baef9fb6745bf25eddcf))
+
+## [1.30.3](https://github.com/certd/certd/compare/v1.30.2...v1.30.3) (2025-02-13)
+
+### Bug Fixes
+
+* 修复腾讯云CLB多域名同证书部署报错的bug ([c3a5542](https://github.com/certd/certd/commit/c3a55429357e78f4b78c9592d3e5897db2d4d549))
+* 修复新版本1panel密码需要加密，无法登录的问题 ([ada0b71](https://github.com/certd/certd/commit/ada0b7106e97e551783829e4e719f76793a7123d))
+
+## [1.30.2](https://github.com/certd/certd/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+### Bug Fixes
+
+* 当前置任务被删除时进行校验 ([c89686a](https://github.com/certd/certd/commit/c89686a2fda251484930f0ae715417b618c21690))
+* 修复cloudflare删除解析记录报错的bug ([00c2da4](https://github.com/certd/certd/commit/00c2da444f84adb89f3f1226d03294d7c6e3e4f1))
+
+### Performance Improvements
+
+* 上传自定义证书 ([75a38d9](https://github.com/certd/certd/commit/75a38d95f305b4271d9106babe7cffc1c89ae8f3))
+
+## [1.30.1](https://github.com/certd/certd/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+### Bug Fixes
+
+* 修复部署到阿里云ALB、NLB插件加载混乱的bug ([6ab83b6](https://github.com/certd/certd/commit/6ab83b662a2c5e715b9cb7eb1244de2ebb7f47b0))
+* 修复腾讯clb重复执行会报错的bug ([e95d29f](https://github.com/certd/certd/commit/e95d29f446d06eced315a3087fc9e105a30b20bd))
+* 修复tg消息内容中存在.和*就会发送失败的bug ([ae5dfc3](https://github.com/certd/certd/commit/ae5dfc3bee950267123ae2fbd1c11e7ce36626ea))
+
+### Performance Improvements
+
+* 创建流水线时，默认成功时也发送通知 ([52ae690](https://github.com/certd/certd/commit/52ae6902d203ca56e0312692b50c55cb6ddd3e39))
+* http方式校验，选择sftp时，支持修改文件访问权限比如777 ([15d6eaf](https://github.com/certd/certd/commit/15d6eaf5532ed25acd4f8d58c429353a2f44206c))
+
+# [1.30.0](https://github.com/certd/certd/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/certd/certd/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+* 修复namesilo ttl太短的问题 ([865f26d](https://github.com/certd/certd/commit/865f26d75c0d3dd4dc8b41448f8830068e45957c))
+
+### Features
+
+* 支持open api接口，根据域名获取证书 ([52a4fd3](https://github.com/certd/certd/commit/52a4fd33180e9b3f71b8dc9f7671d7cd8e448c3b))
+
+### Performance Improvements
+
+* 证书仓库 ([91e7f45](https://github.com/certd/certd/commit/91e7f45a1c5ea1e0ec0aa3236b80028f03a6d0aa))
+* 支持部署到阿里云ALB ([653940a](https://github.com/certd/certd/commit/653940a0ca64fc380178c1b0b58ae0af64dfaf07))
+* 支持部署到阿里云NLB、SLB ([c085bac](https://github.com/certd/certd/commit/c085bac5d877c4250a8a79e17eb8673b8e4fc89c))
+* 支持部署到腾讯云直播 ([417d37b](https://github.com/certd/certd/commit/417d37b199b79a42f790f9edab8f178eedf8fbf7))
+* 支持部署证书到proxmox ([d10795e](https://github.com/certd/certd/commit/d10795ecd97eb8cf2ffa46aabfdbfc6812636396))
+
+## [1.29.5](https://github.com/certd/certd/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+### Bug Fixes
+
+* 修复复制到本机插件，pfx格式复制时报错的bug ([f57116d](https://github.com/certd/certd/commit/f57116d2bebf33e47ad93e0b39c4efe8e4aea25c))
+* 修复授权管理，点击了查看原文按钮后，无法修改值的bug ([85c99f7](https://github.com/certd/certd/commit/85c99f7f80761ac6efaf3255c03b933442db1686))
+
+## [1.29.4](https://github.com/certd/certd/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+### Bug Fixes
+
+* 修复站点监控域名校验无法通过的bug ([1cb4a53](https://github.com/certd/certd/commit/1cb4a539cc523721ffd4b22d40d0e3d2d68cd915))
+
+### Performance Improvements
+
+* 优化腾讯云CLB插件，支持非sni情况，sni情况支持填写多个域名 ([635b042](https://github.com/certd/certd/commit/635b042690637bff85e97e07c7aac4b87a8a124b))
+
+## [1.29.3](https://github.com/certd/certd/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Bug Fixes
+
+* 修复系统级授权无法查看密钥的bug ([8644348](https://github.com/certd/certd/commit/8644348fc41ae2e1672f946ca37e5d3a674e0218))
+
+### Performance Improvements
+
+* 优化站点证书检查页面，检查增加3次重试 ([e6dd7cd](https://github.com/certd/certd/commit/e6dd7cd54a3e23897031b5df6e0c3cdc0545d35a))
+* 优化acme sdk ([54db744](https://github.com/certd/certd/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+* 支持http校验方式申请证书 ([405591c](https://github.com/certd/certd/commit/405591c5d08fa1a3b228ee3980199e7731cfec4a))
+* http校验方式，支持七牛云oss、阿里云oss、腾讯云cos ([3f74d4d](https://github.com/certd/certd/commit/3f74d4d9e5f5d0e629b44cff1895b3f7a8fbcafc))
+
+## [1.29.2](https://github.com/certd/certd/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+### Bug Fixes
+
+* 修复套餐关闭状态下，仍然限制用户流水线数量的bug ([66fb9e5](https://github.com/certd/certd/commit/66fb9e5f49491f9c159363b48af14720a37673b1))
+
+## [1.29.1](https://github.com/certd/certd/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+### Bug Fixes
+
+* 免费套餐支持购买 ([f5ec987](https://github.com/certd/certd/commit/f5ec9870fd6af1f0c9099852bbdb4d07813ccce8))
+* 修复某处金额转换丢失精度的bug ([d2d6f12](https://github.com/certd/certd/commit/d2d6f12218cbe7bd55f4ae082b93084be85f0a7b))
+* 修复新版本小红点显示错误问题 ([fe4786e](https://github.com/certd/certd/commit/fe4786e168afe03a5243dd67971476c348339809))
+
+### Performance Improvements
+
+* 用户创建证书流水线没有购买套餐或者超限时提前报错 ([472f06c](https://github.com/certd/certd/commit/472f06c2d190d0ae48e8b53c18bc278437656a1c))
+* 优化插件名称显示 ([26adf7d](https://github.com/certd/certd/commit/26adf7d437e674385f26a8f92fded6521a620671))
+
+# [1.29.0](https://github.com/certd/certd/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+### Bug Fixes
+
+* 修复手机模式下，查询框被文字遮盖的bug ([040788c](https://github.com/certd/certd/commit/040788c793642c3bb2a3ede87fe30fcf3be471bd))
+* 修复左侧菜单收起时无法展开子菜单的bug ([0056223](https://github.com/certd/certd/commit/005622307e612717a5408aa1484717ef03003a22))
+
+### Features
+
+* 基础版不再限制流水线数量 ([cb27d4b](https://github.com/certd/certd/commit/cb27d4b4906b2782eaceb0a95bbdc5d0534370d2))
+* 套餐购买支持易支付、支付宝支付 ([faa28f8](https://github.com/certd/certd/commit/faa28f88f954cba4c1dd29125562e5acd2fd99af))
+* 用户套餐，用户支付功能 ([a019956](https://github.com/certd/certd/commit/a019956698acaf2c4beb620b5ad8c18918ead6a1))
+* 站点证书监控 ([9c8c7a7](https://github.com/certd/certd/commit/9c8c7a781223f4217f45510db1e89495600e3cd5))
+* 支持微信支付 ([45d6347](https://github.com/certd/certd/commit/45d6347f5b6199493b11aabdd74177f6dca2cea4))
+
+### Performance Improvements
+
+* 调整创建证书表单字段的顺序 ([d393521](https://github.com/certd/certd/commit/d3935219f2aa50d6662c5b5ebf7ee25ad696ab2b))
+* 同一时间只允许一个套餐生效 ([8ebf95a](https://github.com/certd/certd/commit/8ebf95a222a900d1707716c7b1f3b39f8a6d8f94))
+* 用户名支持修改 ([89c7f07](https://github.com/certd/certd/commit/89c7f070343e86453c84677ebe1669f9b266d871))
+* 优化证书申请跳过的状态显示，成功通知现在在跳过时不会发送 ([67d762b](https://github.com/certd/certd/commit/67d762b6a520f1fa24719a124e5ae975a81f5f82))
+* 站点证书监控通知发送，每天定时检查 ([bb4910f](https://github.com/certd/certd/commit/bb4910f4e57234e42b44505f4620ae7af66025c5))
+* 支持一体证书 ([53c38cf](https://github.com/certd/certd/commit/53c38cf714a6f7486abbf1d71c9f48f56a790100))
+* 支持plesk网站证书部署 ([eda45c1](https://github.com/certd/certd/commit/eda45c1528199648b3970505e87f492d398226cd))
+
+## [1.28.4](https://github.com/certd/certd/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+### Bug Fixes
+
+* 修复证书成功通知发送失败的bug ([0f5c690](https://github.com/certd/certd/commit/0f5c69040ba77340c909813220a26bc7ddada3ea))
+
+### Performance Improvements
+
+* 群晖支持6.x ([79f7ec4](https://github.com/certd/certd/commit/79f7ec4672f4fd5744cc45e4a6f104da943f4026))
+
+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+* 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
+* mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
+
+### Performance Improvements
+
+* 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Bug Fixes
+
+* 修复lego No help topic for 错误 ([aaaf8d7](https://github.com/certd/certd/commit/aaaf8d7db34896cf8f2ff8f12eec1ab0cae58f0f))
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Bug Fixes
+
+* 顶部菜单变...的bug ([6dabad7](https://github.com/certd/certd/commit/6dabad76baba96be0f8af36a3fbfb9f5182aecf1))
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+* 授权加密支持解密查看 ([5575c83](https://github.com/certd/certd/commit/5575c839705f6987ad2bdcd33256b0962c6a9c6a))
+* 重置管理员密码同时启用管理员账户，避免之前禁用了，重置密码还是登录不进去 ([f92d918](https://github.com/certd/certd/commit/f92d918a1e28e29b794ad4754661ea760c18af46))
+
+## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复阿里云部署大杀器报插件_还未注册错误的bug ([abd2dcf](https://github.com/certd/certd/commit/abd2dcf2e85a545321bae6451406d081f773b132))
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/certd/certd/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+### Performance Improvements
+
+* 顶部菜单自定义 ([54d136c](https://github.com/certd/certd/commit/54d136cc6ae122f7c891b7a5c7232fe5de8e5cb5))
+* 禁用readonly用户 ([d10d42e](https://github.com/certd/certd/commit/d10d42e20619bb55a50d636b8867ff33db4e3b4b))
+* 限制其他用户流水线数量 ([315e437](https://github.com/certd/certd/commit/315e43746baf01682737f82e41579237a48409af))
+* 用户管理优化头像上传 ([661293c](https://github.com/certd/certd/commit/661293c189a3abf3cdc953b5225192372f57930d))
+
+## [1.26.13](https://github.com/certd/certd/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+### Bug Fixes
+
+* 修复对话框全屏按钮与关闭按钮重叠的bug ([95df56c](https://github.com/certd/certd/commit/95df56cc5ca5e3eb843cd17cb7078cde47729f1e))
+* deprecated的运行时不要报错，只报警告 ([bcbefaa](https://github.com/certd/certd/commit/bcbefaaa35cf6d0eec085b3a2c5bfc7c6a8de9e1))
+
+### Performance Improvements
+
+* 更新certd本身的证书文档说明 ([0c50ede](https://github.com/certd/certd/commit/0c50ede129337b82df54575cbd2f4c2a783a0732))
+* 支持同时监听https端口，7002 ([d5a17f9](https://github.com/certd/certd/commit/d5a17f9e6afd63fda2df0981118480f25a1fac2e))
+
+## [1.26.12](https://github.com/certd/certd/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+### Performance Improvements
+
+* 部署到阿里云任意云资源，阿里云部署大杀器 ([4075be7](https://github.com/certd/certd/commit/4075be7849b140acb92bd8da8a9acbf4eef85180))
+* 文件名特殊字符限制输入 ([c4164c6](https://github.com/certd/certd/commit/c4164c66e29f3ec799f98108a344806ca61e94ff))
+* 新增部署到百度云CDN插件 ([f126f9f](https://github.com/certd/certd/commit/f126f9f932d37fa01fff1accc7bdd17d349f8db5))
+* 新增部署到腾讯云CDN-v2，推荐使用 ([d782655](https://github.com/certd/certd/commit/d782655cb4dfbb74138178afbffeee76fc755115))
+* 优化cron选择器，增加下次触发时间显示 ([5b148b7](https://github.com/certd/certd/commit/5b148b7ed960ca6f7f5b733b2eadd56eeecbd4c2))
+* 支持部署到腾讯云COS ([a8a45d7](https://github.com/certd/certd/commit/a8a45d7f757820990e278533277a3deda5ba48f3))
+* 支持配置公共ZeroSSL授权 ([a90d1e6](https://github.com/certd/certd/commit/a90d1e68ee9cbc3705223457b8a86f071b150968))
+
+## [1.26.11](https://github.com/certd/certd/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/certd/certd/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+* 修复移动任务后出现空阶段的bug ([4ea3edd](https://github.com/certd/certd/commit/4ea3edd59e93ca4f5b2e43b20dd4ef33909caddb))
+* 修复google证书*.xx.com与xx.com同时申请时报错的bug ([f8b99b8](https://github.com/certd/certd/commit/f8b99b81a23e7e9fd5e05ebd5caf355c41d67a90))
+* 允许七牛云cdn插件输入.号开头的通配符域名 ([18ee87d](https://github.com/certd/certd/commit/18ee87daff6eafc2201b58e28d85aafd3cb7a5b9))
+
+### Performance Improvements
+
+* 申请证书启用新的反代地址 ([a705182](https://github.com/certd/certd/commit/a705182b85e51157883e48f23463263793bf3c12))
+* 优化日志颜色 ([1291e98](https://github.com/certd/certd/commit/1291e98e821c5b1810aab7f0aebe3f5f5cd44a20))
+* 优化证书申请速度和成功率，反代地址优化，google基本可以稳定请求。增加请求重试。 ([41d9c3a](https://github.com/certd/certd/commit/41d9c3ac8398def541e65351cbe920d4a927182d))
+* 优化pfx密码密码输入框，让浏览器不自动填写密码 ([ffeede3](https://github.com/certd/certd/commit/ffeede38afa70c5ff6f2015516bead23d2c4df87))
+
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
+## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
+
+### Bug Fixes
+
+* 修复普通用户无法校验cname配置的bug ([6285497](https://github.com/certd/certd/commit/62854978bf0bdbe749b42f8e40ab227ab31ec92f))
+* 修复切换普通用户登录时，左侧菜单没有同步更新的bug ([12116a8](https://github.com/certd/certd/commit/12116a89f43cf8b98f16d2ea6073f6b72a643215))
+* 修正邮箱设置跳转路由 ([17d8890](https://github.com/certd/certd/commit/17d88900a1f0e3af609b74597f5b1978230db32d))
+
+### Performance Improvements
+
+* 触发证书重新申请input变化对比规则优化，减少升级版本后触发申请证书的情况 ([c46a2a9](https://github.com/certd/certd/commit/c46a2a9a399c2a9a8bb59a48b9fb6e93227cce9b))
+* 任务下所有步骤都跳过时，整个任务显示跳过 ([84fd3b2](https://github.com/certd/certd/commit/84fd3b250dd1161ea06c5582fdadece4b29c2e53))
+* 授权配置去除前后空格 ([57d8d48](https://github.com/certd/certd/commit/57d8d48046fbf51c52b041d2dec03d51fb018587))
+* 数据库备份插件，先压缩再备份 ([304ef49](https://github.com/certd/certd/commit/304ef494fd5787c996ad0dcb6edd2f517afce9e2))
+* 优化菜单 ([1f4f157](https://github.com/certd/certd/commit/1f4f15757de1015cf7563f7022599eef58cc93d7))
+* 增加文档站 https://certd.docmirror.cn ([6e2ac1c](https://github.com/certd/certd/commit/6e2ac1c089f6ddccb396f1f2738509c05333e1bb))
+
 ## [1.26.8](https://github.com/certd/certd/compare/v1.26.7...v1.26.8) (2024-10-15)
 
 ### Bug Fixes

docs/guide/development/demo/access.md

@@ -0,0 +1,88 @@
+
+# 授权插件Demo
+
+```ts
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+import { isDev } from '../../utils/env.js';
+
+/**
+ * 这个注解将注册一个授权配置
+ * 在certd的后台管理系统中，用户可以选择添加此类型的授权
+ */
+@IsAccess({
+  name: 'demo',
+  title: '授权插件示例',
+  icon: 'clarity:plugin-line',
+  desc: '',
+})
+export class DemoAccess extends BaseAccess {
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    title: '密钥Id',
+    component: {
+      placeholder: 'demoKeyId',
+    },
+    required: true,
+  })
+  demoKeyId = '';
+
+  /**
+   * 授权属性配置
+   */
+  @AccessInput({
+    //标题
+    title: '密钥串',
+    component: {
+      //input组件的placeholder
+      placeholder: 'demoKeySecret',
+    },
+    //是否必填
+    required: true,
+    //改属性是否需要加密
+    encrypt: true,
+  })
+  //属性名称
+  demoKeySecret = '';
+}
+new DemoAccess();
+```
+
+
+# 阿里云授权
+```ts
+
+import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
+
+@IsAccess({
+  name: "aliyun",
+  title: "阿里云授权",
+  desc: "",
+  icon: "ant-design:aliyun-outlined",
+  order: 0,
+})
+export class AliyunAccess extends BaseAccess {
+  @AccessInput({
+    title: "accessKeyId",
+    component: {
+      placeholder: "accessKeyId",
+    },
+    helper: "登录阿里云控制台->AccessKey管理页面获取。",
+    required: true,
+  })
+  accessKeyId = "";
+  @AccessInput({
+    title: "accessKeySecret",
+    component: {
+      placeholder: "accessKeySecret",
+    },
+    required: true,
+    encrypt: true,
+    helper: "注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey",
+  })
+  accessKeySecret = "";
+}
+
+new AliyunAccess();
+```

docs/guide/development/index.md

@@ -1,20 +1,19 @@
 # 本地开发
 欢迎贡献插件
 
-## 1.本地调试运行
+建议nodejs版本 `20.x` 及以上
+
+## 一、本地调试运行
 
 ### 克隆代码
 ```shell
 
 # 克隆代码
-git clone https://github.com/certd/certd
+git clone https://github.com/certd/certd --depth=1
 
 #进入项目目录
 cd certd
 
-# 切换到最新版本代码
-git checkout v1.26.7  # 这里换成最新版本号
-
 ```
 
 ### 修改pnpm-workspace.yaml文件
@@ -29,7 +28,7 @@ packages:
 ### 安装依赖和初始化:
 ```shell
 # 安装pnpm，如果提示npm命令不存在，就需要先安装nodejs
-npm install -g pnpm@8.15.7 --registry=https://registry.npmmirror.com
+npm install -g pnpm--registry=https://registry.npmmirror.com
 
 # 使用国内镜像源，如果有代理，就不需要
 pnpm config set registry https://registry.npmmirror.com
@@ -37,25 +36,25 @@ pnpm config set registry https://registry.npmmirror.com
 pnpm install
 
 # 初始化构建
-npm run init
+pnpm init
 ```
 
 ### 启动 server:
 ```shell
 cd packages/ui/certd-server
-npm run dev
+pnpm dev
 ```
 
 ### 启动 client:
 ```shell
 cd packages/ui/certd-client
-npm run dev
+pnpm dev
 
 # 会自动打开浏览器，确认正常运行
 
 ```
 
-## 开发插件
+## 二、开发插件
 进入 `packages/ui/certd-server/src/plugins`
 
 ### 1.复制`plugin-demo`目录作为你的插件目录
@@ -89,8 +88,22 @@ export * from './plugins/plugin-deploy-to-xx'
 export * from "./plugin-cloudflare.js"
 ```
 
-## 重启服务进行调试
+### 6. 重启服务进行调试
 刷新浏览器，检查你的插件是否工作正常， 确保能够正常进行证书申请和部署
 
-## 提交PR
+## 三、提交PR
 我们将尽快审核PR
+
+## 四、 注意事项
+### 1.  如何让任务报错停止
+
+```js
+// 抛出异常即可使任务停止，否则会判定为成功
+throw new Error("错误信息")
+```
+
+
+## 五、贡献插件送激活码
+
+- PR要求，插件功能完整，代码规范
+- PR通过后，联系我们，送您一个半年期专业版激活码

docs/guide/donate/index.md

@@ -7,16 +7,22 @@ https://afdian.com/a/greper
 1. 可加入发电专属群，可以获得作者一对一技术支持
 2. 您的需求我们将优先实现，并且将作为专业版功能提供
 3. 一年期专业版激活码
-4. 赠送国外免费服务器部署方案（0成本使用Certd，可能需要翻墙，不过现在性能越来越差了）
 
 
 ## 专业版特权对比
 
-| 功能      | 免费版                    | 专业版                   |
-|---------|------------------------|-----------------------|
-| 免费证书申请  | 免费无限制                  | 免费无限制                 |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 发邮件功能   | 需要配置                   | 免配置                   |
-| 证书流水线条数 | 10条                    | 无限制                   |
+| 功能      | 免费版                    | 专业版                         |
+|---------|------------------------|-----------------------------|
+| 免费证书申请  | 免费无限制                  | 免费无限制                       |
+| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中       |
+| 证书流水线条数 | 无限制                    | 无限制                         |
+| 站点证书监控  | 限制1条                   | 无限制                         |
+| 通知      | 邮件通知、自定义webhook        | 邮件免配置、企微、飞书、anpush、server酱等 |
 
+
+## 专业版激活方式
+
+![](./images/plus.png)
+
+发电后，在私信中获取激活码
 ************************

docs/guide/feature/cname/index.md

@@ -11,7 +11,7 @@
 
 ## 2. 原理
 * 假设你要申请证书的域名叫：`cert.com` ,它是在`Certd`不支持的服务商注册的
-* 假设你还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
+* 假设我们还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
 * 当我们按照如下进行配置时
 ```
                   CNAME记录（手动、固定）           TXT记录（自动、随机）
@@ -19,20 +19,17 @@ _acme-challenge.cert.com ---> xxxxx.cname.proxy.com ----> txt-record-abcdefg
    
 ```
 * 证书颁发机构就可以从`_acme-challenge.cert.com`查到TXT记录 `txt-record-abcdefg`，从而完成域名所有权校验。
-* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd`可以自动添加的。
+* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd` 是可以自动添加的。
 * 剩下的只需要在你的`cert.com`域名中手动添加一条固定的`CNAME解析`即可
                          
 
 ## 3. Certd CNAME使用步骤
 
-1. 准备`一个`支持的服务商的注册的域名（`proxy.com`），或者将你众多域名其中`一个`的`DNS服务器`转到这几家服务商。
-2. 然后到`Certd`的 `CNAME服务管理`界面，用`cname.proxy.com`创建一条默认的CNAME服务，提供DNS提供商授权。
-   ![](./images/cname1.png)
-2. 然后创建证书流水线，输入`cert.com`，选择`CNAME`校验方式
-  
-3. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
+
+1. 创建证书流水线，输入你要申请证书的域名，假设就是`cert.com`，然后选择`CNAME`校验方式
+2. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录模版，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
    ![](./images/cname2.png)
-3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击校验，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
+3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击验证，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
    ![](./images/cname3.png)
    ![](./images/cname4.png)
 4. 申请过程中，Certd会在`xxxxxx.cname.proxy.com`下自动添加TXT记录。 

docs/guide/feature/safe/hidden/index.md

@@ -0,0 +1,27 @@
+# 站点隐藏
+
+* 一般来说Certd设置好之后，很少需要访问。
+* 所以我们`平时`可以把`站点访问关闭`，需要的时候再打开，减少站点被攻击的风险    
+
+## 1、开启站点隐藏
+`系统管理->系统设置->安全设置->站点隐藏 `  
+
+
+![](./images/hidden1.png)
+
+:::warning  
+
+注意保存好`解除地址`和`解除密码`   
+
+::: 
+
+## 2、临时关闭站点隐藏
+
+访问上面的`解除地址`，输入`解除密码`，`临时解除`站点隐藏
+
+![](./images/hidden2.png)
+
+## 3、忘记解除地址和解除密码怎么办
+登录服务器，在数据库平级的目录下创建`.unhidden`命名的空白文件，即可临时解除站点隐藏       
+临时解除后会自动删除`.unhidden`文件，请尽快设置好新的`解除地址`和`解除密码`，并记住    
+

docs/guide/feature/safe/index.md

@@ -0,0 +1,49 @@
+# 安全特性
+
+Certd 存储了证书以及授权等敏感数据，所以需要严格保障安全。      
+我们提供了以下安全特性，以及安全生产建议（请遵照建议进行生产部署以保障数据安全）
+
+## 一、站点安全特性
+
+### 1、 授权数据加密存储【默认开启】
+* 所有的授权敏感字段会加密后存储
+* 每个用户独立维护授权数据，连管理员都无权查看
+
+![星号部分为加密数据](./images/access.png)
+星号部分为加密数据
+
+### 2、 密码防爆破【默认开启】
+* 登录失败次数过多，账号将被锁定，最高24小时(重启服务可解除锁定)
+* 用户登录密码加密hash后存储，无法计算出密码明文
+  ![](./images/login.png)
+
+### 3、站点隐藏【建议开启】
+* 一般来说Certd设置好之后，后续很少需要访问修改。
+* 所以我们平时可以把站点访问关闭，需要的时候再打开，减少站点被攻击的风险    
+* 请前往 `系统管理->系统设置->安全设置->开启站点隐藏`
+  ![](./images/hidden.png)
+
+点击查看 [站点隐藏功能详细使用说明](./hidden/)
+
+
+### 4、登录双重验证
+
+支持2FA双重认证
+
+![](./images/2fa.png)
+
+### 5、数据库自动备份【建议开启】
+* [自动备份设置说明](../../use/backup/)
+
+
+## 二、安全生产建议
+
+尽管`Cert`本身实现了很多安全特性，但`外部环境的安全`仍需要您来确保。    
+请`务必`遵循如下建议做好安全防护
+
+* 请`务必`使用`HTTPS协议`访问本应用，避免被中间人攻击
+* 请`务必`使用`web应用防火墙`防护本应用，防止XSS、SQL注入等攻击
+* 请`务必`做好`服务器本身`的安全防护，防止数据库泄露
+* 请`务必`做好[`数据备份`](../../use/backup/)，避免数据丢失
+* 请`务必`修改管理员账号用户名，且建议将admin注册为普通用户，且设置为禁用。
+* 建议开启[`站点隐藏`](./hidden/)功能

docs/guide/image.md

@@ -9,6 +9,10 @@
 * `greper/certd:latest`
 * `greper/certd:armv7`、`greper/certd:[version]-armv7`
 
+## GitHub Packages地址:
+* `ghcr.io/certd/certd:latest`
+* `ghcr.io/certd/certd:armv7`、`ghcr.io/certd/certd:[version]-armv7`
+* 
 ## 镜像构建公开
 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用   
 * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml)

docs/guide/index.md

@@ -5,30 +5,28 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 
 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
 
+## 1、关于证书续期
+>* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
+>* 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
+>* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
 
-## 一、特性
+
+## 2、项目特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。
 
-* 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
-* 邮件通知
-* 私有化部署，保障数据安全
-* 支持sqlite，postgresql数据库
+* 全自动申请证书（支持所有注册商注册的域名，支持DNS-01、HTTP-01、CNAME代理等多种域名验证方式）
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
+* 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
+* 私有化部署，数据保存本地，安装升级非常简单快捷
+* 镜像由Github Actions构建，过程公开透明
+* 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
+* 支持SQLite，PostgreSQL、MySQL多种数据库
+* 开放接口支持
+* 站点证书监控
+* 多用户管理
 
 
-## 二、一些说明
-* 本项目申请证书过程遵循acme协议
-* 需要验证域名所有权，一般有两种方式
-    * http-01： 在网站根目录下放置一份txt文件
-    * dns-01： 需要给域名添加txt解析记录，通配符域名只能用这种方式（本项目仅支持dns-01）
-* 证书续期：
-    * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
-    * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
-* 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
+  ![](../images/intro/intro.svg)
+
 
-## 三、证书颁发机构对比
-* Let's Encrypt：申请最简单。
-* Google: 大厂光环，兼容性好，需要翻墙获取EAB。
-* ZeroSSL： 有数量限制，获取EAB无需翻墙。

docs/guide/install/1panel/index.md

@@ -19,7 +19,8 @@ https://1panel.cn/docs/installation/online_installation/
 3. 点击确定，启动容器   
    ![](./images/2.png)
 
-> 默认数据保存在`/data/certd`目录下，可以手动备份
+> 默认使用sqlite数据库，数据保存在`/data/certd`目录下，您可以手动备份该目录   
+> certd还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
 
 3. 访问测试
 
@@ -31,15 +32,12 @@ admin/123456
 
 ## 三、升级
 
-1. 找到容器，点击编辑
-   ![](./images/edit1.png)
+1. 找到容器，点击更多->升级
+   ![](./images/upgrade-1.png)
 
-2. 将latest修改为最新版本号
-   ![](https://img.shields.io/npm/v/%40certd%2Fpipeline)
+2. 选择强制拉取镜像，点击确认即可
+![img.png](./images/upgrade-2.png)
 
-![img.png](./images/edit2.png)
-
-3. 点击确定，重启容器
 
 ## 四、数据备份
 
@@ -48,4 +46,4 @@ admin/123456
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/baota/index.md

@@ -13,7 +13,7 @@
 
 #### 2.1 应用商店一键部署【推荐】
 
-* 在应用商店中找到`certd`（要先点右上角更新应用）
+* 在宝塔Docker应用商店中找到`certd`（要先点右上角更新应用）
 * 点击安装，配置域名等基本信息即可完成安装
 
 > 需要宝塔9.2.0及以上版本才支持
@@ -29,6 +29,9 @@
 点击确定，等待启动完成   
 ![](./images/2.png)
 
+> certd默认使用sqlite数据库，另外支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+
+
 ## 二、访问应用
 
 http://ip:7001    
@@ -38,28 +41,12 @@ admin/123456
 登录后请及时修改密码
 
 ## 三、如何升级
+宝塔升级certd非常简单
 
-### 1. 应用商店安装，直接更新镜像即可
-
+`docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
 ![img.png](./images/upgrade.png)
 
 
-### 2. latest更新方式
-在主机上拉取最新镜像，然后面板上重启容器
-```shell
-docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
-```
-
-### 3. 固定版本号方式
-
-修改容器编排模版中的镜像版本号，然后面板上重启容器
-```shell
-services:
-  certd:
-    # 镜像                                #  修改最新版本号  ---- ↓↓↓↓↓ 
-    image: registry.cn-shenzhen.aliyuncs.com/handsfree/certd:v1.xx.x
-```
-
 ## 四、数据备份
 
 ### 4.1 应用商店部署方式
@@ -75,10 +62,20 @@ services:
 数据默认保存在`/data/certd`目录下，可以手动备份
 
 
+
 ### 4.3 自动备份
 
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
 
 ## 五、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可
+
+
+## 六、宝塔部署相关问题排查
+
+### 1. 无法访问Certd
+1. 确认服务器的安全规则，是否放开了对应端口
+2. 确认宝塔防火墙是否放开对应端口
+3. 尝试将Certd容器加入宝塔的`bridge`网络 
+![](./images/network.png)

docs/guide/install/database.md

@@ -0,0 +1,73 @@
+# 切换数据库
+
+certd支持如下几种数据库：
+1. sqlite3 (默认)
+2. mysql 
+3. postgresql
+   
+您可以按如下两种方式切换数据库
+
+
+## 一、全新安装
+::: tip   
+以下按照`docker-compose`安装方式介绍如何使用mysql或postgresql数据库    
+如果您使用其他方式部署，请自行修改对应的环境变量即可。   
+:::
+
+### 1.1、使用mysql数据库
+
+1. 安装mysql，创建数据库 `(注意：charset=utf8mb4, collation=utf8mb4_bin)`
+2. 下载最新的docker-compose.yaml
+3. 修改环境变量配置
+```yaml
+services:
+  certd:
+    environment:
+      # 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录 【照抄】
+      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb 
+      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+      - certd_typeorm_dataSource_default_username=root                  # 用户名
+      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+```
+4. 启动certd
+```shell
+docker-compose up -d
+```
+
+
+### 1.2、使用Postgresql数据库
+
+1. 安装postgresql，创建数据库
+2. 下载最新的docker-compose.yaml
+3. 修改环境变量配置
+```yaml
+services:
+  certd:
+    environment:
+      # 使用postgresql数据库，需要提前创建数据库
+      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录 【照抄】
+      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型 【照抄】
+      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
+      - certd_typeorm_dataSource_default_username=postgres              # 用户名
+      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+      - certd_typeorm_dataSource_default_database=certd                 # 数据库名
+
+```
+4. 启动certd
+```shell
+docker-compose up -d
+```
+
+## 二、从旧版的sqlite切换数据库
+
+1. 先将`旧certd`升级到最新版 （`建议：备份sqlite数据库` ）
+2. 按照上面全新安装方式部署一套`新的certd` （`注意：新旧版本的certd要一致`）
+3. 使用数据库工具将数据从sqlite导入到mysql或postgresql （`注意：flyway_history数据表不要导入`）
+4. 重启新certd
+5. 确认没有问题之后，删除旧版certd
+

docs/guide/install/docker/index.md

@@ -41,7 +41,9 @@ docker compose up -d
 
 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
-> 然后使用 `docker-compose up -d` 启动
+
+> certd默认使用sqlite数据库，另外还支持`mysql`和`postgresql`数据库，[点我了解如何切换其他数据库](../database)
+
 
 ### 3. 访问测试
 
@@ -53,6 +55,11 @@ https://your_server_ip:7002
 
 ## 二、升级
 
+::: warning   
+如果您是第一次升级certd版本，切记切记先备份一下数据    
+:::
+
+
 ### 如果使用固定版本号
 1. 修改`docker-compose.yaml`中的镜像版本号
 2. 运行`docker compose up -d` 即可
@@ -71,4 +78,4 @@ docker compose up -d
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可

docs/guide/install/source/index.md

@@ -1,11 +1,15 @@
 # 源码部署
+如果没有开发基础、没有运维基础、没有`git`和`nodejs`基础，强烈不推荐此方式
 
 ## 一、源码安装
+
+### 环境要求
+- nodejs 20 及以上
 ### 源码启动
 ```shell
 # 克隆代码
-git clone https://github.com/certd/certd
-# git checkout v1.x.x  # 1.x.x换成最新版本号，当v2主干分支代码无法正常启动时，可以尝试此命令
+git clone https://github.com/certd/certd --depth=1
+# git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
 ./start.sh  
@@ -26,14 +30,25 @@ https://your_server_ip:7002
 ## 二、升级
 
 ```shell
-# 更新代码并启动
+
 cd certd
+# 确保数据安全，备份一下数据
+cp -rf ./packages/ui/certd-server/data ../certd-data-backup
+
 git pull
+# 如果提示pull失败，可以尝试强制更新
+# git checkout v2 -f && git pull 
+
 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
 ./start.sh
+
 ```
+::: warning   
+升级certd版本前，切记切记先备份一下数据    
+:::
+
 
 ## 三、数据备份
 > 数据默认保存在 `./packages/ui/certd-server/data` 目录下    
@@ -42,4 +57,4 @@ kill -9 $(lsof -t -i:7001)
 
 ## 四、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可

docs/guide/install/upgrade.md

@@ -0,0 +1,16 @@
+# 版本升级
+
+## 升级方法
+根据不同部署方式查看升级方法
+
+1. [Docker方式部署升级](./docker/#二、升级)
+2. [宝塔面板方式部署升级](./baota/#三、如何升级)
+3. [1Panel面板方式部署升级](./1panel/#三、升级)
+4. [源码方式部署](./source/#二、升级)
+
+::: warning   
+如果您是第一次升级certd版本，切记切记先备份一下数据    
+:::
+
+## 升级日志
+[CHANGELOG](../changelogs/CHANGELOG.md)

docs/guide/open/index.md

@@ -0,0 +1,21 @@
+# 开放接口
+被动方式对第三方提供证书， 支持根据域名或证书id获取证书。
+
+## 获取keyId和KeySecret
+
+![](./images/1.png)
+
+## 接口文档
+
+https://apifox.com/apidoc/shared-2e76f8c4-7c58-413b-a32d-a1316529af44/254949529e0
+
+## Token生成方法
+
+header中传入x-certd-token即可调用开放接口   
+1、首先从OpenKey页面生成keyId，keySecret；    
+2、准备一个content( json字符串)： content={"keyId":keyId, t:时间戳秒数, encrypt:false, signType:"md5"} `// encrypt返回结果是否加密`   
+3、将content加上keySecret进行签名： sign = md5(content + keySecret)   
+4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   
+
+## SDK
+待开发

docs/guide/plugins.md

@@ -1,5 +0,0 @@
-# 插件列表
-
-![img_1.png](../images/plugins/list.png)
-
-

docs/guide/plugins/access.md

@@ -0,0 +1,58 @@
+# 授权列表
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云授权** |  | 
+| 2.| **EAB授权** | ZeroSSL证书申请需要EAB授权 | 
+| 3.| **google cloud** | 谷歌云授权 | 
+| 4.| **主机登录授权** |  | 
+| 5.| **SFTP授权** |  | 
+| 6.| **阿里云OSS授权** | 包含地域和Bucket | 
+| 7.| **FTP授权** |  | 
+| 8.| **腾讯云** |  | 
+| 9.| **腾讯云COS授权** | 腾讯云对象存储授权，包含地域和存储桶 | 
+| 10.| **七牛云授权** |  | 
+| 11.| **七牛OSS授权** |  | 
+| 12.| **天翼云授权** |  | 
+| 13.| **s3/minio授权** | S3/minio oss授权 | 
+| 14.| **baota授权** |  | 
+| 15.| **易盾DCDN授权** | https://user.yiduncdn.com | 
+| 16.| **易盾rcdn授权** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 17.| **易发云短信** | sms.yfyidc.cn/ | 
+| 18.| **cdnfly授权** |  | 
+| 19.| **群晖登录授权** |  | 
+| 20.| **k8s授权** |  | 
+| 21.| **1panel授权** | 账号和密码 | 
+| 22.| **百度云授权** |  | 
+| 23.| **LeCDN授权** |  | 
+| 24.| **白山云授权** |  | 
+| 25.| **plesk授权** |  | 
+| 26.| **易支付** |  | 
+| 27.| **支付宝** |  | 
+| 28.| **微信支付** |  | 
+| 29.| **长亭雷池授权** |  | 
+| 30.| **lucky** |  | 
+| 31.| **括彩云cdn授权** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 32.| **uniCloud** | unicloud授权 | 
+| 33.| **华为云授权** |  | 
+| 34.| **西部数码授权** |  | 
+| 35.| **多吉云** |  | 
+| 36.| **我爱云授权** | 我爱云CDN | 
+| 37.| **CacheFly** | CacheFly | 
+| 38.| **Gcore** | Gcore | 
+| 39.| **亚马逊云aws授权** |  | 
+| 40.| **dns.la授权** |  | 
+| 41.| **又拍云** |  | 
+| 42.| **火山引擎** |  | 
+| 43.| **京东云** |  | 
+| 44.| **51dns授权** |  | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/deploy.md

@@ -0,0 +1,130 @@
+# 任务插件
+共 `70` 款任务插件    
+## 1. 证书申请
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 2.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
+| 3.| **商用证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
+## 2. 主机
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **FTP-上传证书到FTP** | 将证书上传到FTP服务器 | 
+| 2.| **IIS-部署到IIS站点** |  | 
+| 3.| **主机-执行远程主机脚本命令** | 可以执行重启nginx等操作让证书生效 | 
+| 4.| **主机-部署证书到SSH主机** | SFTP上传证书到主机，然后SSH执行部署脚本命令 | 
+## 3. CDN
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **易盾-部署到易盾DCDN** | 主要是防御，http://user.yiduncdn.com/ | 
+| 2.| **易盾-部署到易盾RCDN** | 易盾CDN，每月免费30G，[注册即领](https://rhcdn.yiduncdn.com/register?code=8mn536rrzfbf8) | 
+| 3.| **cdnfly-部署证书到cdnfly** | cdnfly | 
+| 4.| **百度云-部署证书到CDN** | 部署到百度云CDN | 
+| 5.| **LeCDN-更新证书** |  | 
+| 6.| **LeCDN-更新证书V2** | 支持新版本LeCDN | 
+| 7.| **白山云-更新证书** |  | 
+| 8.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
+| 9.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
+| 10.| **多吉云-部署到多吉云CDN** |  | 
+| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+## 4. 面板
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **宝塔-面板证书部署** | 部署宝塔面板本身的ssl证书 | 
+| 2.| **宝塔-网站证书部署** | 部署宝塔管理的站点的ssl证书，目前支持网站站点、docker站点等 | 
+| 3.| **群晖-部署证书到群晖面板** | Synology，支持6.x以上版本 | 
+| 4.| **K8S-部署证书到Secret** | 部署证书到k8s的secret | 
+| 5.| **K8S-Ingress 证书部署** | 部署证书到k8s的Ingress | 
+| 6.| **1Panel-部署证书到1Panel** | 更新1Panel的证书 | 
+| 7.| **Plesk-部署Plesk网站证书** |  | 
+| 8.| **雷池-更新证书** | 更新长亭雷池WAF的证书 | 
+| 9.| **lucky-更新Lucky证书** |  | 
+| 10.| **uniCloud-部署到服务空间** | 部署到服务空间 | 
+| 11.| **威联通-部署证书到威联通** | 部署证书到qnap | 
+## 5. 阿里云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云-部署到Ack** | 部署到阿里云Ack集群Ingress等通过Secret管理证书的应用 | 
+| 2.| **阿里云-部署至任意云资源** | 【不建议使用】需要消耗阿里云自动部署次数，支持SLB、LIVE、webHosting、VOD、CR、DCDN、DDoS、CDN、ALB、APIGateway、FC、GA、MSE、NLB、OSS、SAE、WAF等云产品 | 
+| 3.| **阿里云-部署证书至CDN** | 自动部署域名证书至阿里云CDN | 
+| 4.| **阿里云-部署证书至DCDN** | 依赖证书申请前置任务，自动部署域名证书至阿里云DCDN | 
+| 5.| **阿里云-部署证书至OSS** | 自动部署域名证书至阿里云OSS | 
+| 6.| **阿里云-上传证书到阿里云** | 如果不想在阿里云上同一份证书上传多次，可以把此任务作为前置任务，其他阿里云任务证书那一项选择此任务的输出 | 
+| 7.| **阿里云-部署至阿里云WAF** | 部署证书到阿里云WAF | 
+| 8.| **阿里云-部署至ALB（应用负载均衡）** | ALB,更新监听器的默认证书 | 
+| 9.| **阿里云-部署至NLB（网络负载均衡）** | NLB,网络负载均衡,更新监听器的默认证书 | 
+| 10.| **阿里云-部署至SLB(传统负载均衡)** | 部署证书到阿里云SLB(传统负载均衡) | 
+| 11.| **阿里云-部署至阿里云FC(3.0)** | 部署证书到阿里云函数计算（FC3.0）,【注意】证书的加密算法必须选择【pkcs1旧版】 | 
+## 6. 华为云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **华为云-部署证书至CDN** |  | 
+## 7. 腾讯云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **腾讯云-部署证书到任意云资源** | 支持负载均衡、CDN、DDoS、直播、点播、Web应用防火墙、API网关、TEO、容器服务、对象存储、轻应用服务器、云原生微服务、云开发 | 
+| 2.| **腾讯云-部署到CLB** | 暂时只支持单向认证证书，暂时只支持通用负载均衡 | 
+| 3.| **腾讯云-部署到CDN（废弃）** | 已废弃，请使用v2版 | 
+| 4.| **腾讯云-部署到CDN-v2** | 推荐使用 | 
+| 5.| **腾讯云-上传证书到腾讯云** | 上传成功后输出：tencentCertId | 
+| 6.| **腾讯云-部署证书到COS** | 部署到腾讯云COS源站域名证书【注意：很不稳定，需要重试很多次偶尔才能成功一次】 | 
+| 7.| **腾讯云-部署到腾讯云EO** | 腾讯云边缘安全加速平台EO，必须配置上传证书到腾讯云任务 | 
+| 8.| **腾讯云-删除即将过期证书** | 仅删除未使用的证书 | 
+| 9.| **腾讯云-部署到TKE-ingress** | serverless集群请使用K8S部署插件；Qcloud类型需要【上传到腾讯云】作为前置任务；ApiServer未开启外网访问则需要做域名的内网IP映射 | 
+## 8. 火山引擎
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **火山引擎-部署证书至CDN** | 支持网页，文件下载，音视频点播 | 
+| 2.| **火山引擎-部署证书至CLB** | 部署至火山引擎负载均衡 | 
+| 3.| **火山引擎-上传证书至证书中心** | 上传证书至火山引擎证书中心 | 
+| 4.| **火山引擎-部署证书至ALB** | 部署至火山引擎应用负载均衡 | 
+| 5.| **火山引擎-部署证书至Live** | 部署至火山引擎视频直播 | 
+## 9. 京东云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **京东云-部署证书至CDN** | 京东云内容分发网络 | 
+| 2.| **京东云-更新已有证书** | 更新SSL数字证书中的证书 | 
+| 3.| **京东云-上传新证书** | 上传证书到SSL数字证书中心 | 
+## 10. 七牛云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **七牛云-部署证书至OSS** | 自动部署域名证书至七牛云KODO，注意是自定义源站域名，不是CDN域名 | 
+| 2.| **七牛云-部署证书至CDN** | 自动部署域名证书至七牛云CDN | 
+## 11. 亚马逊云
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **AWS-部署证书到CloudFront** | 部署证书到 AWS CloudFront | 
+## 12. 其他
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **Demo-测试插件** |  | 
+| 2.| **重启 Certd** | 【仅管理员可用】 重启 certd的https服务，用于更新 Certd 的 ssl 证书 | 
+| 3.| **自定义js脚本** | 【仅管理员】运行自定义js脚本执行 | 
+| 4.| **等待** | 等待一段时间 | 
+| 5.| **数据库备份** | 仅支持备份SQLite数据库 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/dns-provider.md

@@ -0,0 +1,22 @@
+# DNS提供商
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **阿里云** | 阿里云DNS解析提供商 | 
+| 2.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
+| 3.| **华为云** | 华为云DNS解析提供商 | 
+| 4.| **西部数码** | west dns provider | 
+| 5.| **dns.la** | dns.la | 
+| 6.| **火山引擎** | 火山引擎DNS解析提供商 | 
+| 7.| **京东云** | 京东云DNS解析提供商 | 
+| 8.| **51dns** | 51DNS | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/plugins/notification.md

@@ -0,0 +1,26 @@
+# 通知插件
+
+| 序号 | 名称 | 说明 |
+|-----|-----|-----|
+| 1.| **企业微信通知** | 企业微信群聊机器人通知 | 
+| 2.| **电子邮件** | 电子邮件通知 | 
+| 3.| **爱语飞飞微信通知(iyuu)** | https://iyuu.cn/ | 
+| 4.| **自定义webhook** | 根据模版自定义http请求 | 
+| 5.| **Server酱ᵀ** | https://sct.ftqq.com/ | 
+| 6.| **Server酱³** | https://doc.sc3.ft07.com/serverchan3 | 
+| 7.| **AnPush** | https://anpush.com | 
+| 8.| **Telegram通知** | Telegram Bot推送通知 | 
+| 9.| **Discord 通知** | Discord 机器人通知 | 
+| 10.| **Slack通知** | Slack消息推送通知 | 
+| 11.| **Bark 通知** | Bark 推送通知插件 | 
+| 12.| **飞书通知** | 飞书群聊webhook通知 | 
+
+<style module>
+table th:first-of-type {
+        width: 65px;
+    }
+table th:nth-of-type(2) {
+        width: 240px;
+    }
+</style>
+    

docs/guide/qa/index.md

@@ -0,0 +1,73 @@
+# 常见报错解决
+
+## 1. getaddrinfo ENOTFOUND错误
+如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误，可以尝试在`docker-compose.yaml`中设置dns
+```yaml
+version: '3.3' # 兼容旧版docker-compose
+services:
+  certd:
+    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误，可以尝试设置dns
+    dns:
+      - 223.5.5.5      # 阿里云公共dns
+      - 223.6.6.6
+#       # ↓↓↓↓ ------- # 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ ------- # 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
+#      - 8.8.4.4
+```
+
+如果仍然有问题,按如下步骤检查是否能够ping通域名
+```shell
+docker exec -it certd /bin/sh
+ping www.baidu.com
+ping gg.px.certd.handfree.work
+ping app.handfree.work
+```
+
+如果您是宝塔部署的
+可以试试将容器网络加入brige网络，看是否解决问题
+![img.png](images/baota-net.png)
+
+如果还是不行，请联系我们
+
+
+## 2. 连接IPv6超时
+docker-compose 需要放开IPv6网络的配置
+```yaml
+services:
+  certd:
+    networks:
+      - ip6net
+#    ↓↓↓↓ -------------------------------------------------------------- 启用ipv6网络，还需要把上面networks的注释放开
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 3. SSL_CERT_NOT_MATCH_DOMAIN_ERROR
+部署证书任务报类似 `SSL_CERT_NOT_MATCH_DOMAIN_ERROR`错误
+这是由于当前流水线的证书域名与要部署的目标站点的域名不匹配导致的，在申请证书任务中，增加目标站点域名，重新运行流水线即可
+
+
+## 4. 没有服务器配置文件，请检查是否开启了外网映射！
+宝塔网站证书部署报错：`Error: 没有服务器配置文件，请检查是否开启了外网映射！`    
+解决方案：先手动在宝塔网站中设置一次证书    
+
+
+## 5. 如何查看容器日志
+```shell
+docker logs -f --tail 200 certd
+```
+
+
+
+
+
+
+

docs/guide/qa/use.md

@@ -0,0 +1,14 @@
+# 使用问题
+
+
+## 1. 是否支持IP证书
+
+因为ACME协议不支持IP证书，所以certd目前也不支持IP证书
+
+
+## 2. 建议设置多长时间运行一次流水线
+建议每天运行一次，检查证书过期时间    
+当证书没过期时，自动跳过部署
+当证书到期前35天（创建流水线时可以修改），将会自动重新申请证书，自动部署
+
+

docs/guide/use/ESXi/index.md

@@ -0,0 +1,17 @@
+# 部署证书到ESXi
+
+使用`部署证书到主机插件`即可
+
+
+## 开启ssh
+登陆ESXi Web后台，点击 主机 -> 操作 -> 服务 -> 启用 Secure Shell（SSH）打开SSH
+
+## 添加部署到主机任务
+
+![img.png](./images/ssh.png)
+
+## 配置重启脚本
+```bash
+/etc/init.d/hostd restart
+/etc/init.d/vpxa restart
+```

docs/guide/use/aliyun/index.md

@@ -8,4 +8,14 @@
 ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
 ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
 
-```
+```
+
+
+## 阿里云Access权限设置
+
+
+* 申请证书 ：`AliyunDNSFullAccess`
+* 上传证书到阿里云： `AliyunYundunCertFullAccess`
+* 部署证书到OSS: `AliyunYundunCertFullAccess`、`AliyunOSSFullAccess`
+* 部署证书到CDN: `AliyunYundunCertFullAccess`、`AliyunCDNFullAccess`
+* 部署证书到DCDN： `AliyunYundunCertFullAccess`、`AliyunDCDNFullAccess`

docs/guide/use/backup/index.md

@@ -1,5 +1,6 @@
-# 数据库自动备份
-
+# 数据库备份
+* 两种备份方法：  1、手动备份  2、自动备份
+* 本文仅限sqlite数据库。
 ## 一、手动备份
 数据库文件根据不同的部署方式保存的位置不一样，您可以手动复制出来进行备份
 
@@ -27,4 +28,4 @@
 
 ## 三、备份恢复
 
-将备份的`db.sqlite`覆盖到原来的位置即可
+将备份的`db.sqlite`覆盖到原来的位置，重启certd即可

docs/guide/use/cert/index.md

@@ -0,0 +1,10 @@
+# 证书申请失败情况
+
+
+## DNS记录问题
+
+1. DNS 不要设置CAA记录，删除即可
+
+2. DNSSEC相关报错，DNSSEC管理中删除即可
+
+3. DNS 有其他平台申请过的_acme-challenge记录，删除即可

docs/guide/use/comm/index.md

@@ -0,0 +1,9 @@
+# 商业版文档
+
+![](./images/index.png)
+
+## 支付方式配置
+
+* [支付宝支付配置](./payments/alipay.md)
+* [微信支付配置](./payments/wxpay.md)
+* [彩虹易支付配置](./payments/yizhifu.md)

docs/guide/use/comm/payments/alipay.md

@@ -0,0 +1,21 @@
+# 支付宝配置
+
+## 配置步骤
+
+1. 创建应用，获取APPID
+   * 登录支付宝开放平台，进入开发者中心，创建网页应用，获取应用的AppId（左上角复制）
+   * 开发者中心：https://open.alipay.com/develop/manage
+
+
+2. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
+
+   * 参考文档：https://opendocs.alipay.com/common/02kdnc?pathHash=fb0c752a
+   * 此步骤完成后，可以获取应用的私钥、支付宝公钥。     
+   * 注意：支付宝不会保存应用的私钥，你需要自己保管好私钥。
+
+
+3. 在Certd后台配置支付宝 
+
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用支付宝，选择“支付宝配置”，点击添加
+   * 填写支付宝AppId、应用私钥、支付宝公钥等信息即可。

docs/guide/use/comm/payments/wxpay.md

@@ -0,0 +1,27 @@
+# 微信支付配置
+
+## 配置步骤
+
+1. 开通Native支付
+   * 登录微信支付平台
+   * 进入产品中心： https://pay.weixin.qq.com/index.php/extend/product/lists?tid=3
+   * 选择开通Native支付
+
+2. 申请证书
+
+   * 进入“账户中心”->“API安全”->“商户API证书”->“管理证书”
+   * 根据指引生成证书
+   * 得到私钥和公钥
+
+
+3. 填写APIv3密钥
+
+   * 进入“账户中心”->“API安全”->“解密回调”
+   * 填写APIv3密钥 
+   * 参考文档 https://kf.qq.com/faq/180830E36vyQ180830AZFZvu.html
+
+
+4. 在Certd后台配置微信支付
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用微信支付，选择“微信支付配置”，点击添加
+   * 填写微信支付商户号、证书私钥、证书公钥、APIv3密钥即可。

docs/guide/use/comm/payments/yizhifu.md

@@ -0,0 +1,19 @@
+# 彩虹易支付配置
+
+彩虹易支付是一款非常流行的php聚合支付系统。
+
+## 配置步骤
+
+1. 获取商户ID、商户密钥
+
+   * 登录彩虹易支付平台
+   * 进入用户中心：https://xxxxxx.com/user/userinfo.php?mod=api
+   * 点击API信息
+   * 可以复制：接口地址、商户ID、商户密钥（key）
+   * 点击查看文档，了解支持的签名类型，一般为MD5
+
+2. 进入Certd后台配置彩虹易支付
+
+   * 进入“系统”->"设置"->“支付设置”
+   * 启用彩虹易支付，选择“彩虹易支付配置”，点击添加
+   * 填写接口地址、商户ID、商户密钥、签名方式等信息即可。

docs/guide/use/custom-script/index.md

@@ -0,0 +1,90 @@
+# 自定义脚本插件
+
+## 1. 介绍
+
+自定义脚本插件是一个通用的插件，可以通过编写脚本来实现各种功能，例如：调用第三方API、执行系统命令、发送邮件等。
+
+## 2. 使用示例
+```js
+
+// 如果需要引用第三方库，必须使用import语法
+// const thirdSdk = await import("third-sdk-name")
+
+const certPem = ctx.self.cert.crt
+const certKey = ctx.self.cert.key
+
+//axios发起http请求上传证书
+const res = await ctx.http.request({
+  url:"your_cert_deploy_url",
+  method:"post",
+  data:{
+    crt : certPem,
+    key : certKey
+  }
+})
+if(!res || res.code !== 0){
+    //抛异常才能让任务失败
+    throw new Error("上传失败")
+}
+//不能用console.log，需要用ctx.logger 才能把日志打印在ui上
+ctx.logger.info("上传成功",res.data)
+
+
+```
+## 3. API
+下面是`ctx`对象的`typescript`类型定义
+
+```ts
+
+type ctx = {
+  CertReader: typeof CertReader;
+  self: CustomScriptPlugin;
+  //流水线定义
+  pipeline: Pipeline;
+  //步骤定义
+  step: Step;
+  //日志
+  logger: Logger;
+  //当前步骤输入参数跟上一次执行比较是否有变化
+  inputChanged: boolean;
+  //授权获取服务 
+  accessService: IAccessService;
+  //邮件服务
+  emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
+  //插件配置服务
+  pluginConfigService: IPluginConfigService;
+  //流水线上下文
+  pipelineContext: IContext;
+  //用户上下文
+  userContext: IContext;
+  //http请求客户端 
+  http: HttpClient; // http.request(AxiosConfig)
+  //文件存储
+  fileStore: FileStore;
+  //上一次执行结果状态
+  lastStatus?: Runnable;
+  //用户取消信号
+  signal: AbortSignal;
+  //工具类
+  utils: typeof utils;
+  //用户信息
+  user: UserInfo;
+}
+
+type CertInfo = {
+  crt:string; //fullchain证书，即 cert.pem， cert.crt
+  key:string; // 私钥
+  ic: string; //中间证书
+  pfx: string;//PFX证书，base64编码
+  der: string;//DER证书，base64编码
+}
+
+type CustomScriptPlugin = {
+  //可以获取证书
+  cert: CertInfo
+}
+
+```
+

docs/guide/use/email/index.md

@@ -0,0 +1,23 @@
+# 邮箱配置
+
+
+## 腾讯企业邮箱配置
+1. 开启smtp
+![](./images/qq-3.png)
+2. 获取授权码作为密码
+![](./images/qq-1.png)
+![](./images/qq-2.png)
+3. 填写域名、端口和密码
+   ![](./images/qq-0.png)
+
+## QQ邮箱配置
+1. smtp配置
+```yaml
+smtp域名: smtp.qq.com
+smtp端口: 465
+密码: 授权码，获取方式见下方
+是否SSL: 是
+```
+
+2. 获取授权码
+   ![](./images/qq-11.png)

docs/guide/use/host/windows.md

@@ -25,3 +25,15 @@ win+R  弹出运行对话框，输入 services.msc 打开服务管理器
 C:\Users\xxxxx>
           ↑↑↑↑---------这个就是windows ssh的登录用户名
 ```
+
+### 4. 切换默认shell终端
+安装openssh后，默认终端是cmd，建议切换成powershell
+```shell
+# powershell中执行如下命令切换
+# 设置默认shell为powershell 【推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
+
+# 恢复默认shell为cmd 【不推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe" -PropertyType String -Force
+
+```

docs/guide/use/https/index.md

@@ -17,7 +17,9 @@ CERTD_HTTPS_port=7002
 参考Certd顶部的创建证书流水线教程
 
 ### 2、配置复制到本机任务
-将证书复制到certd的证书安装位置
+将证书复制到certd的证书安装位置   
+证书路径：`ssl/cert.crt`   
+私钥路径：`ssl/cert.key` 
 
 ![](./images/1.png)
 ![](./images/2.png)

docs/guide/use/pretask/index.md

@@ -0,0 +1,13 @@
+# 带输出的前置任务
+
+前置任务输出可以在后续任务中使用
+
+比如上传证书到阿里云，会返回阿里云的CertId，之后其他阿里云的部署任务可以选择复用这个证书
+
+## 复用证书
+
+![img.png](images/pretask1.png)
+
+在后续任务中可以选择前置任务的输出
+
+![img.png](images/pretask2.png)

docs/guide/use/setting/ipv6.md

@@ -0,0 +1,21 @@
+# IPv6支持
+
+## 启用IPv6
+在`docker-compose.yaml`中启用IPv6支持，放开如下注释：
+```yaml
+#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
+    networks:
+      - ip6net
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 设置双栈网络优先级
+可根据实际情况设置
+
+![img.png](./images/ipv6.png)

docs/guide/use/synology/index.md

@@ -1,8 +1,12 @@
 # 群晖部署和证书更新
 
+支持群晖`6.x`、`7.x`
 
 ## 一、群晖部署Certd
 
+以下是群晖`7.x`的部署`certd`步骤。   
+群晖`6.x`请参考[docker部署](./../../install/docker/)
+
 ### 1. 打开Container Manager
 
 ![](./images/1.png)
@@ -32,6 +36,8 @@
 
 ## 二、更新群晖证书
 
+证书部署插件支持群晖`6.x`、`7.x`
+
 ## 1. 前提条件
 * 已经部署了certd
 * 群晖上已经设置好了证书(证书建议设置好描述，插件需要根据描述查找证书)

docs/index.md

@@ -18,19 +18,19 @@ hero:
       link: /guide/tutorial.md
     - theme: alt
       text: demo体验
-      link: https://certd.handsfree.work
+      link: https://certd.handfree.work
 
 features:
   - title: 全自动申请证书
     details: 支持所有注册商注册的域名
   - title: 全自动部署证书
-    details: 支持部署到主机、阿里云、腾讯云等，目前已支持30+部署插件
+    details: 支持部署到主机、阿里云、腾讯云等，目前已支持60+部署插件
   - title: 多域名、泛域名打到一个证书上
     details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
   - title: 多证书格式支持
     details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
   - title: 支持私有化部署
-    details: 保障数据安全
+    details: 授权数据加密存储，保障数据安全
   - title: 多数据库支持
-    details: 支持sqlite，postgresql数据库
+    details: 支持SQLite、Postgresql、MySQL数据库
 ---

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.26.16"
+  "version": "1.34.7"
 }

package.json

@@ -9,18 +9,19 @@
     "@lerna-lite/run": "^3.9.3",
     "@lerna-lite/version": "^3.9.3",
     "medium-zoom": "^1.1.0",
-    "vitepress": "^1.4.1",
+    "vitepress": "^2.0.0-alpha.4",
     "vitepress-plugin-lightbox": "^1.0.2"
   },
   "scripts": {
     "start": "lerna bootstrap --hoist",
+    "devb": "lerna run dev-build",
     "i-all": "lerna link && lerna exec npm install  ",
     "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
     "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
     "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
     "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
-    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/other/changelogs/",
+    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
     "prepublishOnly1": "npm run check && lerna run build ",
     "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
     "before-build": "npm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
@@ -29,14 +30,20 @@
     "init": "lerna run build",
     "docs:dev": "vitepress dev docs",
     "docs:build": "vitepress build docs",
-    "docs:preview": "vitepress preview docs"
+    "docs:preview": "vitepress preview docs",
+    "pub": "echo 1"
   },
   "license": "AGPL-3.0",
   "dependencies": {
     "axios": "^1.7.7",
-    "lodash-es": "^4.17.21"
+    "copyfiles": "^2.4.1",
+    "lodash-es": "^4.17.21",
+    "typescript": "^5.4.2"
   },
   "workspaces": [
     "packages/**"
-  ]
-}
+  ],
+  "pnpm": {
+    "neverBuiltDependencies": []
+  }
+}

packages/core/acme-client/.eslintrc

@@ -0,0 +1,28 @@
+{
+  "extends": [
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "plugins": [
+    "eslint-plugin-import"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+    //    "no-unused-expressions": "off",
+    "max-len": [
+      0,
+      160,
+      2,
+      {
+        "ignoreUrls": true
+      }
+    ]
+  }
+}

packages/core/acme-client/.eslintrc.yml

@@ -1,16 +0,0 @@
-extends:
-  - 'airbnb-base'
-
-env:
-  browser: false
-  node: true
-  mocha: true
-
-rules:
-  indent: [2, 4, { SwitchCase: 1, VariableDeclarator: 1 }]
-  brace-style: [2, 'stroustrup', { allowSingleLine: true }]
-  func-names: 0
-  class-methods-use-this: 0
-  no-param-reassign: 0
-  max-len: [1, 200, 2, { ignoreUrls: true, ignoreComments: false }]
-  import/no-useless-path-segments: 0

packages/core/acme-client/.prettierrc

@@ -0,0 +1,7 @@
+{
+  "printWidth": 220,
+  "bracketSpacing": true,
+  "singleQuote": false,
+  "trailingComma": "es5",
+  "arrowParens": "avoid"
+}

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,269 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.34.7](https://github.com/publishlab/node-acme-client/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.6](https://github.com/publishlab/node-acme-client/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.5](https://github.com/publishlab/node-acme-client/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.4](https://github.com/publishlab/node-acme-client/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.3](https://github.com/publishlab/node-acme-client/compare/v1.34.2...v1.34.3) (2025-05-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.2](https://github.com/publishlab/node-acme-client/compare/v1.34.1...v1.34.2) (2025-05-11)
+
+### Performance Improvements
+
+* http方式支持校验443端口 ([d75fcb7](https://github.com/publishlab/node-acme-client/commit/d75fcb7fec421a9a638eaa27fe9378c84b5e0f19))
+
+## [1.34.1](https://github.com/publishlab/node-acme-client/compare/v1.34.0...v1.34.1) (2025-05-05)
+
+### Bug Fixes
+
+* 根据SOA记录判断子域名托管有缺陷，改回手动配置子域名托管记录的方式 ([1b280a2](https://github.com/publishlab/node-acme-client/commit/1b280a2940f9e2d919b0bf23b89cc185be1fa498))
+
+# [1.34.0](https://github.com/publishlab/node-acme-client/compare/v1.33.8...v1.34.0) (2025-04-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.8](https://github.com/publishlab/node-acme-client/compare/v1.33.7...v1.33.8) (2025-04-26)
+
+### Bug Fixes
+
+* 修复http上传方式无法清除记录文件的bug ([72a7b51](https://github.com/publishlab/node-acme-client/commit/72a7b51d479602b2c54c6c3ac8d8a0dcb9664e73))
+
+### Performance Improvements
+
+* 从域名的soa获取主域名，子域名托管无需额外配置 ([a586a92](https://github.com/publishlab/node-acme-client/commit/a586a92d5e32ea846ac37be52a7ad8c328d89966))
+* 七牛oss支持删除过期备份 ([b7113bd](https://github.com/publishlab/node-acme-client/commit/b7113bda2378116d6c116dc583f563cce7cf9f00))
+
+## [1.33.7](https://github.com/publishlab/node-acme-client/compare/v1.33.6...v1.33.7) (2025-04-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.6](https://github.com/publishlab/node-acme-client/compare/v1.33.5...v1.33.6) (2025-04-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.5](https://github.com/publishlab/node-acme-client/compare/v1.33.4...v1.33.5) (2025-04-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.4](https://github.com/publishlab/node-acme-client/compare/v1.33.3...v1.33.4) (2025-04-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.3](https://github.com/publishlab/node-acme-client/compare/v1.33.2...v1.33.3) (2025-04-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.2](https://github.com/publishlab/node-acme-client/compare/v1.33.1...v1.33.2) (2025-04-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.33.1](https://github.com/publishlab/node-acme-client/compare/v1.33.0...v1.33.1) (2025-04-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.33.0](https://github.com/publishlab/node-acme-client/compare/v1.32.0...v1.33.0) (2025-04-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.32.0](https://github.com/publishlab/node-acme-client/compare/v1.31.11...v1.32.0) (2025-04-04)
+
+### Bug Fixes
+
+* 修复从本地dns获取记录报错的bug ([c39b1bf](https://github.com/publishlab/node-acme-client/commit/c39b1bf823ddc6216bed2049e4c87e6107def08a))
+
+### Features
+
+* 优化证书申请速度，修复某些情况下letsencrypt 校验失败的问题 ([857589b](https://github.com/publishlab/node-acme-client/commit/857589b365c6f709e0ae67914d2f50ce182e6dd6))
+
+### Performance Improvements
+
+* 优化华为dns解析记录创建和删除问题 ([0948c5b](https://github.com/publishlab/node-acme-client/commit/0948c5bc691d2ee6eb47c72a85da1b7453361878))
+
+## [1.31.11](https://github.com/publishlab/node-acme-client/compare/v1.31.10...v1.31.11) (2025-04-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.10](https://github.com/publishlab/node-acme-client/compare/v1.31.9...v1.31.10) (2025-03-29)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.9](https://github.com/publishlab/node-acme-client/compare/v1.31.8...v1.31.9) (2025-03-28)
+
+### Performance Improvements
+
+* dns支持火山引擎 ([99ff879](https://github.com/publishlab/node-acme-client/commit/99ff879d93658c29ea493a4bde7e9e3f85996d64))
+
+## [1.31.8](https://github.com/publishlab/node-acme-client/compare/v1.31.7...v1.31.8) (2025-03-26)
+
+### Performance Improvements
+
+* 优化txt本地校验效率 ([fd507f2](https://github.com/publishlab/node-acme-client/commit/fd507f269253607e68c5c099c99e0de11636f229))
+
+## [1.31.7](https://github.com/publishlab/node-acme-client/compare/v1.31.6...v1.31.7) (2025-03-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.6](https://github.com/publishlab/node-acme-client/compare/v1.31.5...v1.31.6) (2025-03-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.5](https://github.com/publishlab/node-acme-client/compare/v1.31.4...v1.31.5) (2025-03-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.4](https://github.com/publishlab/node-acme-client/compare/v1.31.3...v1.31.4) (2025-03-21)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.3](https://github.com/publishlab/node-acme-client/compare/v1.31.2...v1.31.3) (2025-03-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.2](https://github.com/publishlab/node-acme-client/compare/v1.31.1...v1.31.2) (2025-03-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.31.1](https://github.com/publishlab/node-acme-client/compare/v1.31.0...v1.31.1) (2025-03-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.31.0](https://github.com/publishlab/node-acme-client/compare/v1.30.6...v1.31.0) (2025-03-10)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.6](https://github.com/publishlab/node-acme-client/compare/v1.30.5...v1.30.6) (2025-02-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.5](https://github.com/publishlab/node-acme-client/compare/v1.30.4...v1.30.5) (2025-02-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.4](https://github.com/publishlab/node-acme-client/compare/v1.30.3...v1.30.4) (2025-02-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.3](https://github.com/publishlab/node-acme-client/compare/v1.30.2...v1.30.3) (2025-02-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.2](https://github.com/publishlab/node-acme-client/compare/v1.30.1...v1.30.2) (2025-02-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.30.1](https://github.com/publishlab/node-acme-client/compare/v1.30.0...v1.30.1) (2025-01-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.30.0](https://github.com/publishlab/node-acme-client/compare/v1.29.5...v1.30.0) (2025-01-19)
+
+### Bug Fixes
+
+* 修复查看任务日志偶发性无法自动滚动底部的bug ([7e482f7](https://github.com/publishlab/node-acme-client/commit/7e482f798c0142bce1866f84676cb40210f9638a))
+
+## [1.29.5](https://github.com/publishlab/node-acme-client/compare/v1.29.4...v1.29.5) (2025-01-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.4](https://github.com/publishlab/node-acme-client/compare/v1.29.3...v1.29.4) (2025-01-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.3](https://github.com/publishlab/node-acme-client/compare/v1.29.2...v1.29.3) (2025-01-04)
+
+### Performance Improvements
+
+* 优化acme sdk ([54db744](https://github.com/publishlab/node-acme-client/commit/54db74428259de64d12230c2ab7353ae11197bbc))
+
+## [1.29.2](https://github.com/publishlab/node-acme-client/compare/v1.29.1...v1.29.2) (2024-12-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.29.1](https://github.com/publishlab/node-acme-client/compare/v1.29.0...v1.29.1) (2024-12-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.29.0](https://github.com/publishlab/node-acme-client/compare/v1.28.4...v1.29.0) (2024-12-24)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.4](https://github.com/publishlab/node-acme-client/compare/v1.28.3...v1.28.4) (2024-12-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.3](https://github.com/publishlab/node-acme-client/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.2](https://github.com/publishlab/node-acme-client/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Performance Improvements
+
+* 支持mysql ([7cde1fd](https://github.com/publishlab/node-acme-client/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/publishlab/node-acme-client/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.28.0](https://github.com/publishlab/node-acme-client/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.9](https://github.com/publishlab/node-acme-client/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.8](https://github.com/publishlab/node-acme-client/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.7](https://github.com/publishlab/node-acme-client/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.6](https://github.com/publishlab/node-acme-client/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.5](https://github.com/publishlab/node-acme-client/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.4](https://github.com/publishlab/node-acme-client/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.3](https://github.com/publishlab/node-acme-client/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.2](https://github.com/publishlab/node-acme-client/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.1](https://github.com/publishlab/node-acme-client/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.27.0](https://github.com/publishlab/node-acme-client/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.26.16](https://github.com/publishlab/node-acme-client/compare/v1.26.15...v1.26.16) (2024-10-30)
 
 **Note:** Version bump only for package @certd/acme-client

packages/core/acme-client/docs/crypto.md

@@ -6,6 +6,38 @@
 </dd>
 </dl>
 
+## Constants
+
+<dl>
+<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Generate a private ECDSA key</p>
+</dd>
+<dt><a href="#getPublicKey">getPublicKey</a> ⇒ <code>buffer</code></dt>
+<dd><p>Get a public key derived from a RSA or ECDSA key</p>
+</dd>
+<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object and return a Base64URL string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>object</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>object</code></dt>
+<dd><p>Read information from a certificate
+If multiple certificates are chained, the first will be read</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+<dt><a href="#createAlpnCertificate">createAlpnCertificate</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
+<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
+</dd>
+<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid</a> ⇒ <code>boolean</code></dt>
+<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
+</dd>
+</dl>
+
 ## Functions
 
 <dl>
@@ -15,12 +47,6 @@
 <dt><a href="#createPrivateKey">createPrivateKey()</a></dt>
 <dd><p>Alias of <code>createPrivateRsaKey()</code></p>
 </dd>
-<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey([namedCurve])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Generate a private ECDSA key</p>
-</dd>
-<dt><a href="#getPublicKey">getPublicKey(keyPem)</a> ⇒ <code>buffer</code></dt>
-<dd><p>Get a public key derived from a RSA or ECDSA key</p>
-</dd>
 <dt><a href="#getJwk">getJwk(keyPem)</a> ⇒ <code>object</code></dt>
 <dd><p>Get a JSON Web Key derived from a RSA or ECDSA key</p>
 <p><a href="https://datatracker.ietf.org/doc/html/rfc7517">https://datatracker.ietf.org/doc/html/rfc7517</a></p>
@@ -28,27 +54,6 @@
 <dt><a href="#splitPemChain">splitPemChain(chainPem)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
 <dd><p>Split chain of PEM encoded objects from string into array</p>
 </dd>
-<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u(pem)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object and return a Base64URL string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csrPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(certPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read information from a certificate
-If multiple certificates are chained, the first will be read</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
-<dt><a href="#createAlpnCertificate">createAlpnCertificate(authz, keyAuthorization, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
-<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
-</dd>
-<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid(certPem, keyAuthorization)</a> ⇒ <code>boolean</code></dt>
-<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
-</dd>
 </dl>
 
 <a name="crypto"></a>
@@ -57,40 +62,12 @@ If multiple certificates are chained, the first will be read</p>
 Native Node.js crypto interface
 
 **Kind**: global namespace  
-<a name="createPrivateRsaKey"></a>
-
-## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [modulusLength] | <code>number</code> | <code>2048</code> | Size of the keys modulus in bits, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey();
-```
-**Example**  
-Private RSA key with modulus size 4096
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey(4096);
-```
-<a name="createPrivateKey"></a>
-
-## createPrivateKey()
-Alias of `createPrivateRsaKey()`
-
-**Kind**: global function  
 <a name="createPrivateEcdsaKey"></a>
 
-## createPrivateEcdsaKey([namedCurve]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPrivateEcdsaKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Generate a private ECDSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private ECDSA key  
 
 | Param | Type | Description |
@@ -109,10 +86,10 @@ const privateKey = await acme.crypto.createPrivateEcdsaKey('P-384');
 ```
 <a name="getPublicKey"></a>
 
-## getPublicKey(keyPem) ⇒ <code>buffer</code>
+## getPublicKey ⇒ <code>buffer</code>
 Get a public key derived from a RSA or ECDSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>buffer</code> - PEM encoded public key  
 
 | Param | Type | Description |
@@ -124,44 +101,13 @@ Get public key
 ```js
 const publicKey = acme.crypto.getPublicKey(privateKey);
 ```
-<a name="getJwk"></a>
-
-## getJwk(keyPem) ⇒ <code>object</code>
-Get a JSON Web Key derived from a RSA or ECDSA key
-
-https://datatracker.ietf.org/doc/html/rfc7517
-
-**Kind**: global function  
-**Returns**: <code>object</code> - JSON Web Key  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
-
-**Example**  
-Get JWK
-```js
-const jwk = acme.crypto.getJwk(privateKey);
-```
-<a name="splitPemChain"></a>
-
-## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
-Split chain of PEM encoded objects from string into array
-
-**Kind**: global function  
-**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
-
 <a name="getPemBodyAsB64u"></a>
 
-## getPemBodyAsB64u(pem) ⇒ <code>string</code>
+## getPemBodyAsB64u ⇒ <code>string</code>
 Parse body of PEM encoded object and return a Base64URL string
 If multiple objects are chained, the first body will be returned
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - Base64URL-encoded body  
 
 | Param | Type | Description |
@@ -170,10 +116,10 @@ If multiple objects are chained, the first body will be returned
 
 <a name="readCsrDomains"></a>
 
-## readCsrDomains(csrPem) ⇒ <code>object</code>
+## readCsrDomains ⇒ <code>object</code>
 Read domains from a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - {commonName, altNames}  
 
 | Param | Type | Description |
@@ -190,11 +136,11 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>
 
-## readCertificateInfo(certPem) ⇒ <code>object</code>
+## readCertificateInfo ⇒ <code>object</code>
 Read information from a certificate
 If multiple certificates are chained, the first will be read
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - Certificate info  
 
 | Param | Type | Description |
@@ -215,10 +161,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>
 
-## createCsr(data, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  
 
 | Param | Type | Description |
@@ -276,12 +222,12 @@ const [, certificateRequest] = await acme.crypto.createCsr({
 ```
 <a name="createAlpnCertificate"></a>
 
-## createAlpnCertificate(authz, keyAuthorization, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createAlpnCertificate ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a self-signed ALPN certificate for TLS-ALPN-01 challenges
 
 https://datatracker.ietf.org/doc/html/rfc8737
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificate]  
 
 | Param | Type | Description |
@@ -303,10 +249,10 @@ const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAu
 ```
 <a name="isAlpnCertificateAuthorizationValid"></a>
 
-## isAlpnCertificateAuthorizationValid(certPem, keyAuthorization) ⇒ <code>boolean</code>
+## isAlpnCertificateAuthorizationValid ⇒ <code>boolean</code>
 Validate that a ALPN certificate contains the expected key authorization
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>boolean</code> - True when valid  
 
 | Param | Type | Description |
@@ -314,3 +260,62 @@ Validate that a ALPN certificate contains the expected key authorization
 | certPem | <code>buffer</code> \| <code>string</code> | PEM encoded certificate |
 | keyAuthorization | <code>string</code> | Expected challenge key authorization |
 
+<a name="createPrivateRsaKey"></a>
+
+## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [modulusLength] | <code>number</code> | Size of the keys modulus in bits, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey();
+```
+**Example**  
+Private RSA key with modulus size 4096
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey(4096);
+```
+<a name="createPrivateKey"></a>
+
+## createPrivateKey()
+Alias of `createPrivateRsaKey()`
+
+**Kind**: global function  
+<a name="getJwk"></a>
+
+## getJwk(keyPem) ⇒ <code>object</code>
+Get a JSON Web Key derived from a RSA or ECDSA key
+
+https://datatracker.ietf.org/doc/html/rfc7517
+
+**Kind**: global function  
+**Returns**: <code>object</code> - JSON Web Key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
+
+**Example**  
+Get JWK
+```js
+const jwk = acme.crypto.getJwk(privateKey);
+```
+<a name="splitPemChain"></a>
+
+## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
+Split chain of PEM encoded objects from string into array
+
+**Kind**: global function  
+**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
+

packages/core/acme-client/docs/forge.md

@@ -8,37 +8,42 @@ major release. Please migrate to the new <code>acme.crypto</code> interface at y
 </dd>
 </dl>
 
+## Constants
+
+<dl>
+<dt><a href="#createPublicKey">createPublicKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Create public key from a private RSA key</p>
+</dd>
+<dt><a href="#getPemBody">getPemBody</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object from buffer or string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#splitPemChain">splitPemChain</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
+<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
+</dd>
+<dt><a href="#getModulus">getModulus</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get modulus</p>
+</dd>
+<dt><a href="#getPublicExponent">getPublicExponent</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get public exponent</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read information from a certificate</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+</dl>
+
 ## Functions
 
 <dl>
 <dt><a href="#createPrivateKey">createPrivateKey([size])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
 <dd><p>Generate a private RSA key</p>
 </dd>
-<dt><a href="#createPublicKey">createPublicKey(key)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Create public key from a private RSA key</p>
-</dd>
-<dt><a href="#getPemBody">getPemBody(str)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object from buffer or string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#splitPemChain">splitPemChain(str)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
-<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
-</dd>
-<dt><a href="#getModulus">getModulus(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get modulus</p>
-</dd>
-<dt><a href="#getPublicExponent">getPublicExponent(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get public exponent</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csr)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(cert)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read information from a certificate</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [key])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
 </dl>
 
 <a name="forge"></a>
@@ -50,34 +55,12 @@ DEPRECATION WARNING: This crypto interface is deprecated and will be removed fro
 major release. Please migrate to the new `acme.crypto` interface at your earliest convenience.
 
 **Kind**: global namespace  
-<a name="createPrivateKey"></a>
-
-## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [size] | <code>number</code> | <code>2048</code> | Size of the key, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.forge.createPrivateKey();
-```
-**Example**  
-Private RSA key with defined size
-```js
-const privateKey = await acme.forge.createPrivateKey(4096);
-```
 <a name="createPublicKey"></a>
 
-## createPublicKey(key) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPublicKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Create public key from a private RSA key
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded public RSA key  
 
 | Param | Type | Description |
@@ -91,11 +74,11 @@ const publicKey = await acme.forge.createPublicKey(privateKey);
 ```
 <a name="getPemBody"></a>
 
-## getPemBody(str) ⇒ <code>string</code>
+## getPemBody ⇒ <code>string</code>
 Parse body of PEM encoded object from buffer or string
 If multiple objects are chained, the first body will be returned
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - PEM body  
 
 | Param | Type | Description |
@@ -104,10 +87,10 @@ If multiple objects are chained, the first body will be returned
 
 <a name="splitPemChain"></a>
 
-## splitPemChain(str) ⇒ <code>Array.&lt;string&gt;</code>
+## splitPemChain ⇒ <code>Array.&lt;string&gt;</code>
 Split chain of PEM encoded objects from buffer or string into array
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM bodies  
 
 | Param | Type | Description |
@@ -116,10 +99,10 @@ Split chain of PEM encoded objects from buffer or string into array
 
 <a name="getModulus"></a>
 
-## getModulus(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getModulus ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get modulus
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Modulus  
 
 | Param | Type | Description |
@@ -135,10 +118,10 @@ const m3 = await acme.forge.getModulus(certificateRequest);
 ```
 <a name="getPublicExponent"></a>
 
-## getPublicExponent(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getPublicExponent ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get public exponent
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Exponent  
 
 | Param | Type | Description |
@@ -154,10 +137,10 @@ const e3 = await acme.forge.getPublicExponent(certificateRequest);
 ```
 <a name="readCsrDomains"></a>
 
-## readCsrDomains(csr) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCsrDomains ⇒ <code>Promise.&lt;object&gt;</code>
 Read domains from a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - {commonName, altNames}  
 
 | Param | Type | Description |
@@ -174,10 +157,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>
 
-## readCertificateInfo(cert) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCertificateInfo ⇒ <code>Promise.&lt;object&gt;</code>
 Read information from a certificate
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - Certificate info  
 
 | Param | Type | Description |
@@ -198,10 +181,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>
 
-## createCsr(data, [key]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request
 
-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  
 
 | Param | Type | Description |
@@ -256,3 +239,25 @@ const certificateKey = await acme.forge.createPrivateKey();
 const [, certificateRequest] = await acme.forge.createCsr({
     altNames: ['test.example.com'],
 }, certificateKey);
+<a name="createPrivateKey"></a>
+
+## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [size] | <code>number</code> | Size of the key, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.forge.createPrivateKey();
+```
+**Example**  
+Private RSA key with defined size
+```js
+const privateKey = await acme.forge.createPrivateKey(4096);
+```

packages/core/acme-client/package.json

@@ -3,7 +3,9 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.26.16",
+    "version": "1.34.7",
+    "type": "module",
+    "module": "scr/index.js",
     "main": "src/index.js",
     "types": "types/index.d.ts",
     "license": "MIT",
@@ -16,34 +18,41 @@
         "types"
     ],
     "dependencies": {
+        "@certd/basic": "^1.34.7",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
         "debug": "^4.3.5",
         "http-proxy-agent": "^7.0.2",
         "https-proxy-agent": "^7.0.5",
-        "node-forge": "^1.3.1"
+        "lodash-es": "^4.17.21",
+        "node-forge": "^1.3.1",
+        "punycode": "^2.3.1"
     },
     "devDependencies": {
         "@types/node": "^20.14.10",
+        "@typescript-eslint/eslint-plugin": "^8.26.1",
+        "@typescript-eslint/parser": "^8.26.1",
         "chai": "^4.4.1",
         "chai-as-promised": "^7.1.2",
         "eslint": "^8.57.0",
-        "eslint-config-airbnb-base": "^15.0.0",
+        "eslint-config-prettier": "^8.5.0",
         "eslint-plugin-import": "^2.29.1",
+        "eslint-plugin-prettier": "^4.2.1",
         "jsdoc-to-markdown": "^8.0.1",
         "mocha": "^10.6.0",
         "nock": "^13.5.4",
+        "prettier": "^2.8.8",
         "tsd": "^0.31.1",
-        "typescript": "^5.4.2",
-        "uuid": "^8.3.2"
+        "typescript": "^5.4.2"
     },
     "scripts": {
         "build-docs": "jsdoc2md src/client.js > docs/client.md && jsdoc2md src/crypto/index.js > docs/crypto.md && jsdoc2md src/crypto/forge.js > docs/forge.md",
         "lint": "eslint .",
         "lint-types": "tsd",
         "prepublishOnly": "npm run build-docs",
-        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\""
+        "test": "mocha -t 60000 \"test/setup.js\" \"test/**/*.spec.js\"",
+        "pub": "npm publish"
     },
     "repository": {
         "type": "git",
@@ -60,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "06fed944c96fc6c5d4911bb7d3f45b51948f9d4b"
+    "gitHead": "8478ce25f11f8e13b9be508cf44d7090f5c8a663"
 }

packages/core/acme-client/src/agents.js

@@ -1,94 +0,0 @@
-const nodeHttp = require('node:http');
-const https = require('node:https');
-const { HttpProxyAgent } = require('http-proxy-agent');
-const { HttpsProxyAgent } = require('https-proxy-agent');
-const { log } = require('./logger');
-
-function createAgent(opts = {}) {
-    let httpAgent;
-    let
-        httpsAgent;
-    const httpProxy = opts.httpProxy || process.env.HTTP_PROXY || process.env.http_proxy;
-    if (httpProxy) {
-        log(`acme use httpProxy:${httpProxy}`);
-        httpAgent = new HttpProxyAgent(httpProxy, opts);
-    }
-    else {
-        httpAgent = new nodeHttp.Agent(opts);
-    }
-    const httpsProxy = opts.httpsProxy || process.env.HTTPS_PROXY || process.env.https_proxy;
-    if (httpsProxy) {
-        log(`acme use httpsProxy:${httpsProxy}`);
-        httpsAgent = new HttpsProxyAgent(httpsProxy, opts);
-    }
-    else {
-        httpsAgent = new https.Agent(opts);
-    }
-    return {
-        httpAgent,
-        httpsAgent,
-    };
-}
-
-let defaultAgents = createAgent();
-
-function getGlobalAgents() {
-    return defaultAgents;
-}
-
-function setGlobalProxy(opts) {
-    log('acme setGlobalProxy:', opts);
-    defaultAgents = createAgent(opts);
-}
-
-class HttpError extends Error {
-    constructor(error) {
-        super(error || error.message);
-        if (!error) {
-            return;
-        }
-
-        if (error.message.indexOf('ssl3_get_record:wrong version number') >= 0) {
-            this.message = 'http协议错误，服务端要求http协议，请检查是否使用了https请求';
-        }
-
-        this.name = error.name;
-        this.code = error.code;
-        this.cause = error.cause;
-
-        if (error.response) {
-            this.status = error.response.status;
-            this.statusText = error.response.statusText;
-            this.response = {
-                data: error.response.data,
-            };
-        }
-
-        let url = '';
-        if (error.config) {
-            this.request = {
-                baseURL: error.config.baseURL,
-                url: error.config.url,
-                method: error.config.method,
-                params: error.config.params,
-                data: error.config.data,
-            };
-            url = error.config.baseURL + error.config.url;
-        }
-        if (url) {
-            this.message = `${this.message}:${url}`;
-        }
-
-        delete error.response;
-        delete error.config;
-        delete error.request;
-        // logger.error(error);
-    }
-}
-
-module.exports = {
-    setGlobalProxy,
-    createAgent,
-    getGlobalAgents,
-    HttpError,
-};

packages/core/acme-client/src/api.js

@@ -1,9 +1,7 @@
 /**
  * ACME API client
  */
-
-const util = require('./util');
-const { log } = require('./logger');
+import  * as util  from './util.js';
 
 /**
  * AcmeApi
@@ -248,4 +246,4 @@ class AcmeApi {
 }
 
 /* Export API */
-module.exports = AcmeApi;
+export default AcmeApi;

packages/core/acme-client/src/auto.js

@@ -1,10 +1,11 @@
 /**
  * ACME auto helper
  */
+import { readCsrDomains } from "./crypto/index.js";
+import { log } from "./logger.js";
+import { wait } from "./wait.js";
+import { CancelError } from "./error.js";
 
-const { readCsrDomains } = require('./crypto');
-const { log } = require('./logger');
-const { wait } = require('./wait');
 
 const defaultOpts = {
     csr: null,
@@ -12,13 +13,13 @@ const defaultOpts = {
     preferredChain: null,
     termsOfServiceAgreed: false,
     skipChallengeVerification: false,
-    challengePriority: ['http-01', 'dns-01'],
+    challengePriority: ["http-01", "dns-01"],
     challengeCreateFn: async () => {
-        throw new Error('Missing challengeCreateFn()');
+        throw new Error("Missing challengeCreateFn()");
     },
     challengeRemoveFn: async () => {
-        throw new Error('Missing challengeRemoveFn()');
-    },
+        throw new Error("Missing challengeRemoveFn()");
+    }
 };
 
 /**
@@ -29,7 +30,7 @@ const defaultOpts = {
  * @returns {Promise<buffer>} Certificate
  */
 
-module.exports = async (client, userOpts) => {
+export default async (client, userOpts) => {
     const opts = { ...defaultOpts, ...userOpts };
     const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };
 
@@ -48,14 +49,13 @@ module.exports = async (client, userOpts) => {
      * Register account
      */
 
-    log('[auto] Checking account');
+    log("[auto] Checking account");
 
     try {
         client.getAccountUrl();
-        log('[auto] Account URL already exists, skipping account registration');
-    }
-    catch (e) {
-        log('[auto] Registering account');
+        log("[auto] Account URL already exists, skipping account registration（ 证书申请账户已存在，跳过注册 ）");
+    } catch (e) {
+        log("[auto] Registering account （注册证书申请账户）");
         await client.createAccount(accountPayload);
     }
 
@@ -63,7 +63,7 @@ module.exports = async (client, userOpts) => {
      * Parse domains from CSR
      */
 
-    log('[auto] Parsing domains from Certificate Signing Request');
+    log("[auto] Parsing domains from Certificate Signing Request ");
     const { commonName, altNames } = readCsrDomains(opts.csr);
     const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));
 
@@ -73,8 +73,8 @@ module.exports = async (client, userOpts) => {
      * Place order
      */
 
-    log('[auto] Placing new certificate order with ACME provider');
-    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: 'dns', value: d })) };
+    log("[auto] Placing new certificate order with ACME provider");
+    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
     const order = await client.createOrder(orderPayload);
     const authorizations = await client.getAuthorizations(order);
 
@@ -84,99 +84,81 @@ module.exports = async (client, userOpts) => {
      * Resolve and satisfy challenges
      */
 
-    log('[auto] Resolving and satisfying authorization challenges');
+    log("[auto] Resolving and satisfying authorization challenges");
 
     const clearTasks = [];
+    const localVerifyTasks = [];
+    const completeChallengeTasks = [];
 
     const challengeFunc = async (authz) => {
         const d = authz.identifier.value;
         let challengeCompleted = false;
 
         /* Skip authz that already has valid status */
-        if (authz.status === 'valid') {
+        if (authz.status === "valid") {
             log(`[auto] [${d}] Authorization already has valid status, no need to complete challenges`);
             return;
         }
 
-        try {
-            /* Select challenge based on priority */
-            const challenge = authz.challenges.sort((a, b) => {
-                const aidx = opts.challengePriority.indexOf(a.type);
-                const bidx = opts.challengePriority.indexOf(b.type);
-
-                if (aidx === -1) return 1;
-                if (bidx === -1) return -1;
-                return aidx - bidx;
-            }).slice(0, 1)[0];
-
-            if (!challenge) {
-                throw new Error(`Unable to select challenge for ${d}, no challenge found`);
-            }
-
-            log(`[auto] [${d}] Found ${authz.challenges.length} challenges, selected type: ${challenge.type}`);
-
-            /* Trigger challengeCreateFn() */
-            log(`[auto] [${d}] Trigger challengeCreateFn()`);
-            const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
+        const keyAuthorizationGetter = async (challenge) => {
+            return await client.getChallengeKeyAuthorization(challenge);
+        };
 
+        async function deactivateAuth(e) {
+            log(`[auto] [${d}] Unable to complete challenge: ${e.message}`);
             try {
-                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
-                log(`[auto] [${d}] challengeCreateFn success`);
-                log(`[auto] [${d}] add challengeRemoveFn()`);
-                clearTasks.push(async () => {
-                    /* Trigger challengeRemoveFn(), suppress errors */
-                    log(`[auto] [${d}] Trigger challengeRemoveFn()`);
-                    try {
-                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
-                    }
-                    catch (e) {
-                        log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
-                    }
-                });
-                // throw new Error('测试异常');
-                /* Challenge verification */
-                if (opts.skipChallengeVerification === true) {
-                    log(`[auto] [${d}] Skipping challenge verification since skipChallengeVerification=true，wait 60s`);
-                    await wait(60 * 1000);
-                }
-                else {
-                    log(`[auto] [${d}] Running challenge verification`);
-                    try {
-                        await client.verifyChallenge(authz, challenge);
-                    }
-                    catch (e) {
-                        log(`[auto] [${d}] challenge verification threw error: ${e.message}`);
-                    }
-                }
-                /* Complete challenge and wait for valid status */
-                log(`[auto] [${d}] Completing challenge with ACME provider and waiting for valid status`);
-                await client.completeChallenge(challenge);
-                challengeCompleted = true;
-
-                await client.waitForValidStatus(challenge);
-            }
-            catch (e) {
-                log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
-                throw e;
+                log(`[auto] [${d}] Deactivating failed authorization`);
+                await client.deactivateAuthorization(authz);
+            } catch (f) {
+                /* Suppress deactivateAuthorization() errors */
+                log(`[auto] [${d}] Authorization deactivation threw error: ${f.message}`);
             }
         }
-        catch (e) {
-            /* Deactivate pending authz when unable to complete challenge */
-            if (!challengeCompleted) {
-                log(`[auto] [${d}] Unable to complete challenge: ${e.message}`);
 
+        log(`[auto] [${d}] Trigger challengeCreateFn()`);
+        try {
+            const { recordReq, recordRes, dnsProvider, challenge, keyAuthorization ,httpUploader} = await opts.challengeCreateFn(authz, keyAuthorizationGetter);
+            clearTasks.push(async () => {
+                /* Trigger challengeRemoveFn(), suppress errors */
+                log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                 try {
-                    log(`[auto] [${d}] Deactivating failed authorization`);
-                    await client.deactivateAuthorization(authz);
+                    await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider,httpUploader);
+                } catch (e) {
+                    log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
                 }
-                catch (f) {
-                    /* Suppress deactivateAuthorization() errors */
-                    log(`[auto] [${d}] Authorization deactivation threw error: ${f.message}`);
-                }
-            }
+            });
 
+            localVerifyTasks.push(async () => {
+                /* Challenge verification */
+                log(`[auto] [${d}] 开始本地验证, type = ${challenge.type}`);
+                try {
+                    await client.verifyChallenge(authz, challenge);
+                } catch (e) {
+                    log(`[auto] [${d}] 本地验证失败，尝试请求ACME提供商获取状态: ${e.message}`);
+                }
+            });
+
+            completeChallengeTasks.push(async () => {
+                /* Complete challenge and wait for valid status */
+                log(`[auto] [${d}] 请求ACME提供商完成验证`);
+                try{
+                    await client.completeChallenge(challenge);
+                }catch (e) {
+                    await deactivateAuth(e);
+                    throw e;
+                }
+                challengeCompleted = true;
+                log(`[auto] [${d}] 等待返回valid状态`);
+                await client.waitForValidStatus(challenge,d);
+            });
+
+
+        } catch (e) {
+            log(`[auto] [${d}] challengeCreateFn threw error: ${e.message}`);
+            await deactivateAuth(e);
             throw e;
         }
+
     };
     const domainSets = [];
 
@@ -184,7 +166,7 @@ module.exports = async (client, userOpts) => {
         const d = authz.identifier.value;
         log(`authorization:domain = ${d}, value = ${JSON.stringify(authz)}`);
 
-        if (authz.status === 'valid') {
+        if (authz.status === "valid") {
             log(`[auto] [${d}] Authorization already has valid status, no need to complete challenges`);
             return;
         }
@@ -208,8 +190,9 @@ module.exports = async (client, userOpts) => {
 
     const allChallengePromises = [];
     // eslint-disable-next-line no-restricted-syntax
+    const challengePromises = [];
+    allChallengePromises.push(challengePromises);
     for (const domainSet of domainSets) {
-        const challengePromises = [];
         // eslint-disable-next-line guard-for-in,no-restricted-syntax
         for (const domain in domainSet) {
             const authz = domainSet[domain];
@@ -218,12 +201,11 @@ module.exports = async (client, userOpts) => {
                 await challengeFunc(authz);
             });
         }
-        allChallengePromises.push(challengePromises);
     }
 
     log(`[auto] challengeGroups:${allChallengePromises.length}`);
 
-    function runAllPromise(tasks) {
+    async function runAllPromise(tasks) {
         let promise = Promise.resolve();
         tasks.forEach((task) => {
             promise = promise.then(task);
@@ -231,73 +213,61 @@ module.exports = async (client, userOpts) => {
         return promise;
     }
 
-    async function runPromisePa(tasks) {
+    async function runPromisePa(tasks, waitTime = 5000) {
         const results = [];
         // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
         for (const task of tasks) {
             results.push(task());
             // eslint-disable-next-line no-await-in-loop
-            await wait(10000);
+            await wait(waitTime);
         }
         return Promise.all(results);
     }
 
-    try {
-        log(`开始challenge，共${allChallengePromises.length}组`);
-        let i = 0;
-        // eslint-disable-next-line no-restricted-syntax
-        for (const challengePromises of allChallengePromises) {
-            i += 1;
-            log(`开始第${i}组`);
-            if (opts.signal && opts.signal.aborted) {
-                throw new Error('用户取消');
+    log(`开始challenge，共${allChallengePromises.length}组`);
+    let i = 0;
+    // eslint-disable-next-line no-restricted-syntax
+    for (const challengePromises of allChallengePromises) {
+        i += 1;
+        log(`开始第${i}组`);
+        if (opts.signal && opts.signal.aborted) {
+            throw new CancelError("用户取消");
+        }
+
+        const waitDnsDiffuseTime = opts.waitDnsDiffuseTime || 30;
+        try {
+            // eslint-disable-next-line no-await-in-loop
+            await runPromisePa(challengePromises);
+            if (opts.skipChallengeVerification === true) {
+                log(`跳过本地验证（skipChallengeVerification=true），等待 60s`);
+                await wait(60 * 1000);
+            } else {
+                await runPromisePa(localVerifyTasks, 1000);
+                log(`本地校验完成，等待${waitDnsDiffuseTime}s`)
+                await wait(waitDnsDiffuseTime * 1000)
             }
 
-            try {
-                // eslint-disable-next-line no-await-in-loop
-                await runPromisePa(challengePromises);
-            }
-            catch (e) {
-                log(`证书申请失败${e.message}`);
-                throw e;
-            }
-            finally {
-                if (client.opts.sslProvider !== 'google') {
-                    // letsencrypt 如果同时检出两个TXT记录，会以第一个为准，就会校验失败，所以需要提前删除
-                    // zerossl 此方式测试无问题
-                    log(`清理challenge痕迹，length:${clearTasks.length}`);
-                    try {
-                        // eslint-disable-next-line no-await-in-loop
-                        await runAllPromise(clearTasks);
-                    }
-                    catch (e) {
-                        log('清理challenge失败');
-                        log(e);
-                    }
-                }
-            }
-        }
-    }
-    finally {
-        if (client.opts.sslProvider === 'google') {
-            // google 相同的域名txt记录是一样的，不能提前删除，否则校验失败，报错如下
-            //  Error: The TXT record retrieved from _acme-challenge.bbc.handsfree.work.
-            //  at the time the challenge was validated did not contain JshHVu7dt_DT6uYILWhokHefFVad2Q6Mw1L-fNZFcq8
-            //  (the base64url-encoded SHA-256 digest of RlJZNBR0LWnxNK_xd2zqtYVvCiNJOKJ3J1NmCjU_9BjaUJgL3k-qSpIhQ-uF4FBS.NRyqT8fRiq6THzzrvkgzgR5Xai2LsA2SyGLAq_wT3qc).
-            //  See https://tools.ietf.org/html/rfc8555#section-8.4 for more information.
+            log("开始向提供商请求挑战验证");
+            await runPromisePa(completeChallengeTasks, 1000);
+        } catch (e) {
+            log(`证书申请失败${e.message}`);
+            throw e;
+        } finally {
+            // letsencrypt 如果同时检出两个TXT记录，会以第一个为准，就会校验失败，所以需要提前删除
+            // zerossl 此方式测试无问题
             log(`清理challenge痕迹，length:${clearTasks.length}`);
             try {
-            // eslint-disable-next-line no-await-in-loop
+                // eslint-disable-next-line no-await-in-loop
                 await runAllPromise(clearTasks);
-            }
-            catch (e) {
-                log('清理challenge失败');
+            } catch (e) {
+                log("清理challenge失败");
                 log(e);
             }
         }
     }
 
-    log('challenge结束');
+
+    log("challenge结束");
 
     // log('[auto] Waiting for challenge valid status');
     // await Promise.all(challengePromises);
@@ -305,7 +275,7 @@ module.exports = async (client, userOpts) => {
      * Finalize order and download certificate
      */
 
-    log('[auto] Finalizing order and downloading certificate');
+    log("[auto] Finalizing order and downloading certificate");
     const finalized = await client.finalizeOrder(order, opts.csr);
     const res = await client.getCertificate(finalized, opts.preferredChain);
     return res;

packages/core/acme-client/src/axios.js

@@ -1,14 +1,11 @@
 /**
  * Axios instance
  */
-const axios = require('axios');
-const { parseRetryAfterHeader } = require('./util');
-const { log } = require('./logger');
-const pkg = require('./../package.json');
-const Agents = require('./agents');
-
+import axios from 'axios';
+import { parseRetryAfterHeader } from './util.js';
+import { log } from './logger.js';
 const { AxiosError } = axios;
-
+import {getGlobalAgents, HttpError} from '@certd/basic'
 /**
  * Defaults
  */
@@ -16,7 +13,7 @@ const { AxiosError } = axios;
 const instance = axios.create();
 
 /* Default User-Agent */
-instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version}`;
+instance.defaults.headers.common['User-Agent'] = `@certd/acme-client`;
 
 /* Default ACME settings */
 instance.defaults.acmeSettings = {
@@ -75,7 +72,7 @@ function validateStatus(response) {
         response,
     );
 
-    throw new Agents.HttpError(err);
+    throw new HttpError(err);
 }
 
 /* Pass all responses through the error interceptor */
@@ -85,7 +82,7 @@ instance.interceptors.request.use((config) => {
     }
     config.validateStatus = () => false;
 
-    const agents = Agents.getGlobalAgents();
+    const agents = getGlobalAgents();
     // if (config.skipSslVerify) {
     //     logger.info('跳过SSL验证');
     //     agents = createAgent({ rejectUnauthorized: false } as any);
@@ -102,7 +99,7 @@ instance.interceptors.response.use(null, async (error) => {
     const { config, response } = error;
 
     if (!config) {
-        return Promise.reject(new Agents.HttpError(error));
+        return Promise.reject(new HttpError(error));
     }
 
     /* Pick up errors we want to retry */
@@ -114,25 +111,28 @@ instance.interceptors.response.use(null, async (error) => {
             const code = response ? `HTTP ${response.status}` : error.code;
             log(`Caught ${code}, retry attempt ${config.retryAttempt}/${retryMaxAttempts} to URL ${config.url}`);
 
+            const retryAfter = (retryDefaultDelay * config.retryAttempt);
             /* Attempt to parse Retry-After header, fallback to default delay */
-            let retryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
+            const headerRetryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
 
-            if (retryAfter > 0) {
-                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${retryAfter} seconds`);
-            }
-            else {
-                retryAfter = (retryDefaultDelay * config.retryAttempt);
-                log(`Unable to locate or parse retry-after response header, waiting ${retryAfter} seconds`);
+            if (headerRetryAfter > 0) {
+                const waitMinutes = (headerRetryAfter / 60).toFixed(1);
+                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${waitMinutes} minutes`);
+                log(JSON.stringify(response.data));
+                return Promise.reject(new HttpError(error));
             }
 
+            log(`waiting ${retryAfter} seconds`);
+
             /* Wait and retry the request */
             await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
+            log(`Retrying request to URL ${config.url}`);
             return instance(config);
         }
     }
 
     if (!response) {
-        return Promise.reject(new Agents.HttpError(error));
+        return Promise.reject(new HttpError(error));
     }
     /* Validate and return response */
     return validateStatus(response);
@@ -142,4 +142,4 @@ instance.interceptors.response.use(null, async (error) => {
  * Export instance
  */
 
-module.exports = instance;
+export default instance;

packages/core/acme-client/src/client.js

@@ -3,15 +3,17 @@
  *
  * @namespace Client
  */
+import { createHash } from 'crypto';
+import  { getPemBodyAsB64u } from './crypto/index.js';
+import { log } from './logger.js';
+import HttpClient from './http.js';
+import AcmeApi from './api.js';
+import verify from './verify.js';
+import * as util from './util.js';
+import auto from './auto.js';
+import { CancelError } from './error.js';
+
 
-const { createHash } = require('crypto');
-const { getPemBodyAsB64u } = require('./crypto');
-const { log } = require('./logger');
-const HttpClient = require('./http');
-const AcmeApi = require('./api');
-const verify = require('./verify');
-const util = require('./util');
-const auto = require('./auto');
 
 /**
  * ACME states
@@ -490,14 +492,15 @@ class AcmeClient {
 
         const keyAuthorization = await this.getChallengeKeyAuthorization(challenge);
 
-        const verifyFn = async () => {
+        const verifyFn = async (abort) => {
             if (this.opts.signal && this.opts.signal.aborted) {
-                throw new Error('用户取消');
+                abort();
+                throw new CancelError('用户取消');
             }
             await verify[challenge.type](authz, challenge, keyAuthorization);
         };
 
-        log('Waiting for ACME challenge verification', this.backoffOpts);
+        log('Waiting for ACME challenge verification（等待ACME挑战验证）', this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 
@@ -518,7 +521,7 @@ class AcmeClient {
 
     async completeChallenge(challenge) {
         if (this.opts.signal && this.opts.signal.aborted) {
-            throw new Error('用户取消');
+            throw new CancelError('用户取消');
         }
         const resp = await this.api.completeChallenge(challenge.url, {});
         return resp.data;
@@ -551,37 +554,37 @@ class AcmeClient {
      * ```
      */
 
-    async waitForValidStatus(item) {
+    async waitForValidStatus(item,d) {
         if (!item.url) {
-            throw new Error('Unable to verify status of item, URL not found');
+            throw new Error(`[${d}] Unable to verify status of item, URL not found`);
         }
 
         const verifyFn = async (abort) => {
             if (this.opts.signal && this.opts.signal.aborted) {
                 abort();
-                throw new Error('用户取消');
+                throw new CancelError('用户取消');
             }
 
             const resp = await this.api.apiRequest(item.url, null, [200]);
 
             /* Verify status */
-            log(`Item has status: ${resp.data.status}`);
+            log(`[${d}] Item has status（挑战状态）: ${resp.data.status}`);
 
             if (invalidStates.includes(resp.data.status)) {
                 abort();
                 throw new Error(util.formatResponseError(resp));
             }
             else if (pendingStates.includes(resp.data.status)) {
-                throw new Error('Operation is pending or processing');
+                throw new Error(`[${d}] Operation is pending or processing（当前仍然在等待状态）`);
             }
             else if (validStates.includes(resp.data.status)) {
                 return resp.data;
             }
 
-            throw new Error(`Unexpected item status: ${resp.data.status}`);
+            throw new Error(`[${d}] Unexpected item status: ${resp.data.status}`);
         };
 
-        log(`Waiting for valid status from: ${item.url}`, this.backoffOpts);
+        log(`[${d}] Waiting for valid status （等待valid状态）: ${item.url}`, this.backoffOpts);
         return util.retry(verifyFn, this.backoffOpts);
     }
 
@@ -717,4 +720,4 @@ class AcmeClient {
 }
 
 /* Export client */
-module.exports = AcmeClient;
+export default  AcmeClient;

packages/core/acme-client/src/crypto/forge.js

@@ -6,11 +6,10 @@
  *
  * @namespace forge
  */
-
-const net = require('net');
-const { promisify } = require('util');
-const forge = require('node-forge');
-const { createPrivateEcdsaKey, getPublicKey } = require('./index');
+import net from 'net';
+import { promisify } from 'util';
+import forge from 'node-forge';
+import { createPrivateEcdsaKey } from './index.js';
 
 const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);
 
@@ -113,13 +112,12 @@ function parseDomains(obj) {
  * ```
  */
 
-async function createPrivateKey(size = 2048) {
+export async function createPrivateKey(size = 2048) {
     const keyPair = await generateKeyPair({ bits: size });
     const pemKey = forge.pki.privateKeyToPem(keyPair.privateKey);
     return Buffer.from(pemKey);
 }
 
-exports.createPrivateKey = createPrivateKey;
 
 /**
  * Create public key from a private RSA key
@@ -133,7 +131,7 @@ exports.createPrivateKey = createPrivateKey;
  * ```
  */
 
-exports.createPublicKey = async (key) => {
+export const createPublicKey = async (key) => {
     const privateKey = forge.pki.privateKeyFromPem(key);
     const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
     const pemKey = forge.pki.publicKeyToPem(publicKey);
@@ -148,7 +146,7 @@ exports.createPublicKey = async (key) => {
  * @returns {string} PEM body
  */
 
-exports.getPemBody = (str) => {
+export const getPemBody = (str) => {
     const msg = forge.pem.decode(str)[0];
     return forge.util.encode64(msg.body);
 };
@@ -160,7 +158,7 @@ exports.getPemBody = (str) => {
  * @returns {string[]} Array of PEM bodies
  */
 
-exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
+export const splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
 
 /**
  * Get modulus
@@ -176,7 +174,7 @@ exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
  * ```
  */
 
-exports.getModulus = async (input) => {
+export const getModulus = async (input) => {
     if (!Buffer.isBuffer(input)) {
         input = Buffer.from(input);
     }
@@ -199,7 +197,7 @@ exports.getModulus = async (input) => {
  * ```
  */
 
-exports.getPublicExponent = async (input) => {
+export const getPublicExponent = async (input) => {
     if (!Buffer.isBuffer(input)) {
         input = Buffer.from(input);
     }
@@ -223,7 +221,7 @@ exports.getPublicExponent = async (input) => {
  * ```
  */
 
-exports.readCsrDomains = async (csr) => {
+export const readCsrDomains = async (csr) => {
     if (!Buffer.isBuffer(csr)) {
         csr = Buffer.from(csr);
     }
@@ -251,7 +249,7 @@ exports.readCsrDomains = async (csr) => {
  * ```
  */
 
-exports.readCertificateInfo = async (cert) => {
+export const readCertificateInfo = async (cert) => {
     if (!Buffer.isBuffer(cert)) {
         cert = Buffer.from(cert);
     }
@@ -379,7 +377,7 @@ function formatCsrAltNames(altNames) {
  * }, certificateKey);
  */
 
-exports.createCsr = async (data, keyType = null) => {
+export const createCsr = async (data, keyType = null) => {
     let key = null;
     if (keyType === 'ec') {
         key = await createPrivateEcdsaKey();

packages/core/acme-client/src/crypto/index.js

@@ -3,12 +3,12 @@
  *
  * @namespace crypto
  */
+import  net from 'net';
+import { promisify } from 'util';
+import crypto from 'crypto';
+import asn1js from 'asn1js';
+import x509 from '@peculiar/x509';
 
-const net = require('net');
-const { promisify } = require('util');
-const crypto = require('crypto');
-const asn1js = require('asn1js');
-const x509 = require('@peculiar/x509');
 
 const randomInt = promisify(crypto.randomInt);
 const generateKeyPair = promisify(crypto.generateKeyPair);
@@ -67,7 +67,7 @@ function getKeyInfo(keyPem) {
  * ```
  */
 
-async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
+export async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
     const pair = await generateKeyPair('rsa', {
         modulusLength,
         privateKeyEncoding: {
@@ -79,7 +79,6 @@ async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8')
     return Buffer.from(pair.privateKey);
 }
 
-exports.createPrivateRsaKey = createPrivateRsaKey;
 
 /**
  * Alias of `createPrivateRsaKey()`
@@ -87,7 +86,7 @@ exports.createPrivateRsaKey = createPrivateRsaKey;
  * @function
  */
 
-exports.createPrivateKey = createPrivateRsaKey;
+export const createPrivateKey = createPrivateRsaKey;
 
 /**
  * Generate a private ECDSA key
@@ -106,7 +105,7 @@ exports.createPrivateKey = createPrivateRsaKey;
  * ```
  */
 
-exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
+export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
     const pair = await generateKeyPair('ec', {
         namedCurve,
         privateKeyEncoding: {
@@ -130,7 +129,7 @@ exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkc
  * ```
  */
 
-exports.getPublicKey = (keyPem) => {
+export const getPublicKey = (keyPem) => {
     const info = getKeyInfo(keyPem);
 
     const publicKey = info.publicKey.export({
@@ -155,7 +154,7 @@ exports.getPublicKey = (keyPem) => {
  * ```
  */
 
-function getJwk(keyPem) {
+export function getJwk(keyPem) {
     const jwk = crypto.createPublicKey(keyPem).export({
         format: 'jwk',
     });
@@ -167,7 +166,6 @@ function getJwk(keyPem) {
     }, {});
 }
 
-exports.getJwk = getJwk;
 
 /**
  * Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
@@ -215,7 +213,7 @@ async function getWebCryptoKeyPair(keyPem) {
  * @returns {string[]} Array of PEM objects including headers
  */
 
-function splitPemChain(chainPem) {
+export function splitPemChain(chainPem) {
     if (Buffer.isBuffer(chainPem)) {
         chainPem = chainPem.toString();
     }
@@ -225,7 +223,6 @@ function splitPemChain(chainPem) {
         .map((params) => x509.PemConverter.encode([params]));
 }
 
-exports.splitPemChain = splitPemChain;
 
 /**
  * Parse body of PEM encoded object and return a Base64URL string
@@ -235,7 +232,7 @@ exports.splitPemChain = splitPemChain;
  * @returns {string} Base64URL-encoded body
  */
 
-exports.getPemBodyAsB64u = (pem) => {
+export const getPemBodyAsB64u = (pem) => {
     const chain = splitPemChain(pem);
 
     if (!chain.length) {
@@ -286,7 +283,7 @@ function parseDomains(input) {
  * ```
  */
 
-exports.readCsrDomains = (csrPem) => {
+export const readCsrDomains = (csrPem) => {
     if (Buffer.isBuffer(csrPem)) {
         csrPem = csrPem.toString();
     }
@@ -315,7 +312,7 @@ exports.readCsrDomains = (csrPem) => {
  * ```
  */
 
-exports.readCertificateInfo = (certPem) => {
+export const readCertificateInfo = (certPem) => {
     if (Buffer.isBuffer(certPem)) {
         certPem = certPem.toString();
     }
@@ -449,7 +446,7 @@ function createSubjectAltNameExtension(altNames) {
  * ```
  */
 
-exports.createCsr = async (data, keyPem = null) => {
+export const createCsr = async (data, keyPem = null) => {
     if (!keyPem) {
         keyPem = await createPrivateRsaKey(data.keySize);
     }
@@ -520,7 +517,7 @@ exports.createCsr = async (data, keyPem = null) => {
  * ```
  */
 
-exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
+export const createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
     if (!keyPem) {
         keyPem = await createPrivateRsaKey();
     }
@@ -583,7 +580,7 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
  * @returns {boolean} True when valid
  */
 
-exports.isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
+export const isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
     const expected = crypto.createHash('sha256').update(keyAuthorization).digest('hex');
 
     /* Attempt to locate ALPN extension */

packages/core/acme-client/src/error.js

@@ -0,0 +1,9 @@
+export class CancelError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'CancelError';
+    }
+}
+
+
+

packages/core/acme-client/src/http.js

@@ -1,11 +1,11 @@
 /**
  * ACME HTTP client
  */
-
-const { createHmac, createSign, constants: { RSA_PKCS1_PADDING } } = require('crypto');
-const { getJwk } = require('./crypto');
-const { log } = require('./logger');
-const axios = require('./axios');
+import { createHmac, createSign, constants } from 'crypto';
+const { RSA_PKCS1_PADDING } = constants;
+import axios from './axios.js';
+import { log } from './logger.js';
+import { getJwk } from './crypto/index.js';
 
 /**
  * ACME HTTP client
@@ -324,4 +324,4 @@ class HttpClient {
 }
 
 /* Export client */
-module.exports = HttpClient;
+export default HttpClient;

packages/core/acme-client/src/index.js

@@ -1,14 +1,14 @@
 /**
  * acme-client
  */
-
-exports.Client = require('./client');
+import AcmeClinet  from './client.js'
+export const Client = AcmeClinet
 
 /**
  * Directory URLs
  */
 
-exports.directory = {
+export const directory = {
     buypass: {
         staging: 'https://api.test4.buypass.no/acme/directory',
         production: 'https://api.buypass.com/acme/directory',
@@ -31,20 +31,20 @@ exports.directory = {
  * Crypto
  */
 
-exports.crypto = require('./crypto');
-exports.forge = require('./crypto/forge');
+export * as crypto from './crypto/index.js'
+export * as forge from './crypto/forge.js'
 
 /**
  * Axios
  */
 
-exports.axios = require('./axios');
-exports.agents = require('./agents');
-
+export *  from './axios.js'
 /**
  * Logger
  */
 
-exports.setLogger = require('./logger').setLogger;
+export * from './logger.js'
+export * from './verify.js'
+export * from './error.js'
 
-exports.walkTxtRecord = require('./verify').walkTxtRecord;
+export * from './util.js'

packages/core/acme-client/src/logger.js

@@ -2,7 +2,8 @@
  * ACME logger
  */
 
-const debug = require('debug')('acme-client');
+import debugg from 'debug'
+const debug = debugg('acme-client');
 
 let logger = () => {};
 
@@ -12,7 +13,7 @@ let logger = () => {};
  * @param {function} fn Logger function
  */
 
-exports.setLogger = (fn) => {
+export const setLogger = (fn) => {
     logger = fn;
 };
 
@@ -22,7 +23,7 @@ exports.setLogger = (fn) => {
  * @param {string} msg Message
  */
 
-exports.log = (...msg) => {
+export const  log = (...msg) => {
     debug(...msg);
     logger(...msg);
 };

packages/core/acme-client/src/util.js

@@ -2,11 +2,12 @@
  * Utility methods
  */
 
-const tls = require('tls');
-const dns = require('dns').promises;
-const { readCertificateInfo, splitPemChain } = require('./crypto');
-const { log } = require('./logger');
+import tls from 'tls';
+import dnsSdk from 'dns';
+import { readCertificateInfo, splitPemChain }from './crypto/index.js'
+import { log } from './logger.js'
 
+const dns = dnsSdk.promises;
 /**
  * Exponential backoff
  *
@@ -59,8 +60,9 @@ async function retryPromise(fn, attempts, backoff) {
             throw e;
         }
 
+        log(`Promise rejected: ${e.message}`);
         const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, retrying in ${duration}ms: ${e.message}`);
+        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
 
         await new Promise((resolve) => { setTimeout(resolve, duration); });
         return retryPromise(fn, attempts, backoff);
@@ -217,15 +219,15 @@ function formatResponseError(resp) {
 async function resolveDomainBySoaRecord(recordName) {
     try {
         await dns.resolveSoa(recordName);
-        log(`Found SOA record, considering domain to be: ${recordName}`);
+        log(`找到${recordName}的SOA记录`);
         return recordName;
     }
     catch (e) {
-        log(`Unable to locate SOA record for name: ${recordName}`);
+        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
         const parentRecordName = recordName.split('.').slice(1).join('.');
 
         if (!parentRecordName.includes('.')) {
-            throw new Error('Unable to resolve domain by SOA record');
+            throw new Error('SOA record查找失败');
         }
 
         return resolveDomainBySoaRecord(parentRecordName);
@@ -240,7 +242,7 @@ async function resolveDomainBySoaRecord(recordName) {
  */
 
 async function getAuthoritativeDnsResolver(recordName) {
-    log(`Locating authoritative NS records for name: ${recordName}`);
+    log(`获取域名${recordName}的权威NS服务器: `);
     const resolver = new dns.Resolver();
 
     try {
@@ -248,13 +250,14 @@ async function getAuthoritativeDnsResolver(recordName) {
         const domain = await resolveDomainBySoaRecord(recordName);
 
         /* Resolve authoritative NS addresses */
-        log(`Looking up authoritative NS records for domain: ${domain}`);
+        log(`获取到权威NS服务器name: ${domain}`);
         const nsRecords = await dns.resolveNs(domain);
+        log(`域名权威NS服务器：${nsRecords}`);
         const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
         const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);
 
         if (!nsAddresses.length) {
-            throw new Error(`Unable to locate any valid authoritative NS addresses for domain: ${domain}`);
+            throw new Error(`Unable to locate any valid authoritative NS addresses for domain（获取权威服务器IP失败）: ${domain}`);
         }
 
         /* Authoritative NS success */
@@ -262,12 +265,12 @@ async function getAuthoritativeDnsResolver(recordName) {
         resolver.setServers(nsAddresses);
     }
     catch (e) {
-        log(`Authoritative NS lookup error: ${e.message}`);
+        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
     }
 
     /* Return resolver */
     const addresses = resolver.getServers();
-    log(`DNS resolver addresses: ${addresses.join(', ')}`);
+    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
 
     return resolver;
 }
@@ -329,7 +332,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
  * Export utils
  */
 
-module.exports = {
+export {
     retry,
     parseLinkHeader,
     parseRetryAfterHeader,
@@ -337,4 +340,6 @@ module.exports = {
     formatResponseError,
     getAuthoritativeDnsResolver,
     retrieveTlsAlpnCertificate,
+    resolveDomainBySoaRecord
 };
+

packages/core/acme-client/src/verify.js

@@ -2,13 +2,15 @@
  * ACME challenge verification
  */
 
-const dns = require('dns').promises;
-const https = require('https');
-const { log } = require('./logger');
-const axios = require('./axios');
-const util = require('./util');
-const { isAlpnCertificateAuthorizationValid } = require('./crypto');
+import dnsSdk from "dns"
+import https from 'https'
+import {log} from './logger.js'
+import axios from './axios.js'
+import * as util from './util.js'
+import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
 
+
+const dns = dnsSdk.promises
 /**
  * Verify ACME HTTP challenge
  *
@@ -22,22 +24,46 @@ const { isAlpnCertificateAuthorizationValid } = require('./crypto');
  */
 
 async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
+
+    async function doQuery(challengeUrl){
+        log(`正在测试请求 ${challengeUrl} `)
+        // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+
+        /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
+        const httpsAgent = new https.Agent({ rejectUnauthorized: false });
+
+        log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
+        let data = ""
+        try{
+            const resp = await axios.get(challengeUrl, { httpsAgent });
+            data = (resp.data || '').replace(/\s+$/, '');
+        }catch (e) {
+            log(`[error] HTTP request error from ${authz.identifier.value}`,e.message);
+            return false
+        }
+
+        if (!data || (data !== keyAuthorization)) {
+            log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
+            return false
+        }
+        return true
+
+    }
+
     const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
     const challengeUrl = `http://${authz.identifier.value}:${httpPort}${suffix}`;
 
-    /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
-    const httpsAgent = new https.Agent({ rejectUnauthorized: false });
-
-    log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
-    const resp = await axios.get(challengeUrl, { httpsAgent });
-    const data = (resp.data || '').replace(/\s+$/, '');
-
-    log(`Query successful, HTTP status code: ${resp.status}`);
-
-    if (!data || (data !== keyAuthorization)) {
-        throw new Error(`Authorization not found in HTTP response from ${authz.identifier.value}`);
+    if (!await doQuery(challengeUrl)) {
+        const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+        const httpsChallengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+        const res = await doQuery(httpsChallengeUrl)
+        if (!res) {
+            throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
+        }
     }
 
+
     log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
     return true;
 }
@@ -46,55 +72,85 @@ async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix =
  * Walk DNS until TXT records are found
  */
 
-async function walkDnsChallengeRecord(recordName, resolver = dns) {
-    /* Resolve CNAME record first */
-    // try {
-    //     log(`Checking name for CNAME records: ${recordName}`);
-    //     const cnameRecords = await resolver.resolveCname(recordName);
-    //
-    //     if (cnameRecords.length) {
-    //         log(`CNAME record found at ${recordName}, new challenge record name: ${cnameRecords[0]}`);
-    //         return walkDnsChallengeRecord(cnameRecords[0]);
-    //     }
-    // }
-    // catch (e) {
-    //     log(`No CNAME records found for name: ${recordName}`);
-    // }
+async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
+
+    let records = [];
 
     /* Resolve TXT records */
     try {
-        log(`Checking name for TXT records: ${recordName}`);
+        log(`检查域名 ${recordName} 的TXT记录`);
         const txtRecords = await resolver.resolveTxt(recordName);
 
         if (txtRecords && txtRecords.length) {
-            log(`Found ${txtRecords.length} TXT records at ${recordName}`);
+            log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
             log(`TXT records: ${JSON.stringify(txtRecords)}`);
-            return [].concat(...txtRecords);
+            records = records.concat(...txtRecords);
         }
-        return [];
+    } catch (e) {
+        log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
     }
-    catch (e) {
-        log(`Resolve TXT records error, ${recordName} :${e.message}`);
-        throw e;
+
+    /* Resolve CNAME record first */
+    try {
+        log(`检查是否存在CNAME映射: ${recordName}`);
+        const cnameRecords = await resolver.resolveCname(recordName);
+
+        if (cnameRecords.length) {
+            const cnameRecord = cnameRecords[0];
+            log(`已找到${recordName}的CNAME记录，将检查: ${cnameRecord}`);
+            let res= await  walkTxtRecord(cnameRecord,deep+1);
+            if (res && res.length) {
+                log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
+                records = records.concat(...res);
+            }
+        }else{
+            log(`没有CNAME映射（${recordName}）`);
+        }
+    } catch (e) {
+        log(`检查CNAME出错（${recordName}） :${e.message}`);
     }
+    return records
 }
 
-async function walkTxtRecord(recordName) {
+export async function walkTxtRecord(recordName,deep = 0) {
+    if(deep >5){
+        log(`walkTxtRecord too deep (#${deep}) , skip walk`)
+        return []
+    }
+
+    const txtRecords = []
     try {
         /* Default DNS resolver first */
-        log('Attempting to resolve TXT with default DNS resolver first');
-        const res = await walkDnsChallengeRecord(recordName);
+        log('从本地DNS服务器获取TXT解析记录');
+        const res = await walkDnsChallengeRecord(recordName,dns,deep);
         if (res && res.length > 0) {
-            return res;
+            for (const item of res) {
+                txtRecords.push(item)
+            }
         }
-        throw new Error('No TXT records found');
+
+    } catch (e) {
+        log(`本地获取TXT解析记录失败:${e.message}`)
     }
-    catch (e) {
+
+    try{
         /* Authoritative DNS resolver */
-        log(`Error using default resolver, attempting to resolve TXT with authoritative NS: ${e.message}`);
+        log(`从域名权威服务器获取TXT解析记录`);
         const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
-        return await walkDnsChallengeRecord(recordName, authoritativeResolver);
+        const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
+        if (res && res.length > 0) {
+            for (const item of res) {
+                txtRecords.push(item)
+            }
+        }
+    }catch (e) {
+        log(`权威服务器获取TXT解析记录失败:${e.message}`)
     }
+
+    if (txtRecords.length === 0) {
+        throw new Error(`没有找到TXT解析记录（${recordName}）`);
+    }
+    return txtRecords;
 }
 
 /**
@@ -111,14 +167,16 @@ async function walkTxtRecord(recordName) {
 
 async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
     const recordName = `${prefix}${authz.identifier.value}`;
-    log(`Resolving DNS TXT from record: ${recordName}`);
-    const recordValues = await walkTxtRecord(recordName);
-    log(`DNS query finished successfully, found ${recordValues.length} TXT records`);
+    log(`本地校验TXT记录）: ${recordName}`);
+    let recordValues = await walkTxtRecord(recordName);
+    //去重
+    recordValues = [...new Set(recordValues)];
+    log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
     if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`Authorization not found in DNS TXT record: ${recordName}，need:${keyAuthorization},found:${recordValues}`);
+        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
     }
 
-    log(`Key authorization match for ${challenge.type}/${recordName}, ACME challenge verified`);
+    log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
     return true;
 }
 
@@ -153,9 +211,8 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
  * Export API
  */
 
-module.exports = {
+export default {
     'http-01': verifyHttpChallenge,
     'dns-01': verifyDnsChallenge,
     'tls-alpn-01': verifyTlsAlpnChallenge,
-    walkTxtRecord,
 };