v1.35.0

feat: AWS 中国区 CloudFront 证书部署（IAM 证书） @wifi9984

CHANGELOG.md

@@ -3,6 +3,14 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Bug Fixes

build.trigger

@@ -1 +1 @@
-23:57
+23:51

docs/guide/changelogs/CHANGELOG.md

@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
 ## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
 
 ### Bug Fixes

lerna.json

@@ -9,5 +9,5 @@
     }
   },
   "npmClient": "pnpm",
-  "version": "1.34.11"
+  "version": "1.35.0"
 }

packages/core/acme-client/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Bug Fixes

packages/core/acme-client/package.json

@@ -3,7 +3,7 @@
     "description": "Simple and unopinionated ACME client",
     "private": false,
     "author": "nmorsman",
-    "version": "1.34.11",
+    "version": "1.35.0",
     "type": "module",
     "module": "scr/index.js",
     "main": "src/index.js",
@@ -18,7 +18,7 @@
         "types"
     ],
     "dependencies": {
-        "@certd/basic": "^1.34.11",
+        "@certd/basic": "^1.35.0",
         "@peculiar/x509": "^1.11.0",
         "asn1js": "^3.0.5",
         "axios": "^1.7.2",
@@ -69,5 +69,5 @@
     "bugs": {
         "url": "https://github.com/publishlab/node-acme-client/issues"
     },
-    "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+    "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/core/basic/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/basic

packages/core/basic/build.md

@@ -1 +1 @@
-23:48
+00:09

packages/core/basic/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/basic",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -45,5 +45,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/core/pipeline/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/pipeline

packages/core/pipeline/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/pipeline",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,8 +17,8 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/basic": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "dayjs": "^1.11.7",
     "lodash-es": "^4.17.21",
     "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-huawei/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/lib-huawei

packages/libs/lib-huawei/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-huawei",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
   "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
     "prettier": "^2.8.8",
     "tslib": "^2.8.1"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-iframe/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/lib-iframe

packages/libs/lib-iframe/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-iframe",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -31,5 +31,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-jdcloud/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/jdcloud

packages/libs/lib-jdcloud/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/jdcloud",
-  "version": "1.34.11",
+  "version": "1.35.0",
   "description": "jdcloud openApi sdk",
   "main": "./dist/bundle.js",
   "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
       "fetch"
     ]
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-k8s/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/lib-k8s

packages/libs/lib-k8s/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/lib-k8s",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "module": "./dist/index.js",
@@ -17,7 +17,7 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/basic": "^1.34.11",
+    "@certd/basic": "^1.35.0",
     "@kubernetes/client-node": "0.21.0"
   },
   "devDependencies": {
@@ -32,5 +32,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/lib-server/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Performance Improvements

packages/libs/lib-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/lib-server",
-  "version": "1.34.11",
+  "version": "1.35.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -27,10 +27,10 @@
   ],
   "license": "AGPL",
   "dependencies": {
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "@midwayjs/cache": "~3.14.0",
     "@midwayjs/core": "~3.20.3",
     "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/libs/midway-flyway-js/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/midway-flyway-js

packages/libs/midway-flyway-js/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/midway-flyway-js",
-  "version": "1.34.11",
+  "version": "1.35.0",
   "description": "midway with flyway, sql upgrade way ",
   "private": false,
   "type": "module",
@@ -46,5 +46,5 @@
     "typeorm": "^0.3.11",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/plugins/plugin-cert/CHANGELOG.md

@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Bug Fixes

packages/plugins/plugin-cert/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-cert",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -16,10 +16,10 @@
     "pub": "npm publish"
   },
   "dependencies": {
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plugin-lib": "^1.34.11",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plugin-lib": "^1.35.0",
     "@google-cloud/publicca": "^1.3.0",
     "dayjs": "^1.11.7",
     "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts

@@ -80,17 +80,29 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   legoEabAccessId!: number;
 
   @TaskInput({
-    title: "自定义LEGO参数",
+    title: "自定义LEGO全局参数",
     component: {
       name: "a-input",
       vModel: "value",
       placeholder: "--dns-timeout 30",
     },
-    helper: "额外的lego命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    helper: "额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
     maybeNeed: true,
   })
   customArgs = "";
 
+  @TaskInput({
+    title: "自定义LEGO签名参数",
+    component: {
+      name: "a-input",
+      vModel: "value",
+      placeholder: "--no-bundle",
+    },
+    helper: "额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    maybeNeed: true,
+  })
+  customCommandOptions = "";
+
   @TaskInput({
     title: "加密算法",
     value: "ec256",
@@ -205,7 +217,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
     if (this.acmeServer) {
       serverArgs = ` --server ${this.acmeServer}`;
     }
-    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs}  ${this.customArgs || ""} run`];
+    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs} ${this.customArgs || ""} run ${this.customCommandOptions || ""}`];
 
     await this.ctx.utils.sp.spawn({
       cmd: cmds,

packages/plugins/plugin-lib/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 **Note:** Version bump only for package @certd/plugin-lib

packages/plugins/plugin-lib/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@certd/plugin-lib",
   "private": false,
-  "version": "1.34.11",
+  "version": "1.35.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -20,8 +20,8 @@
     "@alicloud/pop-core": "^1.7.10",
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
+    "@certd/basic": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
     "@kubernetes/client-node": "0.21.0",
     "ali-oss": "^6.22.0",
     "basic-ftp": "^5.0.5",
@@ -52,5 +52,5 @@
     "tslib": "^2.8.1",
     "typescript": "^5.4.2"
   },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "ab3a3156f24d7fc70f8a907c5f6fc754413a89d6"
 }

packages/ui/certd-client/CHANGELOG.md

@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/ui-client
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Bug Fixes

packages/ui/certd-client/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-client",
-  "version": "1.34.11",
+  "version": "1.35.0",
   "private": true,
   "scripts": {
     "dev": "vite --open",
@@ -102,8 +102,8 @@
     "zod-defaults": "^0.1.3"
   },
   "devDependencies": {
-    "@certd/lib-iframe": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
+    "@certd/lib-iframe": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
     "@rollup/plugin-commonjs": "^25.0.7",
     "@rollup/plugin-node-resolve": "^15.2.3",
     "@types/chai": "^4.3.12",

packages/ui/certd-server/CHANGELOG.md

@@ -3,6 +3,13 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
 
 ### Bug Fixes

packages/ui/certd-server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@certd/ui-server",
-  "version": "1.34.11",
+  "version": "1.35.0",
   "description": "fast-server base midway",
   "private": true,
   "type": "module",
@@ -40,21 +40,22 @@
     "@alicloud/tea-util": "^1.4.10",
     "@aws-sdk/client-acm": "^3.699.0",
     "@aws-sdk/client-cloudfront": "^3.699.0",
+    "@aws-sdk/client-iam": "^3.699.0",
     "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/commercial-core": "^1.34.11",
+    "@certd/acme-client": "^1.35.0",
+    "@certd/basic": "^1.35.0",
+    "@certd/commercial-core": "^1.35.0",
     "@certd/cv4pve-api-javascript": "^8.4.1",
-    "@certd/jdcloud": "^1.34.11",
-    "@certd/lib-huawei": "^1.34.11",
-    "@certd/lib-k8s": "^1.34.11",
-    "@certd/lib-server": "^1.34.11",
-    "@certd/midway-flyway-js": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plugin-cert": "^1.34.11",
-    "@certd/plugin-lib": "^1.34.11",
-    "@certd/plugin-plus": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/jdcloud": "^1.35.0",
+    "@certd/lib-huawei": "^1.35.0",
+    "@certd/lib-k8s": "^1.35.0",
+    "@certd/lib-server": "^1.35.0",
+    "@certd/midway-flyway-js": "^1.35.0",
+    "@certd/pipeline": "^1.35.0",
+    "@certd/plugin-cert": "^1.35.0",
+    "@certd/plugin-lib": "^1.35.0",
+    "@certd/plugin-plus": "^1.35.0",
+    "@certd/plus-core": "^1.35.0",
     "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
     "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
     "@koa/cors": "^5.0.0",

packages/ui/certd-server/src/plugins/index.ts

@@ -14,6 +14,7 @@ export * from './plugin-cachefly/index.js';
 export * from './plugin-gcore/index.js';
 export * from './plugin-qnap/index.js';
 export * from './plugin-aws/index.js';
+export * from './plugin-aws-cn/index.js';
 export * from './plugin-dnsla/index.js';
 export * from './plugin-upyun/index.js';
 export * from './plugin-volcengine/index.js'

packages/ui/certd-server/src/plugins/plugin-aws-cn/access.ts

@@ -0,0 +1,38 @@
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+
+export const AwsCNRegions = [
+  { label: 'cn-north-1', value: 'cn-north-1' },
+  { label: 'cn-northwest-1', value: 'cn-northwest-1' },
+];
+
+@IsAccess({
+  name: 'aws-cn',
+  title: '亚马逊云科技（国区）授权',
+  desc: '',
+  icon: 'svg:icon-aws',
+})
+export class AwsCNAccess extends BaseAccess {
+  @AccessInput({
+    title: 'accessKeyId',
+    component: {
+      placeholder: 'accessKeyId',
+    },
+    helper:
+      '右上角->安全凭证->访问密钥，[点击前往](https://cn-north-1.console.amazonaws.cn/iam/home?region=cn-north-1#/security_credentials/access-key-wizard#)',
+    required: true,
+  })
+  accessKeyId = '';
+
+  @AccessInput({
+    title: 'secretAccessKey',
+    component: {
+      placeholder: 'secretAccessKey',
+    },
+    required: true,
+    encrypt: true,
+    helper: '请妥善保管您的安全访问密钥。您可以在AWS管理控制台的IAM中创建新的访问密钥。',
+  })
+  secretAccessKey = '';
+}
+
+new AwsCNAccess();

packages/ui/certd-server/src/plugins/plugin-aws-cn/index.ts

@@ -0,0 +1,2 @@
+export * from './plugins/index.js';
+export * from './access.js';

packages/ui/certd-server/src/plugins/plugin-aws-cn/libs/aws-iam-client.ts

@@ -0,0 +1,42 @@
+// 导入所需的 SDK 模块
+import { AwsCNAccess } from '../access.js';
+import { CertInfo } from '@certd/plugin-cert';
+
+type AwsIAMClientOptions = { access: AwsCNAccess; region: string };
+
+export class AwsIAMClient {
+  options: AwsIAMClientOptions;
+  access: AwsCNAccess;
+  region: string;
+  constructor(options: AwsIAMClientOptions) {
+    this.options = options;
+    this.access = options.access;
+    this.region = options.region;
+  }
+  async importCertificate(certInfo: CertInfo, certName: string) {
+    // 创建 IAM 客户端
+    const { IAMClient, UploadServerCertificateCommand } = await import('@aws-sdk/client-iam');
+    const iamClient = new IAMClient({
+      region: this.region, // 替换为您的 AWS 区域
+      credentials: {
+        accessKeyId: this.access.accessKeyId, // 从环境变量中读取
+        secretAccessKey: this.access.secretAccessKey,
+      },
+    });
+
+    const cert = certInfo.crt.split('-----END CERTIFICATE-----')[0] + '-----END CERTIFICATE-----';
+    const chain = certInfo.crt.split('-----END CERTIFICATE-----\n')[1];
+    // 构建上传参数
+    const command = new UploadServerCertificateCommand({
+      Path: '/cloudfront/',
+      ServerCertificateName: certName,
+      CertificateBody: cert,
+      PrivateKey: certInfo.key,
+      CertificateChain: chain
+    })
+    const data = await iamClient.send(command);
+    console.log('Upload successful:', data);
+    // 返回证书 ID
+    return data.ServerCertificateMetadata.ServerCertificateId;
+  }
+}

packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/index.ts

@@ -0,0 +1 @@
+export * from './plugin-deploy-to-cloudfront.js';

packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/plugin-deploy-to-cloudfront.ts

@@ -0,0 +1,164 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { AwsCNAccess, AwsCNRegions } from "../access.js";
+import { AwsIAMClient } from "../libs/aws-iam-client.js";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+
+@IsTaskPlugin({
+  name: 'AwsCNDeployToCloudFront',
+  title: 'AWS(国区)-部署证书到CloudFront',
+  desc: '部署证书到 AWS CloudFront',
+  icon: 'svg:icon-aws',
+  group: pluginGroups.aws.key,
+  needPlus: false,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: [...CertApplyPluginNames, 'AwsUploadToACM'],
+    },
+    required: true,
+  })
+  cert!: CertInfo | string;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+  @TaskInput({
+    title: '区域',
+    helper: '证书上传区域',
+    component: {
+      name: 'a-auto-complete',
+      vModel: 'value',
+      options: AwsCNRegions,
+    },
+    required: true,
+  })
+  region!: string;
+
+  @TaskInput({
+    title: 'Access授权',
+    helper: 'aws的授权',
+    component: {
+      name: 'access-selector',
+      type: 'aws-cn',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  @TaskInput({
+    title: '证书名称',
+    helper: '上传后将以此名称作为前缀备注',
+  })
+  certName!: string;
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: '分配ID',
+      helper: '请选择distributions id',
+      action: AwsCNDeployToCloudFront.prototype.onGetDistributions.name,
+      required: true,
+    })
+  )
+  distributionIds!: string[];
+
+  async onInstance() {}
+
+  async execute(): Promise<void> {
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+
+    let certId = this.cert as string;
+    if (typeof this.cert !== 'string') {
+      //先上传
+      certId = await this.uploadToIAM(access, this.cert);
+    }
+    //部署到CloudFront
+
+    const { CloudFrontClient, UpdateDistributionCommand, GetDistributionConfigCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+
+    // update-distribution
+    for (const distributionId of this.distributionIds) {
+      // get-distribution-config
+      const getDistributionConfigCommand = new GetDistributionConfigCommand({
+        Id: distributionId,
+      });
+
+      const configData = await cloudFrontClient.send(getDistributionConfigCommand);
+      const updateDistributionCommand = new UpdateDistributionCommand({
+        DistributionConfig: {
+          ...configData.DistributionConfig,
+          ViewerCertificate: {
+            ...configData.DistributionConfig.ViewerCertificate,
+            IAMCertificateId: certId,
+          },
+        },
+        Id: distributionId,
+        IfMatch: configData.ETag,
+      });
+      await cloudFrontClient.send(updateDistributionCommand);
+      this.logger.info(`部署${distributionId}完成:`);
+    }
+    this.logger.info('部署完成');
+  }
+
+  private async uploadToIAM(access: AwsCNAccess, cert: CertInfo) {
+    const acmClient = new AwsIAMClient({
+      access,
+      region: this.region,
+    });
+    const awsCertID = await acmClient.importCertificate(cert, this.appendTimeSuffix(this.certName));
+    this.logger.info('证书上传成功,id=', awsCertID);
+    return awsCertID;
+  }
+
+  //查找分配ID列表选项
+  async onGetDistributions() {
+    if (!this.accessId) {
+      throw new Error('请选择Access授权');
+    }
+
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+    const { CloudFrontClient, ListDistributionsCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+    // list-distributions
+    const listDistributionsCommand = new ListDistributionsCommand({});
+    const data = await cloudFrontClient.send(listDistributionsCommand);
+    const distributions = data.DistributionList?.Items;
+    if (!distributions || distributions.length === 0) {
+      throw new Error('找不到CloudFront分配ID，您可以手动输入');
+    }
+
+    const options = distributions.map((item: any) => {
+      return {
+        value: item.Id,
+        label: `${item.DomainName}<${item.Id}>`,
+        domain: item.DomainName,
+      };
+    });
+    return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
+  }
+}
+
+new AwsCNDeployToCloudFront();

packages/ui/certd-server/src/plugins/plugin-proxmox/access.ts

@@ -58,6 +58,16 @@ export class ProxmoxAccess extends BaseAccess {
     encrypt: true,
   })
   password = '';
+
+  @AccessInput({
+    title: '领域',
+    component: {
+      placeholder: 'realm',
+    },
+    required: true,
+    encrypt: false,
+  })
+  realm = '';
 }
 
 new ProxmoxAccess();

packages/ui/certd-server/src/plugins/plugin-proxmox/plugins/plugin-upload.ts

@@ -95,7 +95,7 @@ export class ProxmoxUploadCert extends AbstractPlusTaskPlugin {
     const access: ProxmoxAccess = await this.getAccess<ProxmoxAccess>(this.accessId);
     const pve = await import('@certd/cv4pve-api-javascript');
     const client = new pve.PveClient(access.host, access.port);
-    const login = await client.login(access.username, access.password, 'pam');
+    const login = await client.login(access.username, access.password, access.realm || 'pam');
     if (!login) {
       throw new Error(`Login failed:${JSON.stringify(login)}`);
     }