v1.28.3

build: prepare to build
perf: 支持腾讯虚拟机开关机(@wujingke)
2026-04-04 06:30:51 +08:00 · 2024-12-12 12:06:46 +08:00 · 2024-12-12 12:05:16 +08:00 · 2024-12-12 11:50:01 +08:00 · 2024-12-12 11:42:46 +08:00 · 2024-12-11 22:17:11 +08:00
629 changed files with 17680 additions and 8431 deletions
--- a/.github/workflows/build-image-for-test.yml
+++ b/.github/workflows/build-image-for-test.yml
@@ -0,0 +1,79 @@
+name: build-image-for-test
+on:
+  push:
+    branches: ['v2-dev']
+    paths:
+      - "build-dev.trigger"
+
+#  schedule:
+#    - # 国际时间 19:17 执行，北京时间3:17  ↙↙↙ 改成你想要每天自动执行的时间
+#    - cron: '17 19 * * *'
+permissions:
+  contents: read
+
+jobs:
+  build-certd-image:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: v2-dev
+
+      - name: get_certd_version
+        id: get_certd_version
+        uses: actions/github-script@v6
+        with:
+          result-encoding: string
+          script: |
+            const fs = require('fs');
+            const path = require('path');
+            const pnpmWorkspace = "./pnpm-workspace.yaml";
+            fs.unlinkSync(pnpmWorkspace)
+            const jsonFilePath = "./packages/ui/certd-server/package.json";
+            const jsonContent = fs.readFileSync(jsonFilePath, 'utf-8');
+            const pkg = JSON.parse(jsonContent)
+            console.log("certd_version:",pkg.version);
+            return pkg.version
+#      - name: Use Node.js
+#        uses: actions/setup-node@v4
+#        with:
+#          node-version: 18
+#          cache: 'npm'
+#        working-directory: ./packages/ui/certd-client
+      - run: |
+          npm install -g pnpm@8.15.7
+          pnpm install
+          npm run build
+        working-directory: ./packages/ui/certd-client
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to aliyun container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: registry.cn-shenzhen.aliyuncs.com
+          username: ${{ secrets.aliyun_cs_username }}
+          password: ${{ secrets.aliyun_cs_password }}
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.dockerhub_username }}
+          password: ${{ secrets.dockerhub_password }}
+
+      - name: Build default platforms
+        uses: docker/build-push-action@v6
+        with:
+          platforms: linux/amd64,linux/arm64
+          push: true
+          context: ./packages/ui/
+          tags: |
+            registry.cn-shenzhen.aliyuncs.com/handsfree/certd-dev:latest
+            greper/certd-dev:latest
+
--- a/.github/workflows/build-image.yml
+++ b/.github/workflows/build-image.yml
@@ -17,6 +17,9 @@ jobs:
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          lfs: true

      - name: get_certd_version
        id: get_certd_version
@@ -76,17 +79,17 @@ jobs:
            greper/certd:latest
            greper/certd:${{steps.get_certd_version.outputs.result}}

-      - name: Build armv7
-        uses: docker/build-push-action@v6
-        with:
-          platforms: linux/arm/v7
-          push: true
-          context: ./packages/ui/
-          tags: |
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
-            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
-            greper/certd:armv7
-            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7
+#      - name: Build armv7
+#        uses: docker/build-push-action@v6
+#        with:
+#          platforms: linux/arm/v7
+#          push: true
+#          context: ./packages/ui/
+#          tags: |
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7
+#            registry.cn-shenzhen.aliyuncs.com/handsfree/certd:${{steps.get_certd_version.outputs.result}}-armv7
+#            greper/certd:armv7
+#            greper/certd:${{steps.get_certd_version.outputs.result}}-armv7

      - name: Build agent
        uses: docker/build-push-action@v6
--- a/.github/workflows/deploy-demo.yml
+++ b/.github/workflows/deploy-demo.yml
@@ -1,7 +1,7 @@
 name: deploy-demo
 on:
  push:
-    branches: ['v2']
+    branches: ['v2-dev']
    paths:
      - "deploy.trigger"
  workflow_run:
@@ -21,6 +21,9 @@ jobs:
    steps:
      - name: Checkout Code
        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          ref: v2-dev
      - name: get_certd_version
        id: get_certd_version
        uses: actions/github-script@v6
@@ -37,8 +40,7 @@ jobs:
      - uses: GuillaumeFalourd/wait-sleep-action@v1
        with:
          time: '10' # for 60 seconds
-      - name: Send HTTP request
-        id: request
+      - name: deploy-certd-demo
        uses: tyrrrz/action-http-request@master
        with:
          url: http://flow-openapi.aliyun.com/pipeline/webhook/lzCzlGrLCOHQaTMMt0mG
@@ -52,4 +54,14 @@ jobs:
          retry-count: 3
          retry-delay: 5000

-
+      - name: deploy-certd-doc
+        uses: tyrrrz/action-http-request@master
+        with:
+          url: http://flow-openapi.aliyun.com/pipeline/webhook/IiSxLDp9aOhgDUxJPytv
+          method: POST
+          body: |
+            {}
+          headers: |
+            Content-Type: application/json
+          retry-count: 3
+          retry-delay: 5000
--- a/.github/workflows/sync-to-gitee-dev.yml
+++ b/.github/workflows/sync-to-gitee-dev.yml
@@ -13,9 +13,10 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0
+          lfs: true
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
--- a/.github/workflows/sync-to-gitee.yml
+++ b/.github/workflows/sync-to-gitee.yml
@@ -13,9 +13,10 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout work repo            # 1. 检出当前仓库(certd-sync-work)
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
        with:
          fetch-depth: 0
+          lfs: true
      - name: Set git user                  # 2. 给git命令设置用户名和邮箱,↙↙↙ 改成你的name和email
        run: |
          git config --global user.name "xiaojunnuo"
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,5 @@ test/**/*.js
 /packages/ui/certd-server/data/db.sqlite
 /packages/ui/certd-server/data/keys.yaml
 /packages/pro/
+
+test.js
--- a/.npmrc
+++ b/.npmrc
@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,282 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+### Bug Fixes
+
+* 修复没有配置eab时，报order无法读取的问题 ([657a2ae](https://github.com/certd/certd/commit/657a2ae032e6f61ac27fbdd26c7bf169c041219e))
+* 修复授权被删除后，无法清空的bug ([b45977c](https://github.com/certd/certd/commit/b45977c29a29084c11e496bec3415eaaebafdd74))
+* mysql下access.setting字段改成text ([b7f5740](https://github.com/certd/certd/commit/b7f5740c57743914f754f3b4fdd94b59a2e8338c))
+
+### Performance Improvements
+
+* 点击版本红点按钮，跳转到升级帮助页面 ([454fbda](https://github.com/certd/certd/commit/454fbda581bbe22abca5b91e5086ea9d9d58a020))
+* 通知标题优化 ([ff083ce](https://github.com/certd/certd/commit/ff083ce6848a8bee3c8248e4b881086ae1517c28))
+* 支持腾讯虚拟机开关机([@wujingke](https://github.com/wujingke)) ([8039e8b](https://github.com/certd/certd/commit/8039e8baf83c82d03f1a6198cf61c372026b962b))
+* 支持aws cloudfront ([0ae39f1](https://github.com/certd/certd/commit/0ae39f160a7c6b6696b3bf513d68aa28905810ad))
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Bug Fixes
+
+* 修复lego No help topic for 错误 ([aaaf8d7](https://github.com/certd/certd/commit/aaaf8d7db34896cf8f2ff8f12eec1ab0cae58f0f))
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Bug Fixes
+
+* 顶部菜单变...的bug ([6dabad7](https://github.com/certd/certd/commit/6dabad76baba96be0f8af36a3fbfb9f5182aecf1))
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+* 授权加密支持解密查看 ([5575c83](https://github.com/certd/certd/commit/5575c839705f6987ad2bdcd33256b0962c6a9c6a))
+* 重置管理员密码同时启用管理员账户，避免之前禁用了，重置密码还是登录不进去 ([f92d918](https://github.com/certd/certd/commit/f92d918a1e28e29b794ad4754661ea760c18af46))
+
+## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复阿里云部署大杀器报插件_还未注册错误的bug ([abd2dcf](https://github.com/certd/certd/commit/abd2dcf2e85a545321bae6451406d081f773b132))
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/certd/certd/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+### Performance Improvements
+
+* 顶部菜单自定义 ([54d136c](https://github.com/certd/certd/commit/54d136cc6ae122f7c891b7a5c7232fe5de8e5cb5))
+* 禁用readonly用户 ([d10d42e](https://github.com/certd/certd/commit/d10d42e20619bb55a50d636b8867ff33db4e3b4b))
+* 限制其他用户流水线数量 ([315e437](https://github.com/certd/certd/commit/315e43746baf01682737f82e41579237a48409af))
+* 用户管理优化头像上传 ([661293c](https://github.com/certd/certd/commit/661293c189a3abf3cdc953b5225192372f57930d))
+
+## [1.26.13](https://github.com/certd/certd/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+### Bug Fixes
+
+* 修复对话框全屏按钮与关闭按钮重叠的bug ([95df56c](https://github.com/certd/certd/commit/95df56cc5ca5e3eb843cd17cb7078cde47729f1e))
+* deprecated的运行时不要报错，只报警告 ([bcbefaa](https://github.com/certd/certd/commit/bcbefaaa35cf6d0eec085b3a2c5bfc7c6a8de9e1))
+
+### Performance Improvements
+
+* 更新certd本身的证书文档说明 ([0c50ede](https://github.com/certd/certd/commit/0c50ede129337b82df54575cbd2f4c2a783a0732))
+* 支持同时监听https端口，7002 ([d5a17f9](https://github.com/certd/certd/commit/d5a17f9e6afd63fda2df0981118480f25a1fac2e))
+
+## [1.26.12](https://github.com/certd/certd/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+### Performance Improvements
+
+* 部署到阿里云任意云资源，阿里云部署大杀器 ([4075be7](https://github.com/certd/certd/commit/4075be7849b140acb92bd8da8a9acbf4eef85180))
+* 文件名特殊字符限制输入 ([c4164c6](https://github.com/certd/certd/commit/c4164c66e29f3ec799f98108a344806ca61e94ff))
+* 新增部署到百度云CDN插件 ([f126f9f](https://github.com/certd/certd/commit/f126f9f932d37fa01fff1accc7bdd17d349f8db5))
+* 新增部署到腾讯云CDN-v2，推荐使用 ([d782655](https://github.com/certd/certd/commit/d782655cb4dfbb74138178afbffeee76fc755115))
+* 优化cron选择器，增加下次触发时间显示 ([5b148b7](https://github.com/certd/certd/commit/5b148b7ed960ca6f7f5b733b2eadd56eeecbd4c2))
+* 支持部署到腾讯云COS ([a8a45d7](https://github.com/certd/certd/commit/a8a45d7f757820990e278533277a3deda5ba48f3))
+* 支持配置公共ZeroSSL授权 ([a90d1e6](https://github.com/certd/certd/commit/a90d1e68ee9cbc3705223457b8a86f071b150968))
+
+## [1.26.11](https://github.com/certd/certd/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/certd/certd/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+* 修复移动任务后出现空阶段的bug ([4ea3edd](https://github.com/certd/certd/commit/4ea3edd59e93ca4f5b2e43b20dd4ef33909caddb))
+* 修复google证书*.xx.com与xx.com同时申请时报错的bug ([f8b99b8](https://github.com/certd/certd/commit/f8b99b81a23e7e9fd5e05ebd5caf355c41d67a90))
+* 允许七牛云cdn插件输入.号开头的通配符域名 ([18ee87d](https://github.com/certd/certd/commit/18ee87daff6eafc2201b58e28d85aafd3cb7a5b9))
+
+### Performance Improvements
+
+* 申请证书启用新的反代地址 ([a705182](https://github.com/certd/certd/commit/a705182b85e51157883e48f23463263793bf3c12))
+* 优化日志颜色 ([1291e98](https://github.com/certd/certd/commit/1291e98e821c5b1810aab7f0aebe3f5f5cd44a20))
+* 优化证书申请速度和成功率，反代地址优化，google基本可以稳定请求。增加请求重试。 ([41d9c3a](https://github.com/certd/certd/commit/41d9c3ac8398def541e65351cbe920d4a927182d))
+* 优化pfx密码密码输入框，让浏览器不自动填写密码 ([ffeede3](https://github.com/certd/certd/commit/ffeede38afa70c5ff6f2015516bead23d2c4df87))
+
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)

 ### Bug Fixes
--- a/README.md
+++ b/README.md
@@ -5,99 +5,72 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系

 关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具

-
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     

 * 全自动申请证书（支持所有注册商注册的域名）
-* 全自动部署更新证书（目前支持部署到主机、部署到阿里云、腾讯云等，目前已支持30+部署插件）
-* 支持通配符域名/泛域名，支持多个域名打到一个证书上
-* 邮件通知
-* 私有化部署，保障数据安全
-* 支持sqlite，postgresql数据库
+* 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等，目前已支持40+部署插件）
+* 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
+* 邮件通知、webhook通知
+* 私有化部署，数据保存本地，镜像由Github Actions构建，过程公开透明
+* 支持SQLite，PostgreSQL、MySQL数据库
+
+


 ## 二、在线体验

 官方Demo地址，自助注册后体验    

-https://certd.handsfree.work/
+https://certd.handfree.work/

 > 注意数据将不定期清理，不定期停止定时任务，生产使用请自行部署    
 > 包含敏感信息，务必自己本地部署进行生产使用

-## 三、使用教程
-本案例演示，如何配置自动申请证书，并部署到阿里云CDN，然后快要到期前自动更新证书并重新部署     
+![首页](./docs/images/start/home.png)

-![演示](packages/ui/certd-client/public/static/doc/images/5-view.png)
-![演示](packages/ui/certd-client/public/static/doc/images/9-start.png)
-![演示](packages/ui/certd-client/public/static/doc/images/10-1-log.png)
+## 三、使用教程
+
+仅需3步，让你的证书永不过期
+
+### 1. 创建证书流水线
+![演示](packages/ui/certd-client/public/static/doc/images/1-add.png)
+
+> 添加成功后，就可以直接运行流水线申请证书了
+
+### 2. 添加部署任务
+当然我们一般需要把证书部署到应用上，certd支持海量的部署插件，您可以根据自身实际情况进行选择，比如部署到Nginx、阿里云、腾讯云、K8S、CDN、宝塔、1Panel等等
+
+此处演示部署证书到主机的nginx上    
+![演示](packages/ui/certd-client/public/static/doc/images/5-1-add-host.png)
+
+如果目前的部署插件都无法满足，您也可以手动下载，然后自行部署   
 ![演示](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
-![演示](packages/ui/certd-client/public/static/doc/images/13-1-result.png)
+
+### 3. 定时运行
+![演示](packages/ui/certd-client/public/static/doc/images/12-1-log-success.png)
+

 ↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓      
 -------> [点我查看详细使用步骤演示](./step.md)   <--------      
 ↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑     

-当前支持的部署插件列表
-![演示](./doc/images/plugins.png)
+更多教程请访问文档网站 [certd.docmirror.cn](https://certd.docmirror.cn/)
+
+

 ## 四、私有化部署

-由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全
+由于证书、授权信息等属于高度敏感数据，请务必私有化部署，保障数据安全    

-### 4.1 宝塔面板一键部署
+您可以根据实际情况从如下方式中选择一种方式进行私有化部署：

-1. 安装宝塔面板，前往 [宝塔面板](https://www.bt.cn/u/CL3JHS) 官网，选择9.2.0以上正式版的脚本下载安装
+1. [宝塔面板方式部署](https://certd.docmirror.cn/guide/install/docker/)
+2. [1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
+3. [Docker方式部署](https://certd.docmirror.cn/guide/install/docker/)
+4. [源码方式部署](https://certd.docmirror.cn/guide/install/source/)

-2. 安装后登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装
-
-3. 安装完成后在应用商店中找到`certd`（要先点右上角更新应用），点击安装，配置域名等基本信息即可完成安装
-
-### 4.2 宝塔面板容器编排部署
-
-[宝塔面板容器编排部署教程](./doc/deploy/baota/baota.md)
-
-### 4.3 Docker部署
-#### 1. 安装docker、docker-compose
-
-1.1 准备一台云服务器
-* 【阿里云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://www.aliyun.com/benefit?scm=20140722.M_10244282._.V_1&source=5176.11533457&userCode=qya11txb )】
-* 【腾讯云】云服务器2核2G，新老用户同享，99元/年，续费同价！【 [立即购买](https://cloud.tencent.com/act/cps/redirect?redirect=6094&cps_key=b3ef73330335d7a6efa4a4bbeeb6b2c9&from=console)】
-
-1.2 安装docker      
-
-https://docs.docker.com/engine/install/   
-选择对应的操作系统，按照官方文档执行命令即可   
-
-#### 2. 运行certd
-
-[docker-compose.yaml 下载](https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml)
-
-当前版本号： ![](https://img.shields.io/npm/v/%40certd%2Fpipeline)
-
-```bash
-# 随便创建一个目录
-mkdir certd
-# 进入目录
-cd certd
-# 下载docker-compose.yaml文件，或者手动下载放到certd目录下
-wget https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
-
-# 可以根据需要修改里面的配置
-# 1.修改镜像版本号【可选】
-# 2.配置数据保存路径【可选】
-# 3.修改端口号【可选】
-vi docker-compose.yaml # 【可选】
-
-# 启动certd
-docker compose up -d
-
-```
-> 如果提示 没有compose命令,请安装docker-compose   
-> https://docs.docker.com/compose/install/linux/
-
-#### 3. 镜像说明：
+#### Docker镜像说明：
 * 国内镜像地址:
  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`、`[version]-armv7`
@@ -109,25 +82,7 @@ docker compose up -d
 * 镜像构建通过`Actions`自动执行，过程公开透明，请放心使用
  * [点我查看镜像构建日志](https://github.com/certd/certd/actions/workflows/build-image.yml) 

-![](./doc/images/action-build.jpg)
-
-#### 4. 访问测试
-
-http://your_server_ip:7001    
-默认账号密码：admin/123456    
-记得修改密码   
-
-### 4.4 源码部署
-```shell
-# 克隆代码
-git clone https://github.com/certd/certd
-git checkout v1.26.7  # 这里换成最新版本号
-cd certd
-# 启动服务
-./start.sh  
-# 数据默认保存在 ./packages/ui/certd-server/data 目录下,注意数据备份
-```
-如果是windows，请先安装`git for windows` ，然后右键，选择`open git bash here`打开终端，再执行`./start.sh`命令
+![](./docs/images/action/action-build.jpg)


 ## 五、 升级
@@ -151,7 +106,7 @@ docker compose up -d


 ## 六、一些说明
-* 本项目ssl证书提供商为letencrypt
+* 本项目ssl证书提供商为letencrypt/Google/ZeroSSL
 * 申请过程遵循acme协议
 * 需要验证域名所有权，一般有两种方式（目前本项目仅支持dns-01）
  * http-01： 在网站根目录下放置一份txt文件
@@ -160,53 +115,31 @@ docker compose up -d
  * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
  * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 * 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
+* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署


 ## 七、不同平台的设置说明

-* [Cloudflare](./docs/plugins/cf/cf.md)
-* [腾讯云](./docs/plugins/tencent/tencent.md)
-* [windows主机](./docs/plugins/host/host.md)
-* [google证书](./docs/plugins/google/google.md)
-* [群晖部署certd及证书更新教程](./docs/plugins/synology/index.md)
-
-* [CNAME证书校验方式说明](./docs/feature/cname/index.md)
+* 已迁移到新的文档网站，请到常见问题章节查看
+* [最新文档站链接 https://certd.docmirror.cn](https://certd.docmirror.cn/)

 ## 八、问题处理
 ### 7.1 忘记管理员密码   
-解决方法如下：
-1. 修改docker-compose.yaml文件，将环境变量`certd_system_resetAdminPasswd`改为`true`
-```yaml
-services:
-  certd:
-    environment: # 环境变量
-      - certd_system_resetAdminPasswd=false
-```
-2. 重启容器
-```shell
-docker compose up -d
-docker logs -f --tail 500 certd
-# 观察日志，当日志中输出“重置1号管理员用户的密码完成”，即可操作下一步
-```
-3. 修改docker-compose.yaml，将`certd_system_resetAdminPasswd`改回`false`
-4. 再次重启容器
-```shell
-docker compose up -d
-```
-5. 使用`admin/123456`登录系统，请及时修改管理员密码
+[重置管理员密码方法](https://certd.docmirror.cn/guide/use/forgotpasswd/)

 ## 九、联系作者
 如有疑问，欢迎加入群聊（请备注certd）
-* QQ群：141236433
-* 微信群：   
-  ![](https://ai.handsfree.work/images/exchange_wxqroup.png)

+| 加群 | 微信群 | QQ群 |
+|---------|-------|-------|
+| 二维码 | <img height="230" src="./docs/guide/contact/images/wx.png"> | <img height="230" src="./docs/guide/contact/images/qq.png"> |
+
+也可以加作者好友
+
+| 加作者好友 | 微信 QQ                                                       |
+|---------|-------------------------------------------------------------|
+| 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |

-加作者好友
-<p align="center">
-<img height="230" src="./doc/images/me.png">
-</p>

 ## 十、捐赠
 ************************
@@ -222,18 +155,18 @@ https://afdian.com/a/greper

 专业版特权对比

-| 功能      | 免费版                    | 专业版                   |
-|---------|------------------------|-----------------------|
-| 免费证书申请  | 免费无限制                  | 免费无限制                 |
-| 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
-| 发邮件功能   | 需要配置                   | 免配置                   |
-| 证书流水线条数 | 10条                    | 无限制                   |
+| 功能      | 免费版               | 专业版                   |
+|---------|-------------------|-----------------------|
+| 免费证书申请  | 免费无限制             | 免费无限制                 |
+| 自动部署插件  | 阿里云、腾讯云、七牛云、主机部署等 | 支持群晖、宝塔、1Panel等，持续开发中 |
+| 发邮件功能   | 需要配置              | 免配置                   |
+| 证书流水线条数 | 10条               | 无限制                   |

 ************************

 ## 十一、贡献代码

-1. 本地开发 [贡献插件教程](./doc/dev/development.md)
+1. 本地开发 [贡献插件](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
   1. 可以调整开源协议以使其更严格或更宽松。
   2. 可以用于商业用途。
@@ -242,14 +175,17 @@ https://afdian.com/a/greper

 ## 十二、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
-* 允许个人和公司使用、复制、修改和分发本项目，禁止任何形式的商业用途 
+* 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。

 ## 十三、我的其他项目（求Star）
-* [袖手GPT](https://ai.handsfree.work/) ChatGPT，国内可用，无需FQ，每日免费额度
-* [fast-crud](https://gitee.com/fast-crud/fast-crud/) 基于vue3的crud快速开发框架
-* [dev-sidecar](https://github.com/docmirror/dev-sidecar/) 直连访问github工具，无需FQ，解决github无法访问的问题
+
+| 项目名称                                                    | stars                                                                                                 | 项目描述                              | 
+|---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------------|
+| [袖手AI](https://ai.handsfree.work/)                    |                                                                                                       | 袖手GPT，国内可用，无需FQ，每日免费额度            | 
+| [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
+| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |                       



--- a/build-dev.trigger
+++ b/build-dev.trigger
@@ -0,0 +1 @@
+1
--- a/build.trigger
+++ b/build.trigger
@@ -1 +1 @@
-07:17
+22:52
--- a/doc/deploy/baota/baota.md
+++ b/doc/deploy/baota/baota.md
@@ -1,32 +0,0 @@
-# 宝塔部署教程
-
-## 编排模版部署
-
-### 创建docker模版
-打开docker-compose.yaml，
-https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
-
-整个内容复制下来
-
-然后到宝塔里面进到docker的编排模版，新建模版
-![](./images/1.png)
-
-### 启动应用
-
-![img.png](./images/2.png)
-
-等待启动完成
-
-### 打开应用
-
-http://ip:7001
-
-
-## 二、一键应用部署
-需要宝塔9.2.0版本
-
-### 应用商店
-进入应用商店，更新应用列表
-
-### 搜索certd
-点击安装
--- a/doc/deploy/baota/images/1.png
+++ b/doc/deploy/baota/images/1.png
--- a/doc/deploy/baota/images/2.png
+++ b/doc/deploy/baota/images/2.png
--- a/doc/dev/development.md
+++ b/doc/dev/development.md
@@ -1,96 +0,0 @@
-# 本地开发
-欢迎贡献插件
-
-## 1.本地调试运行
-
-### 克隆代码
-```shell
-
-# 克隆代码
-git clone https://github.com/certd/certd
-
-#进入项目目录
-cd certd
-
-# 切换到最新版本代码
-git checkout v1.26.7  # 这里换成最新版本号
-
-```
-
-### 修改pnpm-workspace.yaml文件     
-重要：否则无法正确加载专业版的access和plugin
-```yaml
-# pnpm-workspace.yaml
-packages:
-   - 'packages/**'  # <--------------注释掉这一行，PR时不要提交此修改
-   - 'packages/ui/**'
-```
-
-### 安装依赖和初始化:
-```shell
-# 安装pnpm，如果提示npm命令不存在，就需要先安装nodejs
-npm install -g pnpm@8.15.7 --registry=https://registry.npmmirror.com
-
-# 使用国内镜像源，如果有代理，就不需要
-pnpm config set registry https://registry.npmmirror.com
-# 安装依赖
-pnpm install
-
-# 初始化构建
-npm run init
-```
-
-### 启动 server:    
-```shell
-cd packages/ui/certd-server
-npm run dev
-```
-
-### 启动 client:    
-```shell
-cd packages/ui/certd-client
-npm run dev
-
-# 会自动打开浏览器，确认正常运行
-
-```
-
-## 开发插件
-进入 `packages/ui/certd-server/src/plugins`
-
-### 1.复制`plugin-demo`目录作为你的插件目录
-比如你想做`cloudflare`的插件，那么你可以复制`plugin-demo`目录，将其命名成`plugin-cloudflare`。   
-以下均以`plugin-cloudflare`为例进行说明，你需要将其替换成你的插件名称
-
-### 2. access授权
-如果这是一个新的平台，它应该有授权方式，比如accessKey accessSecret之类的     
-参考`plugin-cloudflare/access.ts` 修改为你要做的平台的`access`
-这样用户就可以在`certd`后台中创建这种授权凭证了
-
-### 3. dns-provider
-如果域名是这个平台进行解析的，那么你需要实现dns-provider，（申请证书需要）    
-参考`plugin-cloudflare/dns-provider.ts` 修改为你要做的平台的`dns-provider`
-
-### 4. plugin-deploy
-如果这个平台有需要部署证书的地方     
-参考`plugin-cloudflare/plugins/plugin-deploy-to-xx.ts` 修改为你要做的平台的`plugin-deploy-to-xx`
-
-### 5. 增加导入
-在`plugin-cloudflare/index.ts`中增加你的插件的`import`
-```ts
-export * from './dns-provider'
-export * from './access'
-export * from './plugins/plugin-deploy-to-xx'
-````
-
-在`./src/plugins/index.ts`中增加`import`
-
-```ts
-export * from "./plugin-cloudflare.js"
-```
-
-## 重启服务进行调试
-刷新浏览器，检查你的插件是否工作正常， 确保能够正常进行证书申请和部署    
-
-## 提交PR
-我们将尽快审核PR
--- a/doc/images/action-build.jpg
+++ b/doc/images/action-build.jpg
--- a/doc/images/donate.png
+++ b/doc/images/donate.png
--- a/doc/images/me.png
+++ b/doc/images/me.png
--- a/doc/images/plugins.png
+++ b/doc/images/plugins.png
--- a/docker/run/docker-compose.yaml
+++ b/docker/run/docker-compose.yaml
@@ -11,40 +11,56 @@ services:
    ports: # 端口映射
      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号
      - "7001:7001"
-    dns:
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND等错误，可以尝试修改或注释dns配置
-      - 223.5.5.5
-      - 223.6.6.6
-      #  ↓↓↓↓ ---------------------------------------------------------- 如果你服务器部署在国外，可以用8.8.8.8替换上面的dns
-#      - 8.8.8.8
+      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
+      - "7002:7002"
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+#    dns:
+#      - 223.5.5.5      # 阿里云公共dns
+#      - 223.6.6.6
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器在腾讯云，可以用这个替换上面阿里云的公共dns
+#      - 119.29.29.29  # 腾讯云公共dns
+#      - 182.254.116.116
+#       # ↓↓↓↓ --------------------------------------------------------- 如果你服务器部署在国外，可以用这个替换上面阿里云的公共dns
+#      - 8.8.8.8       # 谷歌公共dns
 #      - 8.8.4.4
 #    extra_hosts:
-      #  ↓↓↓↓ ---------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
+#        # ↓↓↓↓ -------------------------------------------------------- 这里可以配置自定义hosts，外网域名可以指向本地局域网ip地址
 #      - "localdomain.comm:192.168.1.3"
-    environment: # 环境变量
-      - TZ=Asia/Shanghai
-      # 设置环境变量即可自定义certd配置
-      # 配置项见： packages/ui/certd-server/src/config/config.default.ts
-      # 配置规则： certd_ + 配置项, 点号用_代替

-                           #  ↓↓↓↓  ------------------------------------ 这里可以设置http代理
-      #- HTTPS_PROXY=http://xxxxxx:xx
-      #- HTTP_PROXY=http://xxxxxx:xx
-      #                               ↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
+    environment:
+#     设置环境变量即可自定义certd配置
+#     配置项见： packages/ui/certd-server/src/config/config.default.ts
+#     配置规则： certd_ + 配置项, 点号用_代替
+#                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
      - certd_system_resetAdminPasswd=false
-      #                                  ↓↓↓↓ -------------------------- 如果设置为true，启动后所有配置了cron的流水线任务都将被立即触发一次
-      - certd_cron_immediateTriggerOnce=false
-      #                            ↓↓↓↓ -------------------------------- 配置证书和key，则表示https方式启动，使用https协议访问，https://your.domain:7001
-      #- certd_koa_key=./data/ssl/cert.key
-      #- certd_koa_cert=./data/ssl/cert.crt
+#                                    #↓↓↓↓ ----------------------------- 使用postgresql数据库，需要提前创建数据库
+#      - certd_flyway_scriptDir=./db/migration-pg                        # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=postgres                  # 数据库类型
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=5433                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=postgres              # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名

-      #                             ↓↓↓↓ ------------------------------- 使用postgresql数据库
-#      - certd_flyway_scriptDir=./db/migration-pg               # 升级脚本目录
-#      - certd_typeorm_dataSource_default_type=postgres         # 数据库类型
-#      - certd_typeorm_dataSource_default_host=localhost        # 数据库地址
-#      - certd_typeorm_dataSource_default_port=5433             # 数据库端口
-#      - certd_typeorm_dataSource_default_username=postgres     # 用户名
-#      - certd_typeorm_dataSource_default_password=yourpasswd   # 密码
-#      - certd_typeorm_dataSource_default_database=certd        # 数据库名
+#                                    #↓↓↓↓ ----------------------------- 使用mysql数据库，需要提前创建数据库 charset=utf8mb4, collation=utf8mb4_bin
+#      - certd_flyway_scriptDir=./db/migration-mysql                     # 升级脚本目录
+#      - certd_typeorm_dataSource_default_type=mysql                     # 数据库类型， 或者 mariadb
+#      - certd_typeorm_dataSource_default_host=localhost                 # 数据库地址
+#      - certd_typeorm_dataSource_default_port=3306                      # 数据库端口
+#      - certd_typeorm_dataSource_default_username=root                  # 用户名
+#      - certd_typeorm_dataSource_default_password=yourpasswd            # 密码
+#      - certd_typeorm_dataSource_default_database=certd                 # 数据库名


+
+
+
+#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
+#    networks:
+#      - ip6net
+#networks:
+#  ip6net:
+#    enable_ipv6: true
+#    ipam:
+#      config:
+#        - subnet: 2001:db8::/64
--- a/docs/.vitepress/config.ts
+++ b/docs/.vitepress/config.ts
@@ -5,7 +5,7 @@ import lightbox from "vitepress-plugin-lightbox";
 // https://vitepress.dev/reference/site-config
 export default defineConfig({
  title: "Certd",
-  description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
+  description: "Certd帮助文档,Certd是一款开源免费的全自动SSL证书管理工具；证书自动化申请部署流水线；自动证书申请、更新、续期；通配符证书，泛域名证书申请；证书自动化部署到阿里云、腾讯云、主机、群晖、宝塔。",
  markdown: {
    config: (md) => {
      // Use lightbox plugin
@@ -23,9 +23,12 @@ export default defineConfig({
    // ],
    ["meta", {
      name: "keywords",
-      content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署"
+      content: "证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具、Certd、SSL证书自动部署、证书自动化，https证书，pfx证书，der证书，TLS证书，nginx证书自动续签自动部署,SSL平台，证书管理平台，证书流水线"
    }],
-    ["link", { rel: "icon", href: "/favicon.ico" }]
+    ["meta", { name: "google-site-verification",content: "V5XLTSnXoT15uQotwpxJoQolUo2d5UbSL-TacsyOsC0"}],
+      //<meta name="baidu-site-verification" content="codeva-MiWN8Y07Ua" />
+    ["meta", {name: "baidu-site-verification",content: "codeva-MiWN8Y07Ua"}],
+    ["link", { rel: "icon", href: "/static/logo/logo.svg" }]
  ],
  themeConfig: {
    logo: "/static/logo/logo.svg",
@@ -54,7 +57,7 @@ export default defineConfig({
    nav: [
      { text: "首页", link: "/" },
      { text: "指南", link: "/guide/" },
-      { text: "Demo体验", link: "https://certd.handsfree.work" }
+      { text: "Demo体验", link: "https://certd.handfree.work" }
    ],
    sidebar: {
      "/guide/": [
@@ -73,8 +76,8 @@ export default defineConfig({
                { text: "源码部署", link: "/guide/install/source/" }
              ]
            },
-            { text: "演示教程", link: "/guide/tutorial.md" }
-
+            { text: "演示教程", link: "/guide/tutorial.md" },
+            { text: "版本升级", link: "/guide/install/upgrade.md" }
          ]
        },
        {
@@ -91,8 +94,13 @@ export default defineConfig({
            { text: "腾讯云密钥获取", link: "/guide/use/tencent/" },
            { text: "连接windows主机", link: "/guide/use/host/windows.md" },
            { text: "Google EAB获取", link: "/guide/use/google/" },
+            { text: "阿里云相关", link: "/guide/use/aliyun/" },
            { text: "忘记密码", link: "/guide/use/forgotpasswd/" },
            { text: "数据备份", link: "/guide/use/backup/" },
+            { text: "Certd本身的证书更新", link: "/guide/use/https/index.md" },
+            { text: "js脚本插件使用", link: "/guide/use/custom-script/index.md" },
+            { text: "邮箱配置", link: "/guide/use/email/index.md" },
+            { text: "IPv6支持", link: "/guide/use/setting/ipv6.md" },
            { text: "如何贡献代码", link: "/guide/development/index.md" },
          ]
        },
--- a/docs/.vitepress/theme/index.ts
+++ b/docs/.vitepress/theme/index.ts
@@ -4,6 +4,11 @@ import type { Theme } from 'vitepress'
 import DefaultTheme from 'vitepress/theme'
 import './style.css'
 import Layout from './Layout.vue'
+
+import { registerAnalytics, siteIds, trackPageview } from './plugins/baidutongji'
+import { inBrowser } from "vitepress";
+
+
 export default {
  extends: DefaultTheme,
  Layout,
@@ -14,5 +19,17 @@ export default {
  // },
  enhanceApp({ app, router, siteData }) {
    // ...
+    if (inBrowser) {
+      registerAnalytics(siteIds)
+
+      window.addEventListener('hashchange', () => {
+        const { href: url } = window.location
+        trackPageview(siteIds, url)
+      })
+
+      router.onAfterRouteChanged = (to) => {
+        trackPageview(siteIds, to)
+      }
+    }
  }
 } satisfies Theme
--- a/docs/.vitepress/theme/plugins/baidutongji.ts
+++ b/docs/.vitepress/theme/plugins/baidutongji.ts
@@ -0,0 +1,49 @@
+import { inBrowser } from 'vitepress'
+
+/**
+ * 统计站点的 ID 列表
+ */
+export const siteIds = 'a6ce877a899ae44292e4f854a53d688e'
+
+declare global {
+  interface Window {
+    _hmt: any
+  }
+}
+
+/**
+ * 注册统计
+ */
+export function registerAnalytics(siteId: string) {
+  if (!inBrowser)
+    return
+  if (document.querySelector(`#analytics-plugin-${siteId}`))
+    return
+  window._hmt = window._hmt ? window._hmt : []
+  const script = document.createElement('script')
+  script.id = `analytics-${siteId}`
+  script.async = true
+  script.src = `https://hm.baidu.com/hm.js?${siteId}`
+  document.querySelector('head')?.appendChild(script)
+}
+
+/**
+ * 上报 PV 数据
+ * @param siteId - 站点 ID
+ * @param pageUrl - 页面 URL
+ */
+export function trackPageview(siteId: string, pageUrl: string) {
+  if (!inBrowser)
+    return
+  if (!pageUrl || typeof pageUrl !== 'string')
+    pageUrl = '/'
+
+  if (pageUrl.startsWith('http')) {
+    const urlFragment = pageUrl.split('/')
+    const origin = `${urlFragment[0]}//${urlFragment[2]}`
+    pageUrl = pageUrl.replace(origin, '')
+  }
+
+  window._hmt.push(['_setAccount', siteId])
+  window._hmt.push(['_trackPageview', pageUrl])
+}
--- a/docs/guide/changelogs/CHANGELOG.md
+++ b/docs/guide/changelogs/CHANGELOG.md
@@ -3,6 +3,284 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Bug Fixes
+
+* 修复创建流水线通知设置无效的bug ([498cf34](https://github.com/certd/certd/commit/498cf34999fddfa24ce088e2e678469fa669abb8))
+* 修复流水线分组可以被所有人看见的bug ([a0e838d](https://github.com/certd/certd/commit/a0e838d1eec918e5dc92fe95dc72ac14facb930e))
+
+### Performance Improvements
+
+* 优化数据表索引 ([228fdf0](https://github.com/certd/certd/commit/228fdf0a0d28013f5dd156a97bbde80537e8e97e))
+* 支持mysql ([7cde1fd](https://github.com/certd/certd/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Bug Fixes
+
+* 修复cname排查方法 nslookup命令显示黑色的问题 ([3dfeeec](https://github.com/certd/certd/commit/3dfeeec899d7d0d7292695ce410f78548e076c03))
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+* 新增七牛云插件分组 ([49e7dc5](https://github.com/certd/certd/commit/49e7dc56e1a95fbdea3e30cdeb945b48415b69e3))
+* 新增server酱3通知 ([6aa4872](https://github.com/certd/certd/commit/6aa487269c9f6862e188b37a0d6c73f79c937d94))
+* 支持邀请奖励 ([618ec93](https://github.com/certd/certd/commit/618ec937866b24ebcf8164db43acb1ed66a5b329))
+* 支持易发云短信 ([94fa77f](https://github.com/certd/certd/commit/94fa77fcd2b9bea294fb05736c0d8cdc81f56103))
+* cname value优化 ([e8c9c2a](https://github.com/certd/certd/commit/e8c9c2a47d47048ae743b16f7bc932dbe18a89e9))
+* favicon支持自定义 ([8b9c47d](https://github.com/certd/certd/commit/8b9c47daf194515006689a212ae9cf586bdf5993))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Bug Fixes
+
+* 修复自定义webhook contextType的bug ([7e5ea0c](https://github.com/certd/certd/commit/7e5ea0cee003acda952d922ca70592f1e8a2ed80))
+
+### Features
+
+* 手机号登录、邮箱验证码注册 ([7b55337](https://github.com/certd/certd/commit/7b55337c5edb470cca7aa62201eda8d274784004))
+
+### Performance Improvements
+
+* 部署到IIS插件 ([1534f45](https://github.com/certd/certd/commit/1534f4523633265d219d7b3a249a9ea1af99c512))
+* 登录失败增加重试次数限制及冷却时间 ([954b6df](https://github.com/certd/certd/commit/954b6df3608695fe074130f8149a33e311d80cc4))
+* 流水线支持批量修改分组，批量删除 ([a847e66](https://github.com/certd/certd/commit/a847e66c4fc843b98f1520b2b8072d3586ce8b81))
+* 取消docker-compose的dns配置 ([87bbf6f](https://github.com/certd/certd/commit/87bbf6f14080b9fa287c250d7fc4d33279c83ff7))
+* 首页新增修改密码提示 ([0772d3b](https://github.com/certd/certd/commit/0772d3b3fd24afdde4086d9f09ef19d037b431b4))
+* 选项显示图标 ([aedc462](https://github.com/certd/certd/commit/aedc46213571a3bd93809b7af7fa17a08d546237))
+* 优化七牛云cdn，获取域名列表可以选择 ([5a20242](https://github.com/certd/certd/commit/5a20242111d6bd255b25dac86fe1f062c8543096))
+* 优化七牛云cdn部署，保持http2和forceHttp设置，当未开启https时，主动开启https ([196f7d9](https://github.com/certd/certd/commit/196f7d9dc23d7dd96b663c686542e85270b81aef))
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+* 支持威联通证书部署 ([0d8913e](https://github.com/certd/certd/commit/0d8913ea2f56fdebbcc9bb207eae59e8ddbb8cad))
+* 自定义webhook显示详细的错误信息 ([3254afc](https://github.com/certd/certd/commit/3254afc75640eed3729d0fc02a818fefbe5c7fc3))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+### Performance Improvements
+
+* 通知支持自定义webhook、anpush、iyuu、server酱 ([cbccd9e](https://github.com/certd/certd/commit/cbccd9e3d0a4c24aba772af62734666d40b22c57))
+* 通知支持vocechat、bark、telegram、discord、slack ([642f57f](https://github.com/certd/certd/commit/642f57ff6d7152a9e14f59c7fc0e32a6b1751fb7))
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package root
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+### Bug Fixes
+
+* 修复关键字查询bug ([fab6660](https://github.com/certd/certd/commit/fab66606b35a540fac31fee902331ba1ffdebc16))
+* 修复CNAME时子域名级数超出限制的问题 ([3af6d96](https://github.com/certd/certd/commit/3af6d96e6e353c9b2111cff81679b79c55195a0a))
+
+### Performance Improvements
+
+* 谷歌EAB绑定邮箱改成必填 ([81a8123](https://github.com/certd/certd/commit/81a8123725d7bf4bd6a32a64a066bd760b7b6a7f))
+* 华为云密钥获取提示及访问链接 ([de43391](https://github.com/certd/certd/commit/de43391e4c12dc3ad976f8fa8787f4eb70a41e75))
+* 通知管理 ([d9a00ee](https://github.com/certd/certd/commit/d9a00eeaf72735ced67c59d7983d84e3c730064a))
+* 通知渠道支持测试按钮 ([b54ae27](https://github.com/certd/certd/commit/b54ae272ebc2d31b32b049d44e2299a6be7f153c))
+* 优化插件开发，dnsProvider无需写http logger 变量 ([fcbb5e4](https://github.com/certd/certd/commit/fcbb5e46a112174150a62648319b8224fce3b7ed))
+* 支持部署到阿里云WAF ([c96fcb7](https://github.com/certd/certd/commit/c96fcb7afced979435cffa73591275008033c90d))
+* 支持企业微信群聊机器人通知 ([b805a29](https://github.com/certd/certd/commit/b805a2925984144a31575b8aaa622f0c30d41b56))
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+### Bug Fixes
+
+* .env 读取 \r 问题 ([0e33dfa](https://github.com/certd/certd/commit/0e33dfa019a55ea76193c428ec756af386adeb9d))
+* 修复vip试用secret报错的bug ([018dee6](https://github.com/certd/certd/commit/018dee6c383233560f078dfd30f6c2857a7e15ee))
+
+### Performance Improvements
+
+* 当步骤全部都禁用时，任务本身显示删除线 ([9ab9a6e](https://github.com/certd/certd/commit/9ab9a6e8b083e19793894f23e59f29c604ec98e5))
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Bug Fixes
+
+* 修复1Panel面板本身证书更新导致判定执行失败的问题 ([2689e6d](https://github.com/certd/certd/commit/2689e6d6c03aba21da90d5d45232c6ba08696be1))
+* 修复角色无法删除的bug ([66629a5](https://github.com/certd/certd/commit/66629a591aecc2d8364ea415c7afc3f9d0406562))
+* 修复Cname情况下，无法使用DNS类型的bug ([26dad39](https://github.com/certd/certd/commit/26dad399d5768b3205da099ddc11809aef7d6224))
+
+### Performance Improvements
+
+* 日志查看自动滚动到底部 ([4a2f7eb](https://github.com/certd/certd/commit/4a2f7ebf87b7c027cebff7cb763f8f35f6d2aa36))
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+* 支持namesilo ([80159ec](https://github.com/certd/certd/commit/80159ecca895103d0495f3217311199e66056572))
+* 专业版试用，无需绑定账号 ([c7c4318](https://github.com/certd/certd/commit/c7c4318c11b65a76089787aa58939832d338a232))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+### Bug Fixes
+
+* 修复未设置pfx密码，导致jks转换报错的bug ([c3cfbd8](https://github.com/certd/certd/commit/c3cfbd8474155aed4379f91075de37d5d8c73ef0))
+
+### Performance Improvements
+
+* 公共cname服务支持关闭 ([f4ae512](https://github.com/certd/certd/commit/f4ae5125dc4cd97816976779cb3586b5ee78947e))
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复偶发性cname一直验证超时的bug ([d2ce72e](https://github.com/certd/certd/commit/d2ce72e4aaacdf726ba8b91fcd71db40a27714ba))
+* 修复邮件配置，忽略证书校验设置不生效的bug ([66a9690](https://github.com/certd/certd/commit/66a9690dc958732e1b3c672d965db502296446f9))
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+### Performance Improvements
+
+* 修复站点个性化，浏览器标题没有生效的bug ([bcfac02](https://github.com/certd/certd/commit/bcfac02c96ceaf23d1a0b05b48d8047da933beaf))
+* 优化上传到主机插 路径选择，根据证书格式显示 ([8c3f86c](https://github.com/certd/certd/commit/8c3f86c6909ed91f48bb2880e78834e22f6f6a29))
+* 支持jks ([889eaae](https://github.com/certd/certd/commit/889eaaea92818f628b922dae540c026630611707))
+* ipv6支持 ([da6ac16](https://github.com/certd/certd/commit/da6ac1626b3574be2fabeeb18a1f10d60bdcbe49))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Bug Fixes
+
+* 修复某些容器管理ui无法识别端口列表的bug ([576e60a](https://github.com/certd/certd/commit/576e60a2b52315909e659d2a58cf98b130e69e6f))
+* 修复删除腾讯云过期证书时间判断上的bug，导致已过期仍然没有删除证书 ([1ba1007](https://github.com/certd/certd/commit/1ba10072615015d91b81fc56a3b01dae6a2ae9d1))
+
+### Performance Improvements
+
+* 优化部署到阿里云CDN插件，支持多域名，更易用 ([80c500f](https://github.com/certd/certd/commit/80c500f618b169a1f64c57fe442242a4d0d9d833))
+* 优化流水线页面切换回来不丢失查询条件 ([4dcf6e8](https://github.com/certd/certd/commit/4dcf6e87bc5f7657ce8a56c5331e8723a0fee8ee))
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+* 执行历史支持点击查看流水线详情 ([8968639](https://github.com/certd/certd/commit/89686399f90058835435b92872fc236fac990148))
+* 专业版7天试用 ([c58250e](https://github.com/certd/certd/commit/c58250e1f065a9bd8b4e82acc1df754504c0010c))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Bug Fixes
+
+* 修复头像没有更新的bug ([9b4a31f](https://github.com/certd/certd/commit/9b4a31fa6a32b9cab2e22bd141cf96ca29120445))
+
+### Performance Improvements
+
+* 禁止页面缓存，点击tab页签可以刷新数据 ([7ad4b55](https://github.com/certd/certd/commit/7ad4b55ee000c1dd0747832b11107f32b0ffb889))
+* 优化时间选择器，自动填写分钟和秒钟 ([396dc34](https://github.com/certd/certd/commit/396dc34a841c7d016b033736afdba8366fb2d211))
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+### Bug Fixes
+
+* 修复历史记录不能按名称查询的bug ([6113c38](https://github.com/certd/certd/commit/6113c388b7fc58b11ca19ff05cc1286d096c8d28))
+* pfx兼容windows server 2016 ([e5e468a](https://github.com/certd/certd/commit/e5e468a463f66d02f235de54b7c1e09ace5f1cb1))
+
+### Features
+
+* 首页全新改版 ([63ec5b5](https://github.com/certd/certd/commit/63ec5b5519c760a3330569c0da6dac157302a330))
+
+### Performance Improvements
+
+* 管理控制台数据统计 ([babd589](https://github.com/certd/certd/commit/babd5897ae013ff7c04ebfcbfac8a00d84dd627c))
+* 增加向导 ([6d9ef26](https://github.com/certd/certd/commit/6d9ef26ecab71d752c2c55d75aed4fb5f6c05a39))
+* lego 升级到 4.19.2 ([129bf53](https://github.com/certd/certd/commit/129bf53edc9bbb001fe49fbd7e239bd1d09cc128))
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Bug Fixes
+
+* 修复lego No help topic for 错误 ([aaaf8d7](https://github.com/certd/certd/commit/aaaf8d7db34896cf8f2ff8f12eec1ab0cae58f0f))
+
+### Performance Improvements
+
+* 支持白山云cdn部署 ([b1b2cd0](https://github.com/certd/certd/commit/b1b2cd088b684eda764962abd61754c26a204d1c))
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+### Bug Fixes
+
+* 顶部菜单变...的bug ([6dabad7](https://github.com/certd/certd/commit/6dabad76baba96be0f8af36a3fbfb9f5182aecf1))
+
+### Performance Improvements
+
+* 默认证书更新时间设置为35天，增加腾讯云删除过期证书插件，可以避免腾讯云过期证书邮件 ([51b6fed](https://github.com/certd/certd/commit/51b6fed468eaa6f28ce4497ce303ace1a52abb96))
+* 授权加密支持解密查看 ([5575c83](https://github.com/certd/certd/commit/5575c839705f6987ad2bdcd33256b0962c6a9c6a))
+* 重置管理员密码同时启用管理员账户，避免之前禁用了，重置密码还是登录不进去 ([f92d918](https://github.com/certd/certd/commit/f92d918a1e28e29b794ad4754661ea760c18af46))
+
+## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复阿里云部署大杀器报插件_还未注册错误的bug ([abd2dcf](https://github.com/certd/certd/commit/abd2dcf2e85a545321bae6451406d081f773b132))
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/certd/certd/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+### Performance Improvements
+
+* 顶部菜单自定义 ([54d136c](https://github.com/certd/certd/commit/54d136cc6ae122f7c891b7a5c7232fe5de8e5cb5))
+* 禁用readonly用户 ([d10d42e](https://github.com/certd/certd/commit/d10d42e20619bb55a50d636b8867ff33db4e3b4b))
+* 限制其他用户流水线数量 ([315e437](https://github.com/certd/certd/commit/315e43746baf01682737f82e41579237a48409af))
+* 用户管理优化头像上传 ([661293c](https://github.com/certd/certd/commit/661293c189a3abf3cdc953b5225192372f57930d))
+
+## [1.26.13](https://github.com/certd/certd/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+### Bug Fixes
+
+* 修复对话框全屏按钮与关闭按钮重叠的bug ([95df56c](https://github.com/certd/certd/commit/95df56cc5ca5e3eb843cd17cb7078cde47729f1e))
+* deprecated的运行时不要报错，只报警告 ([bcbefaa](https://github.com/certd/certd/commit/bcbefaaa35cf6d0eec085b3a2c5bfc7c6a8de9e1))
+
+### Performance Improvements
+
+* 更新certd本身的证书文档说明 ([0c50ede](https://github.com/certd/certd/commit/0c50ede129337b82df54575cbd2f4c2a783a0732))
+* 支持同时监听https端口，7002 ([d5a17f9](https://github.com/certd/certd/commit/d5a17f9e6afd63fda2df0981118480f25a1fac2e))
+
+## [1.26.12](https://github.com/certd/certd/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+### Performance Improvements
+
+* 部署到阿里云任意云资源，阿里云部署大杀器 ([4075be7](https://github.com/certd/certd/commit/4075be7849b140acb92bd8da8a9acbf4eef85180))
+* 文件名特殊字符限制输入 ([c4164c6](https://github.com/certd/certd/commit/c4164c66e29f3ec799f98108a344806ca61e94ff))
+* 新增部署到百度云CDN插件 ([f126f9f](https://github.com/certd/certd/commit/f126f9f932d37fa01fff1accc7bdd17d349f8db5))
+* 新增部署到腾讯云CDN-v2，推荐使用 ([d782655](https://github.com/certd/certd/commit/d782655cb4dfbb74138178afbffeee76fc755115))
+* 优化cron选择器，增加下次触发时间显示 ([5b148b7](https://github.com/certd/certd/commit/5b148b7ed960ca6f7f5b733b2eadd56eeecbd4c2))
+* 支持部署到腾讯云COS ([a8a45d7](https://github.com/certd/certd/commit/a8a45d7f757820990e278533277a3deda5ba48f3))
+* 支持配置公共ZeroSSL授权 ([a90d1e6](https://github.com/certd/certd/commit/a90d1e68ee9cbc3705223457b8a86f071b150968))
+
+## [1.26.11](https://github.com/certd/certd/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/certd/certd/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+* 修复移动任务后出现空阶段的bug ([4ea3edd](https://github.com/certd/certd/commit/4ea3edd59e93ca4f5b2e43b20dd4ef33909caddb))
+* 修复google证书*.xx.com与xx.com同时申请时报错的bug ([f8b99b8](https://github.com/certd/certd/commit/f8b99b81a23e7e9fd5e05ebd5caf355c41d67a90))
+* 允许七牛云cdn插件输入.号开头的通配符域名 ([18ee87d](https://github.com/certd/certd/commit/18ee87daff6eafc2201b58e28d85aafd3cb7a5b9))
+
+### Performance Improvements
+
+* 申请证书启用新的反代地址 ([a705182](https://github.com/certd/certd/commit/a705182b85e51157883e48f23463263793bf3c12))
+* 优化日志颜色 ([1291e98](https://github.com/certd/certd/commit/1291e98e821c5b1810aab7f0aebe3f5f5cd44a20))
+* 优化证书申请速度和成功率，反代地址优化，google基本可以稳定请求。增加请求重试。 ([41d9c3a](https://github.com/certd/certd/commit/41d9c3ac8398def541e65351cbe920d4a927182d))
+* 优化pfx密码密码输入框，让浏览器不自动填写密码 ([ffeede3](https://github.com/certd/certd/commit/ffeede38afa70c5ff6f2015516bead23d2c4df87))
+
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+### Bug Fixes
+
+* 修复cname服务普通用户access访问权限问题 ([c1e3e2e](https://github.com/certd/certd/commit/c1e3e2ee1f923ee5806479dd5f178c3286a01ae0))
+
+## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)
+
+### Bug Fixes
+
+* 修复普通用户无法校验cname配置的bug ([6285497](https://github.com/certd/certd/commit/62854978bf0bdbe749b42f8e40ab227ab31ec92f))
+* 修复切换普通用户登录时，左侧菜单没有同步更新的bug ([12116a8](https://github.com/certd/certd/commit/12116a89f43cf8b98f16d2ea6073f6b72a643215))
+* 修正邮箱设置跳转路由 ([17d8890](https://github.com/certd/certd/commit/17d88900a1f0e3af609b74597f5b1978230db32d))
+
+### Performance Improvements
+
+* 触发证书重新申请input变化对比规则优化，减少升级版本后触发申请证书的情况 ([c46a2a9](https://github.com/certd/certd/commit/c46a2a9a399c2a9a8bb59a48b9fb6e93227cce9b))
+* 任务下所有步骤都跳过时，整个任务显示跳过 ([84fd3b2](https://github.com/certd/certd/commit/84fd3b250dd1161ea06c5582fdadece4b29c2e53))
+* 授权配置去除前后空格 ([57d8d48](https://github.com/certd/certd/commit/57d8d48046fbf51c52b041d2dec03d51fb018587))
+* 数据库备份插件，先压缩再备份 ([304ef49](https://github.com/certd/certd/commit/304ef494fd5787c996ad0dcb6edd2f517afce9e2))
+* 优化菜单 ([1f4f157](https://github.com/certd/certd/commit/1f4f15757de1015cf7563f7022599eef58cc93d7))
+* 增加文档站 https://certd.docmirror.cn ([6e2ac1c](https://github.com/certd/certd/commit/6e2ac1c089f6ddccb396f1f2738509c05333e1bb))
+
 ## [1.26.8](https://github.com/certd/certd/compare/v1.26.7...v1.26.8) (2024-10-15)

 ### Bug Fixes
--- a/docs/guide/contact/index.md
+++ b/docs/guide/contact/index.md
@@ -2,19 +2,14 @@

 ## 1. 交流群
 如有疑问，欢迎加入群聊（请备注certd）
-###  QQ群：141236433    
-<p align="center">
-<img height="230" src="./images/qq.png">
-</p>
-
-
-### 微信群： 
-<p align="center">
-<img height="230" src="./images/wx.png">
-</p>
+如有疑问，欢迎加入群聊（请备注certd）

+| 加群 | 微信群 | QQ群 |
+|---------|-------|-------|
+| 二维码 | <img height="230" src="./images/wx.png"> | <img height="230" src="./images/qq.png"> |

 ## 2. 加作者好友
-<p align="center">
-<img height="230" src="./images/me.png">
-</p>
+
+| 加作者好友 | 微信 QQ                                                       |
+|---------|-------------------------------------------------------------|
+| 二维码 | <img height="230" src="./images/me.png"> |
--- a/docs/guide/development/index.md
+++ b/docs/guide/development/index.md
@@ -1,20 +1,19 @@
 # 本地开发
 欢迎贡献插件

-## 1.本地调试运行
+建议nodejs版本 `20.x` 及以上
+
+## 一、本地调试运行

 ### 克隆代码
 ```shell

 # 克隆代码
-git clone https://github.com/certd/certd
+git clone https://github.com/certd/certd --depth=1

 #进入项目目录
 cd certd

-# 切换到最新版本代码
-git checkout v1.26.7  # 这里换成最新版本号
-
 ```

 ### 修改pnpm-workspace.yaml文件
@@ -55,7 +54,7 @@ npm run dev

 ```

-## 开发插件
+## 二、开发插件
 进入 `packages/ui/certd-server/src/plugins`

 ### 1.复制`plugin-demo`目录作为你的插件目录
@@ -89,8 +88,22 @@ export * from './plugins/plugin-deploy-to-xx'
 export * from "./plugin-cloudflare.js"
 ```

-## 重启服务进行调试
+### 6. 重启服务进行调试
 刷新浏览器，检查你的插件是否工作正常， 确保能够正常进行证书申请和部署

-## 提交PR
+## 三、提交PR
 我们将尽快审核PR
+
+## 四、 注意事项
+### 1.  如何让任务报错停止
+
+```js
+// 抛出异常即可使任务停止，否则会判定为成功
+throw new Error("错误信息")
+```
+
+
+## 五、贡献插件送激活码
+
+- PR要求，插件功能完整，代码规范
+- PR通过后，联系我们，送您一个半年期专业版激活码
--- a/docs/guide/feature/cname/index.md
+++ b/docs/guide/feature/cname/index.md
@@ -11,7 +11,7 @@

 ## 2. 原理
 * 假设你要申请证书的域名叫：`cert.com` ,它是在`Certd`不支持的服务商注册的
-* 假设你还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
+* 假设我们还有另外一个域名叫：`proxy.com`，它是在`Certd`支持的服务商注册的。
 * 当我们按照如下进行配置时
 ```
                  CNAME记录（手动、固定）           TXT记录（自动、随机）
@@ -19,23 +19,21 @@ _acme-challenge.cert.com ---> xxxxx.cname.proxy.com ----> txt-record-abcdefg
   
 ```
 * 证书颁发机构就可以从`_acme-challenge.cert.com`查到TXT记录 `txt-record-abcdefg`，从而完成域名所有权校验。
-* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd`可以自动添加的。
-* 剩下的只需要在你的`proxy.com`域名中手动添加一条固定的`CNAME解析`即可
+* 以上可以看出 `xxxxx.cname.proxy.com ----> txt-record-abcdefg` 这一段`Certd` 是可以自动添加的。
+* 剩下的只需要在你的`cert.com`域名中手动添加一条固定的`CNAME解析`即可
                         

 ## 3. Certd CNAME使用步骤

-1. 准备`一个`支持的服务商的注册的域名（`proxy.com`），或者将你众多域名其中`一个`的`DNS服务器`转到这几家服务商。
-2. 然后到`Certd`的 `CNAME服务管理`界面，用`cname.proxy.com`创建一条默认的CNAME服务，提供DNS提供商授权。
-   ![](./images/cname1.png)
-2. 然后创建证书流水线，输入`cert.com`，选择`CNAME`校验方式
-  
-3. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
+
+1. 创建证书流水线，输入你要申请证书的域名，假设就是`cert.com`，然后选择`CNAME`校验方式
+2. 此时需要配置验证计划，Certd会生成一个随机的CNAME记录模版，例如：`_acme-challenge`->`xxxxxx.cname.proxy.com`
   ![](./images/cname2.png)
-3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击校验，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
+3. 您需要手动在你的`cert.com`域名中添加CNAME解析，点击验证，校验成功后就可以开始申请证书了 (此操作每个域名只需要做一次，后续可以重复使用，注意不要删除添加的CNAME记录)
   ![](./images/cname3.png)
   ![](./images/cname4.png)
 4. 申请过程中，Certd会在`xxxxxx.cname.proxy.com`下自动添加TXT记录。 
+5. 到此即可自动化申请证书了



--- a/docs/guide/index.md
+++ b/docs/guide/index.md
@@ -14,7 +14,7 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上
 * 邮件通知
 * 私有化部署，保障数据安全
-* 支持sqlite，postgresql数据库
+* 支持SQLite、Postgresql、MySQL数据库


 ## 二、一些说明
@@ -26,5 +26,9 @@ Certd 是一款开源、免费、全自动申请和部署更新SSL证书的工
    * 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
    * 我们所说的续期，其实就是按照全套流程重新申请一份新证书，然后重新部署上去。
 * 免费证书过期时间90天，以后可能还会缩短，所以自动化部署必不可少
-* 设置每天自动运行，当证书过期前20天，会自动重新申请证书并部署
+* 设置每天自动运行，当证书过期前35天，会自动重新申请证书并部署

+## 三、证书颁发机构对比
+* Let's Encrypt：申请最简单。
+* Google: 大厂光环，兼容性好，首次需要翻墙获取EAB。
+* ZeroSSL： 需要EAB，获取EAB无需翻墙。
--- a/docs/guide/install/1panel/index.md
+++ b/docs/guide/install/1panel/index.md
@@ -23,8 +23,11 @@ https://1panel.cn/docs/installation/online_installation/

 3. 访问测试

-http://ip:7001
-
+http://ip:7001   
+https://ip:7002   
+默认账号密码      
+admin/123456     
+登录后请及时修改密码  

 ## 三、升级

@@ -42,3 +45,7 @@ http://ip:7001

 > 默认数据保存在`/data/certd`目录下，可以手动备份    
 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
+
+## 五、备份恢复
+
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可
--- a/docs/guide/install/baota/images/upgrade.png
+++ b/docs/guide/install/baota/images/upgrade.png
--- a/docs/guide/install/baota/index.md
+++ b/docs/guide/install/baota/index.md
@@ -31,19 +31,26 @@

 ## 二、访问应用

-http://ip:7001
-
+http://ip:7001    
+https://ip:7002     
+默认账号密码    
+admin/123456   
+登录后请及时修改密码

 ## 三、如何升级

-### 1. 通用方式
+### 1. 应用商店安装，直接更新镜像即可
+`docker`->`容器编排`->`左侧选择Certd-xxxx`->`更新镜像`
+![img.png](./images/upgrade.png)

-先主机上拉取最新镜像，然后面板上重启容器
+
+### 2. latest更新方式
+在主机上拉取最新镜像，然后面板上重启容器
 ```shell
 docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 ```

-### 2. 固定版本号方式
+### 3. 固定版本号方式

 修改容器编排模版中的镜像版本号，然后面板上重启容器
 ```shell
@@ -71,3 +78,7 @@ services:
 ### 4.3 自动备份

 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
+
+## 五、备份恢复
+
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可
--- a/docs/guide/install/docker/index.md
+++ b/docs/guide/install/docker/index.md
@@ -41,13 +41,14 @@ docker compose up -d

 > 如果提示 没有docker compose命令,请安装docker-compose   
 > https://docs.docker.com/compose/install/linux/   
-> 然后使用 `docker-compose up -d` 启动
+

 ### 3. 访问测试

-http://your_server_ip:7001    
-默认账号密码：admin/123456    
-记得修改密码
+http://your_server_ip:7001   
+https://your_server_ip:7002   
+默认账号密码：admin/123456     
+记得修改密码  


 ## 二、升级
@@ -64,6 +65,10 @@ docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
 docker compose down
 docker compose up -d
 ```
-
+## 三、数据备份
 > 数据默认存在`/data/certd`目录下，不用担心数据丢失   
 > 建议配置一条[数据库备份流水线](../../use/backup/) 自动备份
+
+## 四、备份恢复
+
+将备份的`db.sqlite`及同目录下的其他文件一起覆盖到原来的位置，重启certd即可
--- a/docs/guide/install/source/index.md
+++ b/docs/guide/install/source/index.md
@@ -1,11 +1,14 @@
 # 源码部署
-
+不推荐
 ## 一、源码安装
+
+### 环境要求
+- nodejs 20 及以上
 ### 源码启动
 ```shell
 # 克隆代码
 git clone https://github.com/certd/certd
-# git checkout v1.x.x  # 1.x.x换成最新版本号，当v2主干分支代码无法正常启动时，可以尝试此命令
+# git checkout v1.x.x  # 当v2主干分支代码无法正常启动时，可以尝试此命令，1.x.x换成最新版本号
 cd certd
 # 启动服务
 ./start.sh  
@@ -17,7 +20,8 @@ cd certd

 ### 访问测试

-http://your_server_ip:7001    
+http://your_server_ip:7001  
+https://your_server_ip:7002   
 默认账号密码：admin/123456    
 记得修改密码

@@ -25,16 +29,26 @@ http://your_server_ip:7001
 ## 二、升级

 ```shell
-# 更新代码并启动
+
 cd certd
+# 确保数据安全，备份一下数据
+cp -rf ./packages/ui/certd-server/data ../certd-data-backup
+
 git pull
+# 如果提示pull失败，可以尝试强制更新
+# git checkout v2 -f && git pull 
+
 # 先停止旧的服务,7001是certd的默认端口
 kill -9 $(lsof -t -i:7001)
 # 重新编译启动
 ./start.sh
 ```
+
+## 三、数据备份
 > 数据默认保存在 `./packages/ui/certd-server/data` 目录下    
 > 建议配置一条[数据库备份流水线](../../use/backup/)  自动备份


+## 四、备份恢复

+将备份的`db.sqlite`及同目录下的其他文件覆盖到原来的位置，重启certd即可
--- a/docs/guide/install/upgrade.md
+++ b/docs/guide/install/upgrade.md
@@ -0,0 +1,12 @@
+# 版本升级
+
+## 升级方法
+根据不同部署方式查看升级方法
+
+1. [Docker方式部署升级](./install/docker/#二、升级)
+2. [宝塔面板方式部署升级](./install/baota/#三、如何升级)
+3. [1Panel面板方式部署升级](./install/1panel/#三、升级)
+4. [源码方式部署](./install/source/#二、升级)
+
+## 升级日志
+[CHANGELOG](../changelogs/CHANGELOG.md)
--- a/docs/guide/start.md
+++ b/docs/guide/start.md
@@ -25,7 +25,8 @@ https://certd.handsfree.work/

 ### 2. 访问测试

-http://your_server_ip:7001    
+http://your_server_ip:7001   
+https://your_server_ip:7002    
 默认账号密码：admin/123456    
 记得修改密码

--- a/docs/guide/use/aliyun/index.md
+++ b/docs/guide/use/aliyun/index.md
@@ -0,0 +1,21 @@
+# 阿里云相关
+
+
+## 阿里云客户端请求超时配置
+
+配置环境变量
+```shell
+ALIYUN_CLIENT_CONNECT_TIMEOUT=10000 # 连接超时，单位毫秒
+ALIYUN_CLIENT_READ_TIMEOUT=10000 #读取数据超时，单位毫秒
+
+```
+
+
+## 阿里云Access权限设置
+
+
+* 申请证书 ：`AliyunDNSFullAccess`
+* 上传证书到阿里云： `AliyunYundunCertFullAccess`
+* 部署证书到OSS: `AliyunYundunCertFullAccess`、`AliyunOSSFullAccess`
+* 部署证书到CDN: `AliyunYundunCertFullAccess`、`AliyunCDNFullAccess`
+* 部署证书到DCDN： `AliyunYundunCertFullAccess`、`AliyunDCDNFullAccess`
--- a/docs/guide/use/backup/index.md
+++ b/docs/guide/use/backup/index.md
@@ -1,5 +1,17 @@
 # 数据库自动备份

+## 一、手动备份
+数据库文件根据不同的部署方式保存的位置不一样，您可以手动复制出来进行备份
+
+* docker： 默认保存在`/data/certd/db.sqlite`
+* 源码： 默认保存在 `./packages/ui/certd-server/data/db.sqlite`
+* 宝塔： [手动数据备份位置](https://certd.docmirror.cn/guide/install/baota/#%E5%9B%9B%E3%80%81%E6%95%B0%E6%8D%AE%E5%A4%87%E4%BB%BD) 
+* 1panel:  默认保存在`/data/certd/db.sqlite`
+
+
+## 二、自动备份
+通过配置数据库自动备份流水线实现数据备份
+
 ## 1. 创建自动备份流水线
 ![](./images/1.png)

@@ -7,7 +19,12 @@
 ![](./images/2.png)

 ## 3. 选择备份方法
-![img.png](./images/3.png)
+![](./images/3.png)

 ## 4. 配置定时和失败通知
-![img.png](./images/4.png)
+![](./images/4.png)
+
+
+## 三、备份恢复
+
+将备份的`db.sqlite`覆盖到原来的位置，重启certd即可
--- a/docs/guide/use/custom-script/index.md
+++ b/docs/guide/use/custom-script/index.md
@@ -0,0 +1,86 @@
+# 自定义脚本插件
+
+## 1. 介绍
+
+自定义脚本插件是一个通用的插件，可以通过编写脚本来实现各种功能，例如：调用第三方API、执行系统命令、发送邮件等。
+
+## 2. 使用示例
+```js
+const certPem = ctx.self.cert.crt
+const certKey = ctx.self.cert.key
+
+//axios发起http请求上传证书
+const res = await ctx.http.request({
+  url:"your_cert_deploy_url",
+  method:"post",
+  data:{
+    crt : certPem,
+    key : certKey
+  }
+})
+if(!res || res.code !== 0){
+    //抛异常才能让任务失败
+    throw new Error("上传失败")
+}
+//不能用console.log，需要用ctx.logger 才能把日志打印在ui上
+ctx.logger.info("上传成功",res.data)
+
+
+```
+## 3. API
+下面是`ctx`对象的`typescript`类型定义
+
+```ts
+
+type ctx = {
+  CertReader: typeof CertReader;
+  self: CustomScriptPlugin;
+  //流水线定义
+  pipeline: Pipeline;
+  //步骤定义
+  step: Step;
+  //日志
+  logger: Logger;
+  //当前步骤输入参数跟上一次执行比较是否有变化
+  inputChanged: boolean;
+  //授权获取服务 
+  accessService: IAccessService;
+  //邮件服务
+  emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
+  //插件配置服务
+  pluginConfigService: IPluginConfigService;
+  //流水线上下文
+  pipelineContext: IContext;
+  //用户上下文
+  userContext: IContext;
+  //http请求客户端 
+  http: HttpClient; // http.request(AxiosConfig)
+  //文件存储
+  fileStore: FileStore;
+  //上一次执行结果状态
+  lastStatus?: Runnable;
+  //用户取消信号
+  signal: AbortSignal;
+  //工具类
+  utils: typeof utils;
+  //用户信息
+  user: UserInfo;
+}
+
+type CertInfo = {
+  crt:string; //fullchain证书，即 cert.pem， cert.crt
+  key:string; // 私钥
+  ic: string; //中间证书
+  pfx: string;//PFX证书，base64编码
+  der: string;//DER证书，base64编码
+}
+
+type CustomScriptPlugin = {
+  //可以获取证书
+  cert: CertInfo
+}
+
+```
+
--- a/docs/guide/use/email/images/qq-0.png
+++ b/docs/guide/use/email/images/qq-0.png
--- a/docs/guide/use/email/images/qq-1.png
+++ b/docs/guide/use/email/images/qq-1.png
--- a/docs/guide/use/email/images/qq-11.png
+++ b/docs/guide/use/email/images/qq-11.png
--- a/docs/guide/use/email/images/qq-2.png
+++ b/docs/guide/use/email/images/qq-2.png
--- a/docs/guide/use/email/images/qq-3.png
+++ b/docs/guide/use/email/images/qq-3.png
--- a/docs/guide/use/email/index.md
+++ b/docs/guide/use/email/index.md
@@ -0,0 +1,23 @@
+# 邮箱配置
+
+
+## 腾讯企业邮箱配置
+1. 开启smtp
+![](./images/qq-3.png)
+2. 获取授权码作为密码
+![](./images/qq-1.png)
+![](./images/qq-2.png)
+3. 填写域名、端口和密码
+   ![](./images/qq-0.png)
+
+## QQ邮箱配置
+1. smtp配置
+```yaml
+smtp域名: smtp.qq.com
+smtp端口: 465
+密码: 授权码，获取方式见下方
+是否SSL: 是
+```
+
+2. 获取授权码
+   ![](./images/qq-11.png)
--- a/docs/guide/use/host/windows.md
+++ b/docs/guide/use/host/windows.md
@@ -4,7 +4,10 @@

 ## windows开启OpenSSH Server
 ### 1. 安装OpenSSH Server    
-请前往Microsoft官方文档查看如何开启openSSH    
+
+* 下载安装包安装： https://github.com/PowerShell/Win32-OpenSSH/releases  OpenSSH-Win64-vxx.xx.x.msi
+
+* 前往Microsoft官方文档查看如何开启openSSH，以及其他设置    
 https://learn.microsoft.com/zh-cn/windows-server/administration/openssh/openssh_install_firstuse?tabs=gui#install-openssh-for-windows

 ### 2. 启动OpenSSH Server服务
@@ -22,3 +25,15 @@ win+R  弹出运行对话框，输入 services.msc 打开服务管理器
 C:\Users\xxxxx>
          ↑↑↑↑---------这个就是windows ssh的登录用户名
 ```
+
+### 4. 切换默认shell终端
+安装openssh后，默认终端是cmd，建议切换成powershell
+```shell
+# powershell中执行如下命令切换
+# 设置默认shell为powershell 【推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -PropertyType String -Force
+
+# 恢复默认shell为cmd 【不推荐】
+New-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe" -PropertyType String -Force
+
+```
--- a/docs/guide/use/https/images/1.png
+++ b/docs/guide/use/https/images/1.png
--- a/docs/guide/use/https/images/2.png
+++ b/docs/guide/use/https/images/2.png
--- a/docs/guide/use/https/images/3.png
+++ b/docs/guide/use/https/images/3.png
--- a/docs/guide/use/https/images/ok.png
+++ b/docs/guide/use/https/images/ok.png
--- a/docs/guide/use/https/index.md
+++ b/docs/guide/use/https/index.md
@@ -0,0 +1,38 @@
+# Certd本身的https证书配置
+
+## 一、启用https
+
+`Certd`默认启用https，监听7002端口    
+如果你想关闭https，或者修改端口，可以在环境变量中配置
+```shell
+CERTD_HTTPS_ENABLE=true
+CERTD_HTTPS_port=7002
+
+```
+
+## 二、自动更新Certd的https证书
+
+### 1、创建证书流水线
+
+参考Certd顶部的创建证书流水线教程
+
+### 2、配置复制到本机任务
+将证书复制到certd的证书安装位置
+
+![](./images/1.png)
+![](./images/2.png)
+
+### 3、配置重启Certd任务
+重启certd的https server，让证书生效
+![img.png](./images/3.png)
+
+
+
+### 4、配置定时任务
+每天定时执行，最终效果如下
+
+![](./images/ok.png)
+
+:::warning   
+建议将本流水线的触发时间与其他流水线时间错开，避免重启时影响其他流水线的执行   
+:::
--- a/docs/guide/use/rerun/images/rerun.png
+++ b/docs/guide/use/rerun/images/rerun.png
--- a/docs/guide/use/rerun/index.md
+++ b/docs/guide/use/rerun/index.md
@@ -0,0 +1,5 @@
+# 如何强制重新执行任务
+
+## 强制重新执行任务
+
+![](./images/rerun.png)
--- a/docs/guide/use/setting/images/ipv6.png
+++ b/docs/guide/use/setting/images/ipv6.png
--- a/docs/guide/use/setting/ipv6.md
+++ b/docs/guide/use/setting/ipv6.md
@@ -0,0 +1,21 @@
+# IPv6支持
+
+## 启用IPv6
+在`docker-compose.yaml`中启用IPv6支持，放开如下注释：
+```yaml
+#    #↓↓↓↓ ------------------------------------------------------------- 启用ipv6网络
+    networks:
+      - ip6net
+networks:
+  ip6net:
+    enable_ipv6: true
+    ipam:
+      config:
+        - subnet: 2001:db8::/64
+
+```
+
+## 设置双栈网络优先级
+可根据实际情况设置
+
+![img.png](./images/ipv6.png)
--- a/docs/guide/use/synology/images/deploy1.png
+++ b/docs/guide/use/synology/images/deploy1.png
--- a/docs/guide/use/synology/images/deploy2.png
+++ b/docs/guide/use/synology/images/deploy2.png
--- a/docs/guide/use/synology/images/deploy3.png
+++ b/docs/guide/use/synology/images/deploy3.png
--- a/docs/guide/use/synology/images/deploy4.png
+++ b/docs/guide/use/synology/images/deploy4.png
--- a/docs/guide/use/synology/images/notify.png
+++ b/docs/guide/use/synology/images/notify.png
--- a/docs/guide/use/synology/images/setting1.png
+++ b/docs/guide/use/synology/images/setting1.png
--- a/docs/guide/use/synology/images/setting2.png
+++ b/docs/guide/use/synology/images/setting2.png
--- a/docs/guide/use/synology/index.md
+++ b/docs/guide/use/synology/index.md
@@ -37,4 +37,22 @@
 * 群晖上已经设置好了证书(证书建议设置好描述，插件需要根据描述查找证书)

 ## 2. 在certd上配置自动更新群晖证书插件
-![](./images/deploy.png)
+![](./images/deploy.png)
+
+## 3. 配置任务参数
+![](./images/deploy1.png)
+
+## 4. 创建授权
+![](./images/deploy2.png)
+> 注意群晖上要做两个设置   
+
+![](./images/setting2.png)
+![](./images/setting1.png)
+
+## 5. 运行部署
+点击手动运行即可
+![](./images/deploy3.png)
+![](./images/deploy4.png)
+
+## 6. 配置通知和自动运行
+![](./images/notify.png)
--- a/docs/guide/use/tencent/images/delete.png
+++ b/docs/guide/use/tencent/images/delete.png
--- a/docs/guide/use/tencent/images/delete2.png
+++ b/docs/guide/use/tencent/images/delete2.png
--- a/docs/guide/use/tencent/index.md
+++ b/docs/guide/use/tencent/index.md
@@ -6,3 +6,16 @@
 打开 https://console.cloud.tencent.com/cam/capi   
 然后按如下方式获取腾讯云的API密钥    
 ![](./tencent-access.png)
+
+
+## 如何避免收到腾讯云证书过期邮件
+
+腾讯云在证书有效期还剩28天时会发送过期通知邮件    
+您可以通过配置“腾讯云过期证书删除”任务来避免收到此类邮件。
+
+![](./images/delete.png)
+
+注意点：
+> 1. 选择腾讯云授权，需授权`服务角色SSL_QCSLinkedRoleInReplaceLoadCertificate`权限
+> 2. `1.26.14`版本之前Certd创建的证书流水线默认是到期前20天才更新证书，需要将之前创建的证书申请任务的更新天数修改为35天，保证删除之前就已经替换掉即将过期证书
+![](./images/delete2.png)
--- a/docs/images/start/home.png
+++ b/docs/images/start/home.png
--- a/docs/index.md
+++ b/docs/index.md
@@ -18,7 +18,7 @@ hero:
      link: /guide/tutorial.md
    - theme: alt
      text: demo体验
-      link: https://certd.handsfree.work
+      link: https://certd.handfree.work

 features:
  - title: 全自动申请证书
@@ -28,9 +28,9 @@ features:
  - title: 多域名、泛域名打到一个证书上
    details: 支持通配符域名/泛域名，支持多个域名打到一个证书上
  - title: 多证书格式支持
-    details: 支持pem、pfx、der等多种证书格式
+    details: 支持pem、pfx、der、jks等多种证书格式，支持Google、Letsencrypt、ZeroSSL证书颁发机构
  - title: 支持私有化部署
    details: 保障数据安全
  - title: 多数据库支持
-    details: 支持sqlite，postgresql数据库
+    details: 支持SQLite、Postgresql、MySQL数据库
 ---
--- a/docs/public/robots.txt
+++ b/docs/public/robots.txt
@@ -0,0 +1,2 @@
+User-agent: *
+Allow: /
--- a/packages/ui/certd-server/src/plugins/plugin-dynadot/plugins/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-dynadot/plugins/index.ts
--- a/lerna.json
+++ b/lerna.json
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.26.9"
+  "version": "1.28.3"
 }
--- a/package.json
+++ b/package.json
@@ -14,13 +14,14 @@
  },
  "scripts": {
    "start": "lerna bootstrap --hoist",
+    "devb": "lerna run dev-build",
    "i-all": "lerna link && lerna exec npm install  ",
    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
-    "afterpublishOnly": "time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
+    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
    "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
-    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/other/changelogs/",
+    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
    "prepublishOnly1": "npm run check && lerna run build ",
    "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
    "before-build": "npm run transform-sql && cd ./packages/core/basic && time /t >build.md && git add ./build.md && git commit -m \"build: prepare to build\"",
@@ -34,9 +35,11 @@
  "license": "AGPL-3.0",
  "dependencies": {
    "axios": "^1.7.7",
-    "lodash-es": "^4.17.21"
+    "copyfiles": "^2.4.1",
+    "lodash-es": "^4.17.21",
+    "typescript": "^5.4.2"
  },
  "workspaces": [
    "packages/**"
  ]
-}
+}
--- a/packages/core/acme-client/.eslintrc
+++ b/packages/core/acme-client/.eslintrc
@@ -0,0 +1,28 @@
+{
+  "extends": [
+    "plugin:prettier/recommended",
+    "prettier"
+  ],
+  "plugins": [
+    "eslint-plugin-import"
+  ],
+  "env": {
+    "mocha": true
+  },
+  "rules": {
+    "@typescript-eslint/no-var-requires": "off",
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/ban-ts-ignore": "off",
+    "@typescript-eslint/no-explicit-any": "off",
+    "@typescript-eslint/no-empty-function": "off",
+    //    "no-unused-expressions": "off",
+    "max-len": [
+      0,
+      160,
+      2,
+      {
+        "ignoreUrls": true
+      }
+    ]
+  }
+}
--- a/packages/core/acme-client/.eslintrc.yml
+++ b/packages/core/acme-client/.eslintrc.yml
@@ -1,16 +0,0 @@
-extends:
-  - 'airbnb-base'
-
-env:
-  browser: false
-  node: true
-  mocha: true
-
-rules:
-  indent: [2, 4, { SwitchCase: 1, VariableDeclarator: 1 }]
-  brace-style: [2, 'stroustrup', { allowSingleLine: true }]
-  func-names: 0
-  class-methods-use-this: 0
-  no-param-reassign: 0
-  max-len: [1, 200, 2, { ignoreUrls: true, ignoreComments: false }]
-  import/no-useless-path-segments: 0
--- a/packages/core/acme-client/CHANGELOG.md
+++ b/packages/core/acme-client/CHANGELOG.md
@@ -3,6 +3,101 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.28.3](https://github.com/publishlab/node-acme-client/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.28.2](https://github.com/publishlab/node-acme-client/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+### Performance Improvements
+
+* 支持mysql ([7cde1fd](https://github.com/publishlab/node-acme-client/commit/7cde1fdc4a9ed851900d231a5460c8dbfbcd148e))
+
+## [1.28.1](https://github.com/publishlab/node-acme-client/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.28.0](https://github.com/publishlab/node-acme-client/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.9](https://github.com/publishlab/node-acme-client/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.8](https://github.com/publishlab/node-acme-client/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.7](https://github.com/publishlab/node-acme-client/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.6](https://github.com/publishlab/node-acme-client/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.5](https://github.com/publishlab/node-acme-client/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.4](https://github.com/publishlab/node-acme-client/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.3](https://github.com/publishlab/node-acme-client/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.2](https://github.com/publishlab/node-acme-client/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.27.1](https://github.com/publishlab/node-acme-client/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.27.0](https://github.com/publishlab/node-acme-client/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.16](https://github.com/publishlab/node-acme-client/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.15](https://github.com/publishlab/node-acme-client/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.14](https://github.com/publishlab/node-acme-client/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/publishlab/node-acme-client/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+## [1.26.13](https://github.com/publishlab/node-acme-client/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.12](https://github.com/publishlab/node-acme-client/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.26.11](https://github.com/publishlab/node-acme-client/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/publishlab/node-acme-client/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+* 修复google证书*.xx.com与xx.com同时申请时报错的bug ([f8b99b8](https://github.com/publishlab/node-acme-client/commit/f8b99b81a23e7e9fd5e05ebd5caf355c41d67a90))
+
+### Performance Improvements
+
+* 优化证书申请速度和成功率，反代地址优化，google基本可以稳定请求。增加请求重试。 ([41d9c3a](https://github.com/publishlab/node-acme-client/commit/41d9c3ac8398def541e65351cbe920d4a927182d))
+
+## [1.26.10](https://github.com/publishlab/node-acme-client/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.26.9](https://github.com/publishlab/node-acme-client/compare/v1.26.8...v1.26.9) (2024-10-19)

 **Note:** Version bump only for package @certd/acme-client
--- a/packages/core/acme-client/docs/crypto.md
+++ b/packages/core/acme-client/docs/crypto.md
@@ -6,6 +6,38 @@
 </dd>
 </dl>

+## Constants
+
+<dl>
+<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Generate a private ECDSA key</p>
+</dd>
+<dt><a href="#getPublicKey">getPublicKey</a> ⇒ <code>buffer</code></dt>
+<dd><p>Get a public key derived from a RSA or ECDSA key</p>
+</dd>
+<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object and return a Base64URL string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>object</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>object</code></dt>
+<dd><p>Read information from a certificate
+If multiple certificates are chained, the first will be read</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+<dt><a href="#createAlpnCertificate">createAlpnCertificate</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
+<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
+</dd>
+<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid</a> ⇒ <code>boolean</code></dt>
+<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
+</dd>
+</dl>
+
 ## Functions

 <dl>
@@ -15,12 +47,6 @@
 <dt><a href="#createPrivateKey">createPrivateKey()</a></dt>
 <dd><p>Alias of <code>createPrivateRsaKey()</code></p>
 </dd>
-<dt><a href="#createPrivateEcdsaKey">createPrivateEcdsaKey([namedCurve])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Generate a private ECDSA key</p>
-</dd>
-<dt><a href="#getPublicKey">getPublicKey(keyPem)</a> ⇒ <code>buffer</code></dt>
-<dd><p>Get a public key derived from a RSA or ECDSA key</p>
-</dd>
 <dt><a href="#getJwk">getJwk(keyPem)</a> ⇒ <code>object</code></dt>
 <dd><p>Get a JSON Web Key derived from a RSA or ECDSA key</p>
 <p><a href="https://datatracker.ietf.org/doc/html/rfc7517">https://datatracker.ietf.org/doc/html/rfc7517</a></p>
@@ -28,27 +54,6 @@
 <dt><a href="#splitPemChain">splitPemChain(chainPem)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
 <dd><p>Split chain of PEM encoded objects from string into array</p>
 </dd>
-<dt><a href="#getPemBodyAsB64u">getPemBodyAsB64u(pem)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object and return a Base64URL string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csrPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(certPem)</a> ⇒ <code>object</code></dt>
-<dd><p>Read information from a certificate
-If multiple certificates are chained, the first will be read</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
-<dt><a href="#createAlpnCertificate">createAlpnCertificate(authz, keyAuthorization, [keyPem])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a self-signed ALPN certificate for TLS-ALPN-01 challenges</p>
-<p><a href="https://datatracker.ietf.org/doc/html/rfc8737">https://datatracker.ietf.org/doc/html/rfc8737</a></p>
-</dd>
-<dt><a href="#isAlpnCertificateAuthorizationValid">isAlpnCertificateAuthorizationValid(certPem, keyAuthorization)</a> ⇒ <code>boolean</code></dt>
-<dd><p>Validate that a ALPN certificate contains the expected key authorization</p>
-</dd>
 </dl>

 <a name="crypto"></a>
@@ -57,40 +62,12 @@ If multiple certificates are chained, the first will be read</p>
 Native Node.js crypto interface

 **Kind**: global namespace  
-<a name="createPrivateRsaKey"></a>
-
-## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [modulusLength] | <code>number</code> | <code>2048</code> | Size of the keys modulus in bits, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey();
-```
-**Example**  
-Private RSA key with modulus size 4096
-```js
-const privateKey = await acme.crypto.createPrivateRsaKey(4096);
-```
-<a name="createPrivateKey"></a>
-
-## createPrivateKey()
-Alias of `createPrivateRsaKey()`
-
-**Kind**: global function  
 <a name="createPrivateEcdsaKey"></a>

-## createPrivateEcdsaKey([namedCurve]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPrivateEcdsaKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Generate a private ECDSA key

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private ECDSA key  

 | Param | Type | Description |
@@ -109,10 +86,10 @@ const privateKey = await acme.crypto.createPrivateEcdsaKey('P-384');
 ```
 <a name="getPublicKey"></a>

-## getPublicKey(keyPem) ⇒ <code>buffer</code>
+## getPublicKey ⇒ <code>buffer</code>
 Get a public key derived from a RSA or ECDSA key

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>buffer</code> - PEM encoded public key  

 | Param | Type | Description |
@@ -124,44 +101,13 @@ Get public key
 ```js
 const publicKey = acme.crypto.getPublicKey(privateKey);
 ```
-<a name="getJwk"></a>
-
-## getJwk(keyPem) ⇒ <code>object</code>
-Get a JSON Web Key derived from a RSA or ECDSA key
-
-https://datatracker.ietf.org/doc/html/rfc7517
-
-**Kind**: global function  
-**Returns**: <code>object</code> - JSON Web Key  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
-
-**Example**  
-Get JWK
-```js
-const jwk = acme.crypto.getJwk(privateKey);
-```
-<a name="splitPemChain"></a>
-
-## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
-Split chain of PEM encoded objects from string into array
-
-**Kind**: global function  
-**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
-
-| Param | Type | Description |
-| --- | --- | --- |
-| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
-
 <a name="getPemBodyAsB64u"></a>

-## getPemBodyAsB64u(pem) ⇒ <code>string</code>
+## getPemBodyAsB64u ⇒ <code>string</code>
 Parse body of PEM encoded object and return a Base64URL string
 If multiple objects are chained, the first body will be returned

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - Base64URL-encoded body  

 | Param | Type | Description |
@@ -170,10 +116,10 @@ If multiple objects are chained, the first body will be returned

 <a name="readCsrDomains"></a>

-## readCsrDomains(csrPem) ⇒ <code>object</code>
+## readCsrDomains ⇒ <code>object</code>
 Read domains from a Certificate Signing Request

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - {commonName, altNames}  

 | Param | Type | Description |
@@ -190,11 +136,11 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>

-## readCertificateInfo(certPem) ⇒ <code>object</code>
+## readCertificateInfo ⇒ <code>object</code>
 Read information from a certificate
 If multiple certificates are chained, the first will be read

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>object</code> - Certificate info  

 | Param | Type | Description |
@@ -215,10 +161,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>

-## createCsr(data, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  

 | Param | Type | Description |
@@ -276,12 +222,12 @@ const [, certificateRequest] = await acme.crypto.createCsr({
 ```
 <a name="createAlpnCertificate"></a>

-## createAlpnCertificate(authz, keyAuthorization, [keyPem]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createAlpnCertificate ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a self-signed ALPN certificate for TLS-ALPN-01 challenges

 https://datatracker.ietf.org/doc/html/rfc8737

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificate]  

 | Param | Type | Description |
@@ -303,10 +249,10 @@ const [, alpnCertificate] = await acme.crypto.createAlpnCertificate(authz, keyAu
 ```
 <a name="isAlpnCertificateAuthorizationValid"></a>

-## isAlpnCertificateAuthorizationValid(certPem, keyAuthorization) ⇒ <code>boolean</code>
+## isAlpnCertificateAuthorizationValid ⇒ <code>boolean</code>
 Validate that a ALPN certificate contains the expected key authorization

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>boolean</code> - True when valid  

 | Param | Type | Description |
@@ -314,3 +260,62 @@ Validate that a ALPN certificate contains the expected key authorization
 | certPem | <code>buffer</code> \| <code>string</code> | PEM encoded certificate |
 | keyAuthorization | <code>string</code> | Expected challenge key authorization |

+<a name="createPrivateRsaKey"></a>
+
+## createPrivateRsaKey([modulusLength]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [modulusLength] | <code>number</code> | Size of the keys modulus in bits, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey();
+```
+**Example**  
+Private RSA key with modulus size 4096
+```js
+const privateKey = await acme.crypto.createPrivateRsaKey(4096);
+```
+<a name="createPrivateKey"></a>
+
+## createPrivateKey()
+Alias of `createPrivateRsaKey()`
+
+**Kind**: global function  
+<a name="getJwk"></a>
+
+## getJwk(keyPem) ⇒ <code>object</code>
+Get a JSON Web Key derived from a RSA or ECDSA key
+
+https://datatracker.ietf.org/doc/html/rfc7517
+
+**Kind**: global function  
+**Returns**: <code>object</code> - JSON Web Key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| keyPem | <code>buffer</code> \| <code>string</code> | PEM encoded private or public key |
+
+**Example**  
+Get JWK
+```js
+const jwk = acme.crypto.getJwk(privateKey);
+```
+<a name="splitPemChain"></a>
+
+## splitPemChain(chainPem) ⇒ <code>Array.&lt;string&gt;</code>
+Split chain of PEM encoded objects from string into array
+
+**Kind**: global function  
+**Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM objects including headers  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| chainPem | <code>buffer</code> \| <code>string</code> | PEM encoded object chain |
+
--- a/packages/core/acme-client/docs/forge.md
+++ b/packages/core/acme-client/docs/forge.md
@@ -8,37 +8,42 @@ major release. Please migrate to the new <code>acme.crypto</code> interface at y
 </dd>
 </dl>

+## Constants
+
+<dl>
+<dt><a href="#createPublicKey">createPublicKey</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Create public key from a private RSA key</p>
+</dd>
+<dt><a href="#getPemBody">getPemBody</a> ⇒ <code>string</code></dt>
+<dd><p>Parse body of PEM encoded object from buffer or string
+If multiple objects are chained, the first body will be returned</p>
+</dd>
+<dt><a href="#splitPemChain">splitPemChain</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
+<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
+</dd>
+<dt><a href="#getModulus">getModulus</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get modulus</p>
+</dd>
+<dt><a href="#getPublicExponent">getPublicExponent</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
+<dd><p>Get public exponent</p>
+</dd>
+<dt><a href="#readCsrDomains">readCsrDomains</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read domains from a Certificate Signing Request</p>
+</dd>
+<dt><a href="#readCertificateInfo">readCertificateInfo</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
+<dd><p>Read information from a certificate</p>
+</dd>
+<dt><a href="#createCsr">createCsr</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
+<dd><p>Create a Certificate Signing Request</p>
+</dd>
+</dl>
+
 ## Functions

 <dl>
 <dt><a href="#createPrivateKey">createPrivateKey([size])</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
 <dd><p>Generate a private RSA key</p>
 </dd>
-<dt><a href="#createPublicKey">createPublicKey(key)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Create public key from a private RSA key</p>
-</dd>
-<dt><a href="#getPemBody">getPemBody(str)</a> ⇒ <code>string</code></dt>
-<dd><p>Parse body of PEM encoded object from buffer or string
-If multiple objects are chained, the first body will be returned</p>
-</dd>
-<dt><a href="#splitPemChain">splitPemChain(str)</a> ⇒ <code>Array.&lt;string&gt;</code></dt>
-<dd><p>Split chain of PEM encoded objects from buffer or string into array</p>
-</dd>
-<dt><a href="#getModulus">getModulus(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get modulus</p>
-</dd>
-<dt><a href="#getPublicExponent">getPublicExponent(input)</a> ⇒ <code>Promise.&lt;buffer&gt;</code></dt>
-<dd><p>Get public exponent</p>
-</dd>
-<dt><a href="#readCsrDomains">readCsrDomains(csr)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read domains from a Certificate Signing Request</p>
-</dd>
-<dt><a href="#readCertificateInfo">readCertificateInfo(cert)</a> ⇒ <code>Promise.&lt;object&gt;</code></dt>
-<dd><p>Read information from a certificate</p>
-</dd>
-<dt><a href="#createCsr">createCsr(data, [key])</a> ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code></dt>
-<dd><p>Create a Certificate Signing Request</p>
-</dd>
 </dl>

 <a name="forge"></a>
@@ -50,34 +55,12 @@ DEPRECATION WARNING: This crypto interface is deprecated and will be removed fro
 major release. Please migrate to the new `acme.crypto` interface at your earliest convenience.

 **Kind**: global namespace  
-<a name="createPrivateKey"></a>
-
-## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
-Generate a private RSA key
-
-**Kind**: global function  
-**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
-
-| Param | Type | Default | Description |
-| --- | --- | --- | --- |
-| [size] | <code>number</code> | <code>2048</code> | Size of the key, default: `2048` |
-
-**Example**  
-Generate private RSA key
-```js
-const privateKey = await acme.forge.createPrivateKey();
-```
-**Example**  
-Private RSA key with defined size
-```js
-const privateKey = await acme.forge.createPrivateKey(4096);
-```
 <a name="createPublicKey"></a>

-## createPublicKey(key) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## createPublicKey ⇒ <code>Promise.&lt;buffer&gt;</code>
 Create public key from a private RSA key

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded public RSA key  

 | Param | Type | Description |
@@ -91,11 +74,11 @@ const publicKey = await acme.forge.createPublicKey(privateKey);
 ```
 <a name="getPemBody"></a>

-## getPemBody(str) ⇒ <code>string</code>
+## getPemBody ⇒ <code>string</code>
 Parse body of PEM encoded object from buffer or string
 If multiple objects are chained, the first body will be returned

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>string</code> - PEM body  

 | Param | Type | Description |
@@ -104,10 +87,10 @@ If multiple objects are chained, the first body will be returned

 <a name="splitPemChain"></a>

-## splitPemChain(str) ⇒ <code>Array.&lt;string&gt;</code>
+## splitPemChain ⇒ <code>Array.&lt;string&gt;</code>
 Split chain of PEM encoded objects from buffer or string into array

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Array.&lt;string&gt;</code> - Array of PEM bodies  

 | Param | Type | Description |
@@ -116,10 +99,10 @@ Split chain of PEM encoded objects from buffer or string into array

 <a name="getModulus"></a>

-## getModulus(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getModulus ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get modulus

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Modulus  

 | Param | Type | Description |
@@ -135,10 +118,10 @@ const m3 = await acme.forge.getModulus(certificateRequest);
 ```
 <a name="getPublicExponent"></a>

-## getPublicExponent(input) ⇒ <code>Promise.&lt;buffer&gt;</code>
+## getPublicExponent ⇒ <code>Promise.&lt;buffer&gt;</code>
 Get public exponent

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;buffer&gt;</code> - Exponent  

 | Param | Type | Description |
@@ -154,10 +137,10 @@ const e3 = await acme.forge.getPublicExponent(certificateRequest);
 ```
 <a name="readCsrDomains"></a>

-## readCsrDomains(csr) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCsrDomains ⇒ <code>Promise.&lt;object&gt;</code>
 Read domains from a Certificate Signing Request

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - {commonName, altNames}  

 | Param | Type | Description |
@@ -174,10 +157,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="readCertificateInfo"></a>

-## readCertificateInfo(cert) ⇒ <code>Promise.&lt;object&gt;</code>
+## readCertificateInfo ⇒ <code>Promise.&lt;object&gt;</code>
 Read information from a certificate

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;object&gt;</code> - Certificate info  

 | Param | Type | Description |
@@ -198,10 +181,10 @@ console.log(`Alt names: ${altNames.join(', ')}`);
 ```
 <a name="createCsr"></a>

-## createCsr(data, [key]) ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
+## createCsr ⇒ <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code>
 Create a Certificate Signing Request

-**Kind**: global function  
+**Kind**: global constant  
 **Returns**: <code>Promise.&lt;Array.&lt;buffer&gt;&gt;</code> - [privateKey, certificateSigningRequest]  

 | Param | Type | Description |
@@ -256,3 +239,25 @@ const certificateKey = await acme.forge.createPrivateKey();
 const [, certificateRequest] = await acme.forge.createCsr({
    altNames: ['test.example.com'],
 }, certificateKey);
+<a name="createPrivateKey"></a>
+
+## createPrivateKey([size]) ⇒ <code>Promise.&lt;buffer&gt;</code>
+Generate a private RSA key
+
+**Kind**: global function  
+**Returns**: <code>Promise.&lt;buffer&gt;</code> - PEM encoded private RSA key  
+
+| Param | Type | Description |
+| --- | --- | --- |
+| [size] | <code>number</code> | Size of the key, default: `2048` |
+
+**Example**  
+Generate private RSA key
+```js
+const privateKey = await acme.forge.createPrivateKey();
+```
+**Example**  
+Private RSA key with defined size
+```js
+const privateKey = await acme.forge.createPrivateKey(4096);
+```
--- a/packages/core/acme-client/package.json
+++ b/packages/core/acme-client/package.json
@@ -3,7 +3,9 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.26.9",
+    "version": "1.28.3",
+    "type": "module",
+    "module": "scr/index.js",
    "main": "src/index.js",
    "types": "types/index.d.ts",
    "license": "MIT",
@@ -16,11 +18,14 @@
        "types"
    ],
    "dependencies": {
+        "@certd/basic": "^1.28.3",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
        "debug": "^4.3.5",
+        "http-proxy-agent": "^7.0.2",
        "https-proxy-agent": "^7.0.5",
+        "lodash-es": "^4.17.21",
        "node-forge": "^1.3.1"
    },
    "devDependencies": {
@@ -28,14 +33,15 @@
        "chai": "^4.4.1",
        "chai-as-promised": "^7.1.2",
        "eslint": "^8.57.0",
-        "eslint-config-airbnb-base": "^15.0.0",
+        "eslint-config-prettier": "^8.5.0",
        "eslint-plugin-import": "^2.29.1",
+        "eslint-plugin-prettier": "^4.2.1",
        "jsdoc-to-markdown": "^8.0.1",
        "mocha": "^10.6.0",
        "nock": "^13.5.4",
+        "prettier": "^2.8.8",
        "tsd": "^0.31.1",
-        "typescript": "^5.4.2",
-        "uuid": "^8.3.2"
+        "typescript": "^5.4.2"
    },
    "scripts": {
        "build-docs": "jsdoc2md src/client.js > docs/client.md && jsdoc2md src/crypto/index.js > docs/crypto.md && jsdoc2md src/crypto/forge.js > docs/forge.md",
@@ -59,5 +65,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+    "gitHead": "e5c164065cef75a6813a4ff48b2167a966dce112"
 }
--- a/packages/core/acme-client/src/api.js
+++ b/packages/core/acme-client/src/api.js
@@ -1,9 +1,7 @@
 /**
 * ACME API client
 */
-
-const util = require('./util');
-const { log } = require('./logger');
+import  * as util  from './util.js';

 /**
 * AcmeApi
@@ -30,6 +28,7 @@ class AcmeApi {
                }
            }
        }
+        console.log(locationUrl, mapping);
        return locationUrl;
    }

@@ -247,4 +246,4 @@ class AcmeApi {
 }

 /* Export API */
-module.exports = AcmeApi;
+export default AcmeApi;
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -1,10 +1,11 @@
 /**
 * ACME auto helper
 */
+import { readCsrDomains } from './crypto/index.js';
+import { log } from './logger.js';
+import { wait } from './wait.js';
+import { CancelError } from './error.js';

-const { readCsrDomains } = require('./crypto');
-const { log } = require('./logger');
-const { wait } = require('./wait');

 const defaultOpts = {
    csr: null,
@@ -29,7 +30,7 @@ const defaultOpts = {
 * @returns {Promise<buffer>} Certificate
 */

-module.exports = async (client, userOpts) => {
+export default  async (client, userOpts) => {
    const opts = { ...defaultOpts, ...userOpts };
    const accountPayload = { termsOfServiceAgreed: opts.termsOfServiceAgreed };

@@ -182,12 +183,19 @@ module.exports = async (client, userOpts) => {

    authorizations.forEach((authz) => {
        const d = authz.identifier.value;
+        log(`authorization:domain = ${d}, value = ${JSON.stringify(authz)}`);
+
+        if (authz.status === 'valid') {
+            log(`[auto] [${d}] Authorization already has valid status, no need to complete challenges`);
+            return;
+        }
        let setd = false;
        // eslint-disable-next-line no-restricted-syntax
        for (const group of domainSets) {
            if (!group[d]) {
                group[d] = authz;
                setd = true;
+                break;
            }
        }
        if (!setd) {
@@ -197,6 +205,8 @@ module.exports = async (client, userOpts) => {
        }
    });

+    // log(`domainSets:${JSON.stringify(domainSets)}`);
+
    const allChallengePromises = [];
    // eslint-disable-next-line no-restricted-syntax
    for (const domainSet of domainSets) {
@@ -233,28 +243,52 @@ module.exports = async (client, userOpts) => {
        return Promise.all(results);
    }

-    log(`开始challenge，共${allChallengePromises.length}组`);
-    let i = 0;
-    // eslint-disable-next-line no-restricted-syntax
-    for (const challengePromises of allChallengePromises) {
-        i += 1;
-        log(`开始第${i}组`);
-        if (opts.signal && opts.signal.aborted) {
-            throw new Error('用户取消');
-        }
+    try {
+        log(`开始challenge，共${allChallengePromises.length}组`);
+        let i = 0;
+        // eslint-disable-next-line no-restricted-syntax
+        for (const challengePromises of allChallengePromises) {
+            i += 1;
+            log(`开始第${i}组`);
+            if (opts.signal && opts.signal.aborted) {
+                throw new CancelError('用户取消');
+            }

-        try {
-            // eslint-disable-next-line no-await-in-loop
-            await runPromisePa(challengePromises);
-        }
-        catch (e) {
-            log(`证书申请失败${e.message}`);
-            throw e;
-        }
-        finally {
-            log(`清理challenge痕迹，length:${clearTasks.length}`);
            try {
                // eslint-disable-next-line no-await-in-loop
+                await runPromisePa(challengePromises);
+            }
+            catch (e) {
+                log(`证书申请失败${e.message}`);
+                throw e;
+            }
+            finally {
+                if (client.opts.sslProvider !== 'google') {
+                    // letsencrypt 如果同时检出两个TXT记录，会以第一个为准，就会校验失败，所以需要提前删除
+                    // zerossl 此方式测试无问题
+                    log(`清理challenge痕迹，length:${clearTasks.length}`);
+                    try {
+                        // eslint-disable-next-line no-await-in-loop
+                        await runAllPromise(clearTasks);
+                    }
+                    catch (e) {
+                        log('清理challenge失败');
+                        log(e);
+                    }
+                }
+            }
+        }
+    }
+    finally {
+        if (client.opts.sslProvider === 'google') {
+            // google 相同的域名txt记录是一样的，不能提前删除，否则校验失败，报错如下
+            //  Error: The TXT record retrieved from _acme-challenge.bbc.handsfree.work.
+            //  at the time the challenge was validated did not contain JshHVu7dt_DT6uYILWhokHefFVad2Q6Mw1L-fNZFcq8
+            //  (the base64url-encoded SHA-256 digest of RlJZNBR0LWnxNK_xd2zqtYVvCiNJOKJ3J1NmCjU_9BjaUJgL3k-qSpIhQ-uF4FBS.NRyqT8fRiq6THzzrvkgzgR5Xai2LsA2SyGLAq_wT3qc).
+            //  See https://tools.ietf.org/html/rfc8555#section-8.4 for more information.
+            log(`清理challenge痕迹，length:${clearTasks.length}`);
+            try {
+            // eslint-disable-next-line no-await-in-loop
                await runAllPromise(clearTasks);
            }
            catch (e) {
@@ -263,6 +297,7 @@ module.exports = async (client, userOpts) => {
            }
        }
    }
+
    log('challenge结束');

    // log('[auto] Waiting for challenge valid status');
--- a/packages/core/acme-client/src/axios.js
+++ b/packages/core/acme-client/src/axios.js
@@ -1,14 +1,11 @@
 /**
 * Axios instance
 */
-
-const axios = require('axios');
-const { parseRetryAfterHeader } = require('./util');
-const { log } = require('./logger');
-const pkg = require('./../package.json');
-
+import axios from 'axios';
+import { parseRetryAfterHeader } from './util.js';
+import { log } from './logger.js';
 const { AxiosError } = axios;
-
+import {getGlobalAgents, HttpError} from '@certd/basic'
 /**
 * Defaults
 */
@@ -16,7 +13,7 @@ const { AxiosError } = axios;
 const instance = axios.create();

 /* Default User-Agent */
-instance.defaults.headers.common['User-Agent'] = `node-${pkg.name}/${pkg.version}`;
+instance.defaults.headers.common['User-Agent'] = `@certd/acme-client`;

 /* Default ACME settings */
 instance.defaults.acmeSettings = {
@@ -24,8 +21,8 @@ instance.defaults.acmeSettings = {
    httpsChallengePort: 443,
    tlsAlpnChallengePort: 443,

-    retryMaxAttempts: 5,
-    retryDefaultDelay: 5,
+    retryMaxAttempts: 3,
+    retryDefaultDelay: 3,
 };
 // instance.defaults.proxy = {
 //     host: '192.168.34.139',
@@ -56,19 +53,26 @@ function isRetryableError(error) {

 /* https://github.com/axios/axios/blob/main/lib/core/settle.js */
 function validateStatus(response) {
-    const validator = response.config.retryValidateStatus;
-
+    if (!response) {
+        return new Error('Response is undefined');
+    }
+    let validator = null;
+    if (response.config) {
+        validator = response.config.retryValidateStatus;
+    }
    if (!response.status || !validator || validator(response.status)) {
        return response;
    }

-    throw new AxiosError(
+    const err = new AxiosError(
        `Request failed with status code ${response.status}`,
        (Math.floor(response.status / 100) === 4) ? AxiosError.ERR_BAD_REQUEST : AxiosError.ERR_BAD_RESPONSE,
        response.config,
        response.request,
        response,
    );
+
+    throw new HttpError(err);
 }

 /* Pass all responses through the error interceptor */
@@ -76,8 +80,17 @@ instance.interceptors.request.use((config) => {
    if (!('retryValidateStatus' in config)) {
        config.retryValidateStatus = config.validateStatus;
    }
-
    config.validateStatus = () => false;
+
+    const agents = getGlobalAgents();
+    // if (config.skipSslVerify) {
+    //     logger.info('跳过SSL验证');
+    //     agents = createAgent({ rejectUnauthorized: false } as any);
+    // }
+    // delete config.skipSslVerify;
+    config.httpsAgent = agents.httpsAgent;
+    config.httpAgent = agents.httpAgent;
+    config.proxy = false; // 必须 否则还会走一层代理，
    return config;
 });

@@ -86,7 +99,7 @@ instance.interceptors.response.use(null, async (error) => {
    const { config, response } = error;

    if (!config) {
-        return Promise.reject(error);
+        return Promise.reject(new HttpError(error));
    }

    /* Pick up errors we want to retry */
@@ -98,23 +111,28 @@ instance.interceptors.response.use(null, async (error) => {
            const code = response ? `HTTP ${response.status}` : error.code;
            log(`Caught ${code}, retry attempt ${config.retryAttempt}/${retryMaxAttempts} to URL ${config.url}`);

+            const retryAfter = (retryDefaultDelay * config.retryAttempt);
            /* Attempt to parse Retry-After header, fallback to default delay */
-            let retryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;
+            const headerRetryAfter = response ? parseRetryAfterHeader(response.headers['retry-after']) : 0;

-            if (retryAfter > 0) {
-                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${retryAfter} seconds`);
-            }
-            else {
-                retryAfter = (retryDefaultDelay * config.retryAttempt);
-                log(`Unable to locate or parse retry-after response header, waiting ${retryAfter} seconds`);
+            if (headerRetryAfter > 0) {
+                const waitMinutes = (headerRetryAfter / 60).toFixed(1);
+                log(`Found retry-after response header with value: ${response.headers['retry-after']}, waiting ${waitMinutes} minutes`);
+                log(JSON.stringify(response.data));
+                return Promise.reject(new HttpError(error));
            }

+            log(`waiting ${retryAfter} seconds`);
+
            /* Wait and retry the request */
            await new Promise((resolve) => { setTimeout(resolve, (retryAfter * 1000)); });
            return instance(config);
        }
    }

+    if (!response) {
+        return Promise.reject(new HttpError(error));
+    }
    /* Validate and return response */
    return validateStatus(response);
 });
@@ -123,4 +141,4 @@ instance.interceptors.response.use(null, async (error) => {
 * Export instance
 */

-module.exports = instance;
+export default instance;
--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -3,15 +3,17 @@
 *
 * @namespace Client
 */
+import { createHash } from 'crypto';
+import  { getPemBodyAsB64u } from './crypto/index.js';
+import { log } from './logger.js';
+import HttpClient from './http.js';
+import AcmeApi from './api.js';
+import verify from './verify.js';
+import * as util from './util.js';
+import auto from './auto.js';
+import { CancelError } from './error.js';
+

-const { createHash } = require('crypto');
-const { getPemBodyAsB64u } = require('./crypto');
-const { log } = require('./logger');
-const HttpClient = require('./http');
-const AcmeApi = require('./api');
-const verify = require('./verify');
-const util = require('./util');
-const auto = require('./auto');

 /**
 * ACME states
@@ -490,9 +492,10 @@ class AcmeClient {

        const keyAuthorization = await this.getChallengeKeyAuthorization(challenge);

-        const verifyFn = async () => {
+        const verifyFn = async (abort) => {
            if (this.opts.signal && this.opts.signal.aborted) {
-                throw new Error('用户取消');
+                abort();
+                throw new CancelError('用户取消');
            }
            await verify[challenge.type](authz, challenge, keyAuthorization);
        };
@@ -518,7 +521,7 @@ class AcmeClient {

    async completeChallenge(challenge) {
        if (this.opts.signal && this.opts.signal.aborted) {
-            throw new Error('用户取消');
+            throw new CancelError('用户取消');
        }
        const resp = await this.api.completeChallenge(challenge.url, {});
        return resp.data;
@@ -558,7 +561,8 @@ class AcmeClient {

        const verifyFn = async (abort) => {
            if (this.opts.signal && this.opts.signal.aborted) {
-                throw new Error('用户取消');
+                abort();
+                throw new CancelError('用户取消');
            }

            const resp = await this.api.apiRequest(item.url, null, [200]);
@@ -716,4 +720,4 @@ class AcmeClient {
 }

 /* Export client */
-module.exports = AcmeClient;
+export default  AcmeClient;
--- a/packages/core/acme-client/src/crypto/forge.js
+++ b/packages/core/acme-client/src/crypto/forge.js
@@ -6,11 +6,10 @@
 *
 * @namespace forge
 */
-
-const net = require('net');
-const { promisify } = require('util');
-const forge = require('node-forge');
-const { createPrivateEcdsaKey, getPublicKey } = require('./index');
+import net from 'net';
+import { promisify } from 'util';
+import forge from 'node-forge';
+import { createPrivateEcdsaKey } from './index.js';

 const generateKeyPair = promisify(forge.pki.rsa.generateKeyPair);

@@ -113,13 +112,12 @@ function parseDomains(obj) {
 * ```
 */

-async function createPrivateKey(size = 2048) {
+export async function createPrivateKey(size = 2048) {
    const keyPair = await generateKeyPair({ bits: size });
    const pemKey = forge.pki.privateKeyToPem(keyPair.privateKey);
    return Buffer.from(pemKey);
 }

-exports.createPrivateKey = createPrivateKey;

 /**
 * Create public key from a private RSA key
@@ -133,7 +131,7 @@ exports.createPrivateKey = createPrivateKey;
 * ```
 */

-exports.createPublicKey = async (key) => {
+export const createPublicKey = async (key) => {
    const privateKey = forge.pki.privateKeyFromPem(key);
    const publicKey = forge.pki.rsa.setPublicKey(privateKey.n, privateKey.e);
    const pemKey = forge.pki.publicKeyToPem(publicKey);
@@ -148,7 +146,7 @@ exports.createPublicKey = async (key) => {
 * @returns {string} PEM body
 */

-exports.getPemBody = (str) => {
+export const getPemBody = (str) => {
    const msg = forge.pem.decode(str)[0];
    return forge.util.encode64(msg.body);
 };
@@ -160,7 +158,7 @@ exports.getPemBody = (str) => {
 * @returns {string[]} Array of PEM bodies
 */

-exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
+export const splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);

 /**
 * Get modulus
@@ -176,7 +174,7 @@ exports.splitPemChain = (str) => forge.pem.decode(str).map(forge.pem.encode);
 * ```
 */

-exports.getModulus = async (input) => {
+export const getModulus = async (input) => {
    if (!Buffer.isBuffer(input)) {
        input = Buffer.from(input);
    }
@@ -199,7 +197,7 @@ exports.getModulus = async (input) => {
 * ```
 */

-exports.getPublicExponent = async (input) => {
+export const getPublicExponent = async (input) => {
    if (!Buffer.isBuffer(input)) {
        input = Buffer.from(input);
    }
@@ -223,7 +221,7 @@ exports.getPublicExponent = async (input) => {
 * ```
 */

-exports.readCsrDomains = async (csr) => {
+export const readCsrDomains = async (csr) => {
    if (!Buffer.isBuffer(csr)) {
        csr = Buffer.from(csr);
    }
@@ -251,7 +249,7 @@ exports.readCsrDomains = async (csr) => {
 * ```
 */

-exports.readCertificateInfo = async (cert) => {
+export const readCertificateInfo = async (cert) => {
    if (!Buffer.isBuffer(cert)) {
        cert = Buffer.from(cert);
    }
@@ -379,7 +377,7 @@ function formatCsrAltNames(altNames) {
 * }, certificateKey);
 */

-exports.createCsr = async (data, keyType = null) => {
+export const createCsr = async (data, keyType = null) => {
    let key = null;
    if (keyType === 'ec') {
        key = await createPrivateEcdsaKey();
--- a/packages/core/acme-client/src/crypto/index.js
+++ b/packages/core/acme-client/src/crypto/index.js
@@ -3,12 +3,12 @@
 *
 * @namespace crypto
 */
+import  net from 'net';
+import { promisify } from 'util';
+import crypto from 'crypto';
+import asn1js from 'asn1js';
+import x509 from '@peculiar/x509';

-const net = require('net');
-const { promisify } = require('util');
-const crypto = require('crypto');
-const asn1js = require('asn1js');
-const x509 = require('@peculiar/x509');

 const randomInt = promisify(crypto.randomInt);
 const generateKeyPair = promisify(crypto.generateKeyPair);
@@ -67,7 +67,7 @@ function getKeyInfo(keyPem) {
 * ```
 */

-async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
+export async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8') {
    const pair = await generateKeyPair('rsa', {
        modulusLength,
        privateKeyEncoding: {
@@ -79,7 +79,6 @@ async function createPrivateRsaKey(modulusLength = 2048, encodingType = 'pkcs8')
    return Buffer.from(pair.privateKey);
 }

-exports.createPrivateRsaKey = createPrivateRsaKey;

 /**
 * Alias of `createPrivateRsaKey()`
@@ -87,7 +86,7 @@ exports.createPrivateRsaKey = createPrivateRsaKey;
 * @function
 */

-exports.createPrivateKey = createPrivateRsaKey;
+export const createPrivateKey = createPrivateRsaKey;

 /**
 * Generate a private ECDSA key
@@ -106,7 +105,7 @@ exports.createPrivateKey = createPrivateRsaKey;
 * ```
 */

-exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
+export const createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkcs8') => {
    const pair = await generateKeyPair('ec', {
        namedCurve,
        privateKeyEncoding: {
@@ -130,7 +129,7 @@ exports.createPrivateEcdsaKey = async (namedCurve = 'P-256', encodingType = 'pkc
 * ```
 */

-exports.getPublicKey = (keyPem) => {
+export const getPublicKey = (keyPem) => {
    const info = getKeyInfo(keyPem);

    const publicKey = info.publicKey.export({
@@ -155,7 +154,7 @@ exports.getPublicKey = (keyPem) => {
 * ```
 */

-function getJwk(keyPem) {
+export function getJwk(keyPem) {
    const jwk = crypto.createPublicKey(keyPem).export({
        format: 'jwk',
    });
@@ -167,7 +166,6 @@ function getJwk(keyPem) {
    }, {});
 }

-exports.getJwk = getJwk;

 /**
 * Produce CryptoKeyPair and signing algorithm from a PEM encoded private key
@@ -215,7 +213,7 @@ async function getWebCryptoKeyPair(keyPem) {
 * @returns {string[]} Array of PEM objects including headers
 */

-function splitPemChain(chainPem) {
+export function splitPemChain(chainPem) {
    if (Buffer.isBuffer(chainPem)) {
        chainPem = chainPem.toString();
    }
@@ -225,7 +223,6 @@ function splitPemChain(chainPem) {
        .map((params) => x509.PemConverter.encode([params]));
 }

-exports.splitPemChain = splitPemChain;

 /**
 * Parse body of PEM encoded object and return a Base64URL string
@@ -235,7 +232,7 @@ exports.splitPemChain = splitPemChain;
 * @returns {string} Base64URL-encoded body
 */

-exports.getPemBodyAsB64u = (pem) => {
+export const getPemBodyAsB64u = (pem) => {
    const chain = splitPemChain(pem);

    if (!chain.length) {
@@ -286,7 +283,7 @@ function parseDomains(input) {
 * ```
 */

-exports.readCsrDomains = (csrPem) => {
+export const readCsrDomains = (csrPem) => {
    if (Buffer.isBuffer(csrPem)) {
        csrPem = csrPem.toString();
    }
@@ -315,7 +312,7 @@ exports.readCsrDomains = (csrPem) => {
 * ```
 */

-exports.readCertificateInfo = (certPem) => {
+export const readCertificateInfo = (certPem) => {
    if (Buffer.isBuffer(certPem)) {
        certPem = certPem.toString();
    }
@@ -449,7 +446,7 @@ function createSubjectAltNameExtension(altNames) {
 * ```
 */

-exports.createCsr = async (data, keyPem = null) => {
+export const createCsr = async (data, keyPem = null) => {
    if (!keyPem) {
        keyPem = await createPrivateRsaKey(data.keySize);
    }
@@ -520,7 +517,7 @@ exports.createCsr = async (data, keyPem = null) => {
 * ```
 */

-exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
+export const createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) => {
    if (!keyPem) {
        keyPem = await createPrivateRsaKey();
    }
@@ -583,7 +580,7 @@ exports.createAlpnCertificate = async (authz, keyAuthorization, keyPem = null) =
 * @returns {boolean} True when valid
 */

-exports.isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
+export const isAlpnCertificateAuthorizationValid = (certPem, keyAuthorization) => {
    const expected = crypto.createHash('sha256').update(keyAuthorization).digest('hex');

    /* Attempt to locate ALPN extension */
--- a/packages/core/acme-client/src/error.js
+++ b/packages/core/acme-client/src/error.js
@@ -0,0 +1,7 @@
+export class CancelError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'CancelError';
+    }
+}
+
--- a/packages/core/acme-client/src/http.js
+++ b/packages/core/acme-client/src/http.js
@@ -1,23 +1,11 @@
 /**
 * ACME HTTP client
 */
-
-const { createHmac, createSign, constants: { RSA_PKCS1_PADDING } } = require('crypto');
-const { HttpsProxyAgent } = require('https-proxy-agent');
-const { getJwk } = require('./crypto');
-const { log } = require('./logger');
-const axios1 = require('./axios');
-
-const httpsProxy = process.env.HTTPS_PROXY || process.env.https_proxy;
-let httpsAgent = null;
-if (httpsProxy) {
-    httpsAgent = new HttpsProxyAgent(httpsProxy);
-    log(`use https_proxy:${httpsProxy}`);
-}
-const axios = axios1.create({
-    proxy: false,
-    httpsAgent,
-});
+import { createHmac, createSign, constants } from 'crypto';
+const { RSA_PKCS1_PADDING } = constants;
+import axios from './axios.js';
+import { log } from './logger.js';
+import { getJwk } from './crypto/index.js';

 /**
 * ACME HTTP client
@@ -336,4 +324,4 @@ class HttpClient {
 }

 /* Export client */
-module.exports = HttpClient;
+export default HttpClient;
--- a/packages/core/acme-client/src/index.js
+++ b/packages/core/acme-client/src/index.js
@@ -1,14 +1,14 @@
 /**
 * acme-client
 */
-
-exports.Client = require('./client');
+import AcmeClinet  from './client.js'
+export const Client = AcmeClinet

 /**
 * Directory URLs
 */

-exports.directory = {
+export const directory = {
    buypass: {
        staging: 'https://api.test4.buypass.no/acme/directory',
        production: 'https://api.buypass.com/acme/directory',
@@ -31,19 +31,18 @@ exports.directory = {
 * Crypto
 */

-exports.crypto = require('./crypto');
-exports.forge = require('./crypto/forge');
+export * as crypto from './crypto/index.js'
+export * as forge from './crypto/forge.js'

 /**
 * Axios
 */

-exports.axios = require('./axios');
-
+export *  from './axios.js'
 /**
 * Logger
 */

-exports.setLogger = require('./logger').setLogger;
-
-exports.walkTxtRecord = require('./verify').walkTxtRecord;
+export * from './logger.js'
+export * from './verify.js'
+export * from './error.js'
--- a/packages/core/acme-client/src/logger.js
+++ b/packages/core/acme-client/src/logger.js
@@ -2,7 +2,8 @@
 * ACME logger
 */

-const debug = require('debug')('acme-client');
+import debugg from 'debug'
+const debug = debugg('acme-client');

 let logger = () => {};

@@ -12,7 +13,7 @@ let logger = () => {};
 * @param {function} fn Logger function
 */

-exports.setLogger = (fn) => {
+export const setLogger = (fn) => {
    logger = fn;
 };

@@ -22,7 +23,7 @@ exports.setLogger = (fn) => {
 * @param {string} msg Message
 */

-exports.log = (msg) => {
-    debug(msg);
-    logger(msg);
+export const  log = (...msg) => {
+    debug(...msg);
+    logger(...msg);
 };
--- a/packages/core/acme-client/src/util.js
+++ b/packages/core/acme-client/src/util.js
@@ -2,11 +2,12 @@
 * Utility methods
 */

-const tls = require('tls');
-const dns = require('dns').promises;
-const { readCertificateInfo, splitPemChain } = require('./crypto');
-const { log } = require('./logger');
+import tls from 'tls';
+import dnsSdk from 'dns';
+import { readCertificateInfo, splitPemChain }from './crypto/index.js'
+import { log } from './logger.js'

+const dns = dnsSdk.promises;
 /**
 * Exponential backoff
 *
@@ -329,7 +330,7 @@ async function retrieveTlsAlpnCertificate(host, port, timeout = 30000) {
 * Export utils
 */

-module.exports = {
+export {
    retry,
    parseLinkHeader,
    parseRetryAfterHeader,
@@ -338,3 +339,4 @@ module.exports = {
    getAuthoritativeDnsResolver,
    retrieveTlsAlpnCertificate,
 };
+
--- a/packages/core/acme-client/src/verify.js
+++ b/packages/core/acme-client/src/verify.js
@@ -2,13 +2,15 @@
 * ACME challenge verification
 */

-const dns = require('dns').promises;
-const https = require('https');
-const { log } = require('./logger');
-const axios = require('./axios');
-const util = require('./util');
-const { isAlpnCertificateAuthorizationValid } = require('./crypto');
+import dnsSdk from "dns"
+import https from 'https'
+import {log} from './logger.js'
+import axios from './axios.js'
+import * as util from './util.js'
+import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'

+
+const dns = dnsSdk.promises
 /**
 * Verify ACME HTTP challenge
 *
@@ -79,7 +81,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
    }
 }

-async function walkTxtRecord(recordName) {
+export async function walkTxtRecord(recordName) {
    try {
        /* Default DNS resolver first */
        log('Attempting to resolve TXT with default DNS resolver first');
@@ -153,9 +155,8 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
 * Export API
 */

-module.exports = {
+export default {
    'http-01': verifyHttpChallenge,
    'dns-01': verifyDnsChallenge,
    'tls-alpn-01': verifyTlsAlpnChallenge,
-    walkTxtRecord,
 };
--- a/packages/core/acme-client/src/wait.js
+++ b/packages/core/acme-client/src/wait.js
@@ -1,9 +1,5 @@
-async function wait(ms) {
+export async function wait(ms) {
    return new Promise((resolve) => {
        setTimeout(resolve, ms);
    });
 }
-
-module.exports = {
-    wait
-};
--- a/packages/core/acme-client/tsconfig.json
+++ b/packages/core/acme-client/tsconfig.json
@@ -1,13 +0,0 @@
-{
-    "compileOnSave": false,
-    "compilerOptions": {
-        "module": "commonjs",
-        "lib": ["es6"],
-        "strict": true,
-        "noEmit": false,
-        "esModuleInterop": true,
-        "baseUrl": ".",
-        "composite": true,
-        "paths": { "acme-client": ["."] }
-    }
-}
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -37,6 +37,7 @@ export type UrlMapping={
 */

 export interface ClientOptions {
+    sslProvider:string;
    directoryUrl: string;
    accountKey: PrivateKeyBuffer | PrivateKeyString;
    accountUrl?: string;
@@ -192,10 +193,13 @@ export const forge: CryptoLegacyInterface;

 export const axios: AxiosInstance;

+export const agents: any;
 /**
 * Logger
 */

-export function setLogger(fn: (msg: string) => void): void;
+export function setLogger(fn: (message: any, ...args: any[]) => void): void;

 export function walkTxtRecord(record: any): Promise<string[]>;
+
+export const CancelError: Error;
--- a/packages/core/acme-client/types/index.test-d.js
+++ b/packages/core/acme-client/types/index.test-d.js
@@ -0,0 +1,137 @@
+"use strict";
+/**
+ * acme-client type definition tests
+ */
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
+    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+var acme = require("acme-client");
+(function () { return __awaiter(void 0, void 0, void 0, function () {
+    var accountKey, client, order, authorizations, authorization, challenge, _a, certKey, certCsr;
+    return __generator(this, function (_b) {
+        switch (_b.label) {
+            case 0: return [4 /*yield*/, acme.crypto.createPrivateKey()];
+            case 1:
+                accountKey = _b.sent();
+                client = new acme.Client({
+                    accountKey: accountKey,
+                    directoryUrl: acme.directory.letsencrypt.staging
+                });
+                /* Account */
+                return [4 /*yield*/, client.createAccount({
+                        termsOfServiceAgreed: true,
+                        contact: ['mailto:test@example.com']
+                    })];
+            case 2:
+                /* Account */
+                _b.sent();
+                return [4 /*yield*/, client.createOrder({
+                        identifiers: [
+                            { type: 'dns', value: 'example.com' },
+                            { type: 'dns', value: '*.example.com' },
+                        ]
+                    })];
+            case 3:
+                order = _b.sent();
+                return [4 /*yield*/, client.getOrder(order)];
+            case 4:
+                _b.sent();
+                return [4 /*yield*/, client.getAuthorizations(order)];
+            case 5:
+                authorizations = _b.sent();
+                authorization = authorizations[0];
+                challenge = authorization.challenges[0];
+                return [4 /*yield*/, client.getChallengeKeyAuthorization(challenge)];
+            case 6:
+                _b.sent();
+                return [4 /*yield*/, client.verifyChallenge(authorization, challenge)];
+            case 7:
+                _b.sent();
+                return [4 /*yield*/, client.completeChallenge(challenge)];
+            case 8:
+                _b.sent();
+                return [4 /*yield*/, client.waitForValidStatus(challenge)];
+            case 9:
+                _b.sent();
+                return [4 /*yield*/, acme.crypto.createCsr({
+                        commonName: 'example.com',
+                        altNames: ['example.com', '*.example.com']
+                    })];
+            case 10:
+                _a = _b.sent(), certKey = _a[0], certCsr = _a[1];
+                return [4 /*yield*/, client.finalizeOrder(order, certCsr)];
+            case 11:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order)];
+            case 12:
+                _b.sent();
+                return [4 /*yield*/, client.getCertificate(order, 'DST Root CA X3')];
+            case 13:
+                _b.sent();
+                /* Auto */
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 14:
+                /* Auto */
+                _b.sent();
+                return [4 /*yield*/, client.auto({
+                        csr: certCsr,
+                        email: 'test@example.com',
+                        termsOfServiceAgreed: false,
+                        skipChallengeVerification: false,
+                        challengePriority: ['http-01', 'dns-01'],
+                        preferredChain: 'DST Root CA X3',
+                        challengeCreateFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); },
+                        challengeRemoveFn: function (authz, challenge, keyAuthorization) { return __awaiter(void 0, void 0, void 0, function () { return __generator(this, function (_a) {
+                            return [2 /*return*/];
+                        }); }); }
+                    })];
+            case 15:
+                _b.sent();
+                return [2 /*return*/];
+        }
+    });
+}); })();
--- a/packages/core/basic/.npmrc
+++ b/packages/core/basic/.npmrc
@@ -1,2 +1,2 @@
-link-workspace-packages=true
+link-workspace-packages=deep
 prefer-workspace-packages=true
--- a/packages/core/basic/CHANGELOG.md
+++ b/packages/core/basic/CHANGELOG.md
@@ -3,6 +3,113 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.28.3](https://github.com/certd/certd/compare/v1.28.2...v1.28.3) (2024-12-12)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.2](https://github.com/certd/certd/compare/v1.28.1...v1.28.2) (2024-12-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.28.1](https://github.com/certd/certd/compare/v1.28.0...v1.28.1) (2024-12-08)
+
+### Performance Improvements
+
+* 通知选择器优化 ([2c0cbdd](https://github.com/certd/certd/commit/2c0cbdd29ecb74cc939b2ae7ee86b8d40f70ba31))
+
+# [1.28.0](https://github.com/certd/certd/compare/v1.27.9...v1.28.0) (2024-11-30)
+
+### Performance Improvements
+
+* 优化证书申请成功通知发送方式 ([8002a56](https://github.com/certd/certd/commit/8002a56efc5998aa03db5711ae87f9eb4bc9e160))
+* 支持短信验证码登录 ([387bcc5](https://github.com/certd/certd/commit/387bcc5fa418cdeea81a06da5e3f8cd6b43cd082))
+
+## [1.27.9](https://github.com/certd/certd/compare/v1.27.8...v1.27.9) (2024-11-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.8](https://github.com/certd/certd/compare/v1.27.7...v1.27.8) (2024-11-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.7](https://github.com/certd/certd/compare/v1.27.6...v1.27.7) (2024-11-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.6](https://github.com/certd/certd/compare/v1.27.5...v1.27.6) (2024-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.5](https://github.com/certd/certd/compare/v1.27.4...v1.27.5) (2024-11-18)
+
+### Performance Improvements
+
+* 系统设置中的代理设置优化为可全局生效，环境变量中的https_proxy设置将无效 ([381a37f](https://github.com/certd/certd/commit/381a37fbaa6b61c887eda743897ae00afb825bdf))
+* 新手导航在非编辑模式下不显示 ([18bfcc2](https://github.com/certd/certd/commit/18bfcc24ad0bde57bb04db8a4209861ec6b8ff1d))
+* 优化腾讯云 cloudflare 重复解析记录时的返回值 ([90d1b68](https://github.com/certd/certd/commit/90d1b68bd6cf232fbe085234efe07d29b7690044))
+
+## [1.27.4](https://github.com/certd/certd/compare/v1.27.3...v1.27.4) (2024-11-14)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.27.3](https://github.com/certd/certd/compare/v1.27.2...v1.27.3) (2024-11-13)
+
+### Bug Fixes
+
+* 修复ipv6未开启情况下，请求带有ipv6地址域名报ETIMEDOUT的bug ([a9a0967](https://github.com/certd/certd/commit/a9a0967a6f1d0bd27e69f3ec52c31d90d470bc23))
+
+## [1.27.2](https://github.com/certd/certd/compare/v1.27.1...v1.27.2) (2024-11-08)
+
+### Performance Improvements
+
+* 支持公共cname服务 ([3c919ee](https://github.com/certd/certd/commit/3c919ee5d1aef5d26cf3620a7c49d920786bc941))
+
+## [1.27.1](https://github.com/certd/certd/compare/v1.27.0...v1.27.1) (2024-11-04)
+
+### Performance Improvements
+
+* cname 域名映射记录可读性优化 ([b1117ed](https://github.com/certd/certd/commit/b1117ed54a3ef015752999324ff72b821ef5e4b9))
+
+# [1.27.0](https://github.com/certd/certd/compare/v1.26.16...v1.27.0) (2024-10-31)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.26.16](https://github.com/certd/certd/compare/v1.26.15...v1.26.16) (2024-10-30)
+
+### Performance Improvements
+
+* 支持华为云cdn ([81a3fdb](https://github.com/certd/certd/commit/81a3fdbc29b71f380762008cc151493ec97458f9))
+
+## [1.26.15](https://github.com/certd/certd/compare/v1.26.14...v1.26.15) (2024-10-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.26.14](https://github.com/certd/certd/compare/v1.26.13...v1.26.14) (2024-10-26)
+
+### Bug Fixes
+
+* 修复启动时自签证书无法保存的bug ([526c484](https://github.com/certd/certd/commit/526c48450bcd37b3ccded9b448f17de8140bdc6e))
+
+## [1.26.13](https://github.com/certd/certd/compare/v1.26.12...v1.26.13) (2024-10-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.26.12](https://github.com/certd/certd/compare/v1.26.11...v1.26.12) (2024-10-25)
+
+### Performance Improvements
+
+* 新增部署到百度云CDN插件 ([f126f9f](https://github.com/certd/certd/commit/f126f9f932d37fa01fff1accc7bdd17d349f8db5))
+
+## [1.26.11](https://github.com/certd/certd/compare/v1.26.10...v1.26.11) (2024-10-23)
+
+### Bug Fixes
+
+* 申请证书没有使用到系统设置的http代理的bug ([3db216f](https://github.com/certd/certd/commit/3db216f515ba404cb4330fdab452971b22a50f08))
+
+## [1.26.10](https://github.com/certd/certd/compare/v1.26.9...v1.26.10) (2024-10-20)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.26.9](https://github.com/certd/certd/compare/v1.26.8...v1.26.9) (2024-10-19)

 **Note:** Version bump only for package @certd/basic
--- a/packages/core/basic/build.md
+++ b/packages/core/basic/build.md
@@ -1 +1 @@
-03:09
+12:05
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.26.9",
+  "version": "1.28.3",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,52 +17,31 @@
  "dependencies": {
    "axios": "^1.7.2",
    "dayjs": "^1.11.7",
-    "fix-path": "^4.0.0",
    "http-proxy-agent": "^7.0.2",
    "https-proxy-agent": "^7.0.5",
+    "iconv-lite": "^0.6.3",
    "lodash-es": "^4.17.21",
+    "log4js": "^6.9.1",
    "lru-cache": "^10.0.0",
    "nanoid": "^5.0.7",
    "node-forge": "^1.3.1",
-    "nodemailer": "^6.9.3",
-    "proxy-agent": "^6.4.0",
-    "qs": "^6.11.2"
+    "nodemailer": "^6.9.3"
  },
  "devDependencies": {
-    "@rollup/plugin-commonjs": "^23.0.4",
-    "@rollup/plugin-json": "^6.0.0",
-    "@rollup/plugin-node-resolve": "^15.0.1",
-    "@rollup/plugin-terser": "^0.4.3",
-    "@rollup/plugin-typescript": "^11.0.0",
    "@types/chai": "^4.3.10",
    "@types/lodash-es": "^4.17.12",
    "@types/mocha": "^10.0.1",
    "@types/node-forge": "^1.3.2",
-    "@types/uuid": "^9.0.2",
    "@typescript-eslint/eslint-plugin": "^5.59.7",
    "@typescript-eslint/parser": "^5.59.7",
    "chai": "4.3.10",
-    "dayjs": "^1.11.7",
    "eslint": "^8.41.0",
    "eslint-config-prettier": "^8.8.0",
-    "eslint-plugin-import": "^2.27.5",
-    "eslint-plugin-node": "^11.1.0",
    "eslint-plugin-prettier": "^4.2.1",
-    "iconv-lite": "^0.6.3",
-    "log4js": "^6.9.1",
-    "mocha": "^10.2.0",
    "prettier": "^2.8.8",
-    "reflect-metadata": "^0.1.13",
    "rimraf": "^5.0.5",
-    "rollup": "^3.7.4",
-    "rollup-plugin-typescript2": "^0.34.1",
-    "rollup-plugin-visualizer": "^5.8.2",
-    "ts-node": "^10.9.1",
-    "tsc-esm-fix": "^3.0.0",
-    "tslib": "^2.5.2",
-    "typescript": "^5.4.2",
-    "vite": "^4.3.8",
-    "vue-tsc": "^1.6.5"
+    "tslib": "^2.8.1",
+    "typescript": "^5.4.2"
  },
-  "gitHead": "fc42ade63fab71fb273981b712c09d6a858f0a0f"
+  "gitHead": "e5c164065cef75a6813a4ff48b2167a966dce112"
 }
--- a/packages/core/basic/src/index.ts
+++ b/packages/core/basic/src/index.ts
@@ -1 +1,2 @@
 export * from './utils/index.js';
+export * from './utils/util.id.js';
--- a/packages/core/basic/src/utils/index.ts
+++ b/packages/core/basic/src/utils/index.ts
@@ -1,4 +1,5 @@
 export * from './util.request.js';
+export * from './util.env.js';
 export * from './util.log.js';
 export * from './util.file.js';
 export * from './util.sp.js';
@@ -6,9 +7,11 @@ export * from './util.promise.js';
 export * from './util.hash.js';
 export * from './util.merge.js';
 export * from './util.cache.js';
+export * from './util.string.js';
+import { stringUtils } from './util.string.js';
 import sleep from './util.sleep.js';
-import { http } from './util.request.js';
-import { nanoid } from 'nanoid';
+import { http, download } from './util.request.js';
+
 import { mergeUtils } from './util.merge.js';
 import { sp } from './util.sp.js';
 import { hashUtils } from './util.hash.js';
@@ -17,10 +20,14 @@ import { fileUtils } from './util.file.js';
 import * as _ from 'lodash-es';
 import { cache } from './util.cache.js';
 import dayjs from 'dayjs';
-
+import { domainUtils } from './util.domain.js';
+import { optionsUtils } from './util.options.js';
+import { nanoid } from 'nanoid';
+import * as id from './util.id.js';
 export const utils = {
  sleep,
  http,
+  download,
  sp,
  hash: hashUtils,
  promises,
@@ -29,5 +36,9 @@ export const utils = {
  mergeUtils,
  cache,
  nanoid,
+  id,
  dayjs,
+  domain: domainUtils,
+  options: optionsUtils,
+  string: stringUtils,
 };
--- a/packages/core/basic/src/utils/util.cache.ts
+++ b/packages/core/basic/src/utils/util.cache.ts
@@ -1,6 +1,6 @@
 // LRUCache

-import { LRUCache } from "lru-cache";
+import { LRUCache } from 'lru-cache';

 export const cache = new LRUCache<string, any>({
  max: 1000,
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 :17
 :52
@@ -1 +1 @@
 :09
 :05