v1.35.2

build: prepare to build
2026-04-13 11:50:57 +08:00 · 2025-06-09 23:57:04 +08:00 · 2025-06-09 23:54:50 +08:00 · 2025-06-09 23:50:44 +08:00 · 2025-06-09 23:50:19 +08:00 · 2025-06-09 23:41:44 +08:00
77 changed files with 2380 additions and 366 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,45 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Bug Fixes
--- a/build.trigger
+++ b/build.trigger
@@ -1 +1 @@
-23:57
+09:12
--- a/docs/guide/changelogs/CHANGELOG.md
+++ b/docs/guide/changelogs/CHANGELOG.md
@@ -3,6 +3,47 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
 ## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)

 ### Bug Fixes
--- a/lerna.json
+++ b/lerna.json
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.34.11"
+  "version": "1.35.2"
 }
--- a/packages/core/acme-client/CHANGELOG.md
+++ b/packages/core/acme-client/CHANGELOG.md
@@ -3,6 +3,20 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/publishlab/node-acme-client/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.1](https://github.com/publishlab/node-acme-client/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/publishlab/node-acme-client/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Bug Fixes
--- a/packages/core/acme-client/package.json
+++ b/packages/core/acme-client/package.json
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.34.11",
+    "version": "1.35.2",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.34.11",
+        "@certd/basic": "^1.35.2",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -69,5 +69,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+    "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -75,6 +75,9 @@ export default async (client, userOpts) => {

    log("[auto] Placing new certificate order with ACME provider");
    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+        orderPayload.profile = opts.profile;
+    }
    const order = await client.createOrder(orderPayload);
    const authorizations = await client.getAuthorizations(order);

@@ -213,12 +216,16 @@ export default async (client, userOpts) => {
        return promise;
    }

-    async function runPromisePa(tasks, waitTime = 5000) {
+    async function runPromisePa(tasks, waitTime = 8000) {
        const results = [];
+        let j = 0
        // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
        for (const task of tasks) {
+            j++
+            log(`开始第${j}个任务`);
            results.push(task());
            // eslint-disable-next-line no-await-in-loop
+            log(`wait ${waitTime}s`)
            await wait(waitTime);
        }
        return Promise.all(results);
@@ -242,6 +249,7 @@ export default async (client, userOpts) => {
                log(`跳过本地验证（skipChallengeVerification=true），等待 60s`);
                await wait(60 * 1000);
            } else {
+                log("开始本地校验")
                await runPromisePa(localVerifyTasks, 1000);
                log(`本地校验完成，等待${waitDnsDiffuseTime}s`)
                await wait(waitDnsDiffuseTime * 1000)
--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -90,10 +90,12 @@ const defaultOpts = {
 */

 class AcmeClient {
+    sslProvider
    constructor(opts) {
        if (!Buffer.isBuffer(opts.accountKey)) {
            opts.accountKey = Buffer.from(opts.accountKey);
        }
+        this.sslProvider = opts.sslProvider;

        this.opts = { ...defaultOpts, ...opts };
        this.backoffOpts = {
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -66,6 +66,7 @@ export interface ClientAutoOptions {
    challengePriority?: string[];
    preferredChain?: string;
    signal?: AbortSignal;
+    profile?:string;
 }

 export class Client {
--- a/packages/core/basic/CHANGELOG.md
+++ b/packages/core/basic/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/basic
--- a/packages/core/basic/build.md
+++ b/packages/core/basic/build.md
@@ -1 +1 @@
-23:48
+23:54
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/core/pipeline/CHANGELOG.md
+++ b/packages/core/pipeline/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/pipeline
--- a/packages/core/pipeline/package.json
+++ b/packages/core/pipeline/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,8 +17,8 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/basic": "^1.35.2",
+    "@certd/plus-core": "^1.35.2",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/lib-huawei/CHANGELOG.md
+++ b/packages/libs/lib-huawei/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/lib-huawei
--- a/packages/libs/lib-huawei/package.json
+++ b/packages/libs/lib-huawei/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/lib-iframe/CHANGELOG.md
+++ b/packages/libs/lib-iframe/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/lib-iframe
--- a/packages/libs/lib-iframe/package.json
+++ b/packages/libs/lib-iframe/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/lib-jdcloud/CHANGELOG.md
+++ b/packages/libs/lib-jdcloud/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/jdcloud
--- a/packages/libs/lib-jdcloud/package.json
+++ b/packages/libs/lib-jdcloud/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.34.11",
+  "version": "1.35.2",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
      "fetch"
    ]
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/lib-k8s/CHANGELOG.md
+++ b/packages/libs/lib-k8s/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/lib-k8s
--- a/packages/libs/lib-k8s/package.json
+++ b/packages/libs/lib-k8s/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.34.11",
+    "@certd/basic": "^1.35.2",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/lib-server/CHANGELOG.md
+++ b/packages/libs/lib-server/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Performance Improvements
--- a/packages/libs/lib-server/package.json
+++ b/packages/libs/lib-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.34.11",
+  "version": "1.35.2",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -27,10 +27,10 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/acme-client": "^1.35.2",
+    "@certd/basic": "^1.35.2",
+    "@certd/pipeline": "^1.35.2",
+    "@certd/plus-core": "^1.35.2",
    "@midwayjs/cache": "~3.14.0",
    "@midwayjs/core": "~3.20.3",
    "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/libs/midway-flyway-js/CHANGELOG.md
+++ b/packages/libs/midway-flyway-js/CHANGELOG.md
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/midway-flyway-js
--- a/packages/libs/midway-flyway-js/package.json
+++ b/packages/libs/midway-flyway-js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.34.11",
+  "version": "1.35.2",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/plugins/plugin-cert/CHANGELOG.md
+++ b/packages/plugins/plugin-cert/CHANGELOG.md
@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Bug Fixes
--- a/packages/plugins/plugin-cert/package.json
+++ b/packages/plugins/plugin-cert/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -16,10 +16,10 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plugin-lib": "^1.34.11",
+    "@certd/acme-client": "^1.35.2",
+    "@certd/basic": "^1.35.2",
+    "@certd/pipeline": "^1.35.2",
+    "@certd/plugin-lib": "^1.35.2",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -327,8 +327,9 @@ export class AcmeService {
    csrInfo: any;
    isTest?: boolean;
    privateKeyType?: string;
+    profile?: string;
  }): Promise<CertInfo> {
-    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options;
+    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options;
    const client: acme.Client = await this.getAcmeClient(email, isTest);

    let domains = options.domains;
@@ -400,6 +401,7 @@ export class AcmeService {
        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
      },
      signal: this.options.signal,
+      profile,
    });

    const crtString = crt.toString();
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
@@ -89,7 +89,10 @@ export class CertReader {

  getAllDomains() {
    const { detail } = this.getCrtDetail();
-    const domains = [detail.domains.commonName];
+    const domains = [];
+    if (detail.domains?.commonName) {
+      domains.push(detail.domains.commonName);
+    }
    domains.push(...detail.domains.altNames);
    //去重
    return uniq(domains);
@@ -102,12 +105,23 @@ export class CertReader {

  static getMainDomain(crt: string) {
    const { detail } = CertReader.readCertDetail(crt);
-    return detail.domains.commonName;
+    return CertReader.getMainDomainFromDetail(detail);
  }

  getMainDomain() {
    const { detail } = this.getCrtDetail();
-    return detail.domains.commonName;
+    return CertReader.getMainDomainFromDetail(detail);
+  }
+
+  static getMainDomainFromDetail(detail: CertificateInfo) {
+    let domain = detail?.domains?.commonName;
+    if (domain == null) {
+      domain = detail?.domains?.altNames?.[0];
+    }
+    if (domain == null) {
+      domain = "unknown";
+    }
+    return domain;
  }

  saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "one" | "ic" | "jks", filepath?: string) {
@@ -179,8 +193,7 @@ export class CertReader {
  }

  buildCertFileName(suffix: string, applyTime: any, prefix = "cert") {
-    const detail = this.getCrtDetail();
-    let domain = detail.detail.domains.commonName;
+    let domain = this.getMainDomain();
    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
    const timeStr = dayjs(applyTime).format("YYYYMMDDHHmmss");
    return `${prefix}_${domain}_${timeStr}.${suffix}`;
@@ -188,7 +201,7 @@ export class CertReader {

  buildCertName() {
    let domain = this.getMainDomain();
-    domain = domain.replaceAll("*", "_").replaceAll("*", "_");
+    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
  }
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -248,6 +248,30 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
  })
  privateKeyType!: PrivateKeyType;

+  @TaskInput({
+    title: "证书配置",
+    value: "classic",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "classic", label: "经典（classic）" },
+        { value: "tlsserver", label: "TLS服务器（tlsserver）" },
+        { value: "shortlived", label: "短暂的（shortlived）" },
+      ],
+    },
+    helper: "如无特殊需求，默认即可",
+    required: false,
+    mergeScript: `
+    return {
+        show: ctx.compute(({form})=>{
+            return form.sslProvider === 'letsencrypt'
+        })
+    }
+    `,
+  })
+  certProfile!: string;
+
  @TaskInput({
    title: "使用代理",
    value: false,
@@ -395,6 +419,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        csrInfo,
        isTest: false,
        privateKeyType: this.privateKeyType,
+        profile: this.certProfile,
      });

      const certInfo = this.formatCerts(cert);
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
@@ -80,17 +80,29 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
  legoEabAccessId!: number;

  @TaskInput({
-    title: "自定义LEGO参数",
+    title: "自定义LEGO全局参数",
    component: {
      name: "a-input",
      vModel: "value",
      placeholder: "--dns-timeout 30",
    },
-    helper: "额外的lego命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    helper: "额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
    maybeNeed: true,
  })
  customArgs = "";

+  @TaskInput({
+    title: "自定义LEGO签名参数",
+    component: {
+      name: "a-input",
+      vModel: "value",
+      placeholder: "--no-bundle",
+    },
+    helper: "额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    maybeNeed: true,
+  })
+  customCommandOptions = "";
+
  @TaskInput({
    title: "加密算法",
    value: "ec256",
@@ -205,7 +217,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
    if (this.acmeServer) {
      serverArgs = ` --server ${this.acmeServer}`;
    }
-    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs}  ${this.customArgs || ""} run`];
+    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs} ${this.customArgs || ""} run ${this.customCommandOptions || ""}`];

    await this.ctx.utils.sp.spawn({
      cmd: cmds,
--- a/packages/plugins/plugin-lib/CHANGELOG.md
+++ b/packages/plugins/plugin-lib/CHANGELOG.md
@@ -3,6 +3,26 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+
+### Performance Improvements
+
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 **Note:** Version bump only for package @certd/plugin-lib
--- a/packages/plugins/plugin-lib/package.json
+++ b/packages/plugins/plugin-lib/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.34.11",
+  "version": "1.35.2",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,11 +17,12 @@
  },
  "dependencies": {
    "@alicloud/openapi-client": "^0.4.14",
+    "@alicloud/openapi-util": "^0.3.2",
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
+    "@certd/basic": "^1.35.2",
+    "@certd/pipeline": "^1.35.2",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -52,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "a4b6580247efabe948507c771a177d4f75670bc2"
+  "gitHead": "a619f8a2fee68169ae3c57cf6e8de18141de17ba"
 }
--- a/packages/plugins/plugin-lib/src/aliyun/access/aliyun-access.ts
+++ b/packages/plugins/plugin-lib/src/aliyun/access/aliyun-access.ts
@@ -54,7 +54,7 @@ export class AliyunClientV2 {

    const $OpenApi = await import("@alicloud/openapi-client");
    const $Util = await import("@alicloud/tea-util");
-
+    const OpenApiUtil = await import("@alicloud/openapi-util");
    const params = new $OpenApi.Params({
      // 接口名称
      action: req.action,
@@ -74,6 +74,10 @@ export class AliyunClientV2 {
      bodyType: "json",
    });

+    if (req.data?.query) {
+      //@ts-ignore
+      req.data.query = OpenApiUtil.default.default.query(req.data.query);
+    }
    const runtime = new $Util.RuntimeOptions({});
    const request = new $OpenApi.OpenApiRequest(req.data);
    // 复制代码运行请自行打印 API 的返回值
--- a/packages/plugins/plugin-lib/src/aliyun/lib/ssl-client.ts
+++ b/packages/plugins/plugin-lib/src/aliyun/lib/ssl-client.ts
@@ -29,7 +29,7 @@ export type AliyunSslUploadCertReq = {
  cert: AliyunCertInfo;
 };

-export type CasCertInfo = { certId: number; certName: string; certIdentifier: string };
+export type CasCertInfo = { certId: number; certName: string; certIdentifier: string; notAfter: number; casRegion: string };

 export class AliyunSslClient {
  opts: AliyunSslClientOpts;
@@ -68,6 +68,8 @@ export class AliyunSslClient {
      certId: certId,
      certName: res.Name,
      certIdentifier: res.CertIdentifier,
+      notAfter: res.NotAfter,
+      casRegion: this.getCasRegionFromEndpoint(this.opts.endpoint),
    };
  }

@@ -148,4 +150,24 @@ export class AliyunSslClient {
    this.checkRet(res);
    return res;
  }
+
+  async deleteCert(certId: any) {
+    await this.doRequest("DeleteUserCertificate", { CertId: certId }, { method: "POST" });
+  }
+
+  getCasRegionFromEndpoint(endpoint: string) {
+    if (!endpoint) {
+      return "cn-hangzhou";
+    }
+    /**
+     * {value: 'cas.aliyuncs.com', label: '中国大陆'},
+     *         {value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡'},
+     *         {value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）'},
+     */
+    const region = endpoint.replace(".aliyuncs.com", "").replace("cas.", "");
+    if (region === "cas") {
+      return "cn-hangzhou";
+    }
+    return region;
+  }
 }
--- a/packages/ui/certd-client/CHANGELOG.md
+++ b/packages/ui/certd-client/CHANGELOG.md
@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Performance Improvements
+
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/ui-client
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Bug Fixes
--- a/packages/ui/certd-client/package.json
+++ b/packages/ui/certd-client/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.34.11",
+  "version": "1.35.2",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -102,8 +102,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
+    "@certd/lib-iframe": "^1.35.2",
+    "@certd/pipeline": "^1.35.2",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
--- a/packages/ui/certd-client/src/components/cron-editor/index.vue
+++ b/packages/ui/certd-client/src/components/cron-editor/index.vue
@@ -1,17 +1,7 @@
 <template>
  <div class="cron-editor">
    <div class="flex-o">
-      <cron-light
-        :disabled="disabled"
-        :readonly="readonly"
-        :period="period"
-        class="flex-o cron-ant"
-        locale="zh-CN"
-        format="quartz"
-        :model-value="modelValue"
-        @update:model-value="onUpdate"
-        @error="onError"
-      />
+      <cron-light :disabled="disabled" :readonly="readonly" :period="period" class="flex-o cron-ant" locale="zh-CN" format="quartz" :model-value="modelValue" @update:model-value="onUpdate" @error="onError" />
    </div>
    <div class="mt-5 flex">
      <a-input :disabled="true" :readonly="readonly" :value="modelValue" @change="onChange"></a-input>
@@ -26,13 +16,15 @@
 import parser from "cron-parser";
 import { computed, ref } from "vue";
 import dayjs from "dayjs";
+import { getCronNextTimes } from "/@/components/cron-editor/utils";
 defineOptions({
-  name: "CronEditor"
+  name: "CronEditor",
 });
 const props = defineProps<{
  modelValue?: string;
  disabled?: boolean;
  readonly?: boolean;
+  allowEveryMin?: boolean;
 }>();

 const period = ref<string>("");
@@ -58,9 +50,12 @@ const onUpdate = (value: string) => {
  if (arr[0] === "*") {
    arr[0] = "0";
  }
-  if (arr[1] === "*") {
-    arr[1] = "0";
+  if (!props.allowEveryMin) {
+    if (arr[1] === "*") {
+      arr[1] = "0";
+    }
  }
+
  value = arr.join(" ");

  emit("update:modelValue", value);
@@ -90,10 +85,10 @@ const nextTime = computed(() => {
  if (props.modelValue == null) {
    return "请先设置正确的cron表达式";
  }
+
  try {
-    const interval = parser.parseExpression(props.modelValue);
-    const next = interval.next().getTime();
-    return dayjs(next).format("YYYY-MM-DD HH:mm:ss");
+    const nextTimes = getCronNextTimes(props.modelValue, 2);
+    return nextTimes.join("，");
  } catch (e) {
    console.log(e);
    return "请先设置正确的cron表达式";
--- a/packages/ui/certd-client/src/components/cron-editor/utils.ts
+++ b/packages/ui/certd-client/src/components/cron-editor/utils.ts
@@ -0,0 +1,15 @@
+import parser from "cron-parser";
+import dayjs from "dayjs";
+
+export function getCronNextTimes(cron: string, count: number = 1) {
+  if (cron == null) {
+    return [];
+  }
+  const nextTimes = [];
+  const interval = parser.parseExpression(cron);
+  for (let i = 0; i < count; i++) {
+    const next = interval.next().getTime();
+    nextTimes.push(dayjs(next).format("YYYY-MM-DD HH:mm:ss"));
+  }
+  return nextTimes;
+}
--- a/packages/ui/certd-client/src/components/editable.vue
+++ b/packages/ui/certd-client/src/components/editable.vue
@@ -76,7 +76,7 @@ export default {
 .text-editable {
  flex: 1;
  line-height: 34px;
-
+  overflow: hidden;
  span.fs-iconify {
    display: inline-flex;
    justify-content: center;
--- a/packages/ui/certd-client/src/views/certd/history/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/history/crud.tsx
@@ -2,9 +2,10 @@ import * as api from "./api";
 import { useI18n } from "vue-i18n";
 import { computed, Ref, ref } from "vue";
 import { useRouter } from "vue-router";
-import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
+import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
 import { useUserStore } from "/@/store/user";
 import { useSettingStore } from "/@/store/settings";
+import { statusUtil } from "/@/views/certd/pipeline/pipeline/utils/util.status";

 export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
  const router = useRouter();
@@ -143,6 +144,50 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
            },
          },
        },
+        triggerType: {
+          title: "触发类型",
+          type: "dict-select",
+          search: {
+            show: true,
+          },
+          dict: dict({
+            data: [
+              { value: "user", label: "手动执行" },
+              { value: "timer", label: "定时执行" },
+            ],
+          }),
+          form: {
+            show: false,
+            value: "custom",
+          },
+          column: {
+            sorter: true,
+            width: 90,
+            align: "center",
+            show: true,
+            component: {
+              color: "auto",
+            },
+          },
+        },
+        status: {
+          title: "状态",
+          type: "dict-select",
+          search: {
+            show: true,
+          },
+          dict: dict({
+            data: statusUtil.getOptions(),
+          }),
+          form: {
+            show: false,
+          },
+          column: {
+            sorter: true,
+            width: 120,
+            align: "center",
+          },
+        },
        createTime: {
          title: "创建时间",
          type: "datetime",
--- a/packages/ui/certd-client/src/views/certd/monitor/site/setting/api.ts
+++ b/packages/ui/certd-client/src/views/certd/monitor/site/setting/api.ts
@@ -3,6 +3,8 @@ import { request } from "/src/api/service";
 const apiPrefix = "/monitor/site/setting";
 export type UserSiteMonitorSetting = {
  notificationId?: number;
+  retryTimes?: number;
+  cron?: string;
 };

 export async function SiteMonitorSettingsGet() {
--- a/packages/ui/certd-client/src/views/certd/monitor/site/setting/index.vue
+++ b/packages/ui/certd-client/src/views/certd/monitor/site/setting/index.vue
@@ -11,6 +11,19 @@
          </div>
          <div class="helper">设置通知渠道</div>
        </a-form-item>
+        <a-form-item label="重试次数" :name="['retryTimes']">
+          <div class="flex">
+            <a-input-number v-model:value="formState.retryTimes" />
+          </div>
+          <div class="helper">监控请求重试次数</div>
+        </a-form-item>
+        <a-form-item label="监控定时设置" :name="['cron']">
+          <div class="flex flex-baseline">
+            <cron-editor v-model="formState.cron" :disabled="!settingsStore.isPlus" :allow-every-min="userStore.isAdmin" />
+            <vip-button class="ml-5" mode="button"></vip-button>
+          </div>
+          <div class="helper">定时触发监控</div>
+        </a-form-item>
        <a-form-item label=" " :colon="false" :wrapper-col="{ span: 16 }">
          <loading-button type="primary" html-type="button" :click="doSave">保存</loading-button>
        </a-form-item>
@@ -27,8 +40,10 @@ import { notification } from "ant-design-vue";
 import { merge } from "lodash-es";
 import { useSettingStore } from "/src/store/settings";
 import NotificationSelector from "/@/views/certd/notification/notification-selector/index.vue";
+import { useUserStore } from "/@/store/user";

 const settingsStore = useSettingStore();
+const userStore = useUserStore();
 defineOptions({
  name: "UserSecurity",
 });
@@ -56,7 +71,7 @@ const doSave = async (form: any) => {
 <style lang="less">
 .page-user-settings {
  .user-settings-form {
-    width: 600px;
+    width: 700px;
    margin: 20px;
  }
 }
--- a/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
@@ -5,17 +5,15 @@ import { useRouter } from "vue-router";
 import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, useUi } from "@fast-crud/fast-crud";
 import { statusUtil } from "/@/views/certd/pipeline/pipeline/utils/util.status";
 import { Modal, notification } from "ant-design-vue";
-import { env } from "/@/utils/util.env";
 import { useUserStore } from "/@/store/user";
 import dayjs from "dayjs";
 import { useSettingStore } from "/@/store/settings";
 import { cloneDeep } from "lodash-es";
-import { useModal } from "/@/use/use-modal";
-import CertView from "./cert-view.vue";
 import { eachStages } from "./utils";
 import { setRunnableIds, useCertPipelineCreator } from "/@/views/certd/pipeline/certd-form/use";
 import { useCertUpload } from "/@/views/certd/pipeline/cert-upload/use";
 import GroupSelector from "/@/views/certd/pipeline/group/group-selector.vue";
+import { useCertViewer } from "/@/views/certd/pipeline/use";

 export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys } }: CreateCrudOptionsProps): CreateCrudOptionsRet {
  const router = useRouter();
@@ -61,59 +59,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
    return res;
  };

-  const model = useModal();
-  const viewCert = async (row: any) => {
-    const cert = await api.GetCert(row.id);
-    if (!cert) {
-      notification.error({ message: "请先运行一次流水线" });
-      return;
-    }
-
-    model.success({
-      title: "查看证书",
-      maskClosable: true,
-      okText: "关闭",
-      width: 800,
-      content: () => {
-        return <CertView cert={cert}></CertView>;
-      },
-    });
-  };
-
-  const downloadCert = async (row: any) => {
-    const files = await api.GetFiles(row.id);
-    model.success({
-      title: "点击链接下载",
-      maskClosable: true,
-      okText: "关闭",
-      content: () => {
-        const children = [];
-        for (const file of files) {
-          const downloadUrl = `${env.API}/pi/history/download?pipelineId=${row.id}&fileId=${file.id}`;
-          children.push(
-            <div>
-              <div class={"flex-o m-5"}>
-                <fs-icon icon={"ant-design:cloud-download-outlined"} class={"mr-5 fs-16"}></fs-icon>
-                <a href={downloadUrl} target={"_blank"}>
-                  {file.filename}
-                </a>
-              </div>
-            </div>
-          );
-        }
-
-        if (children.length === 0) {
-          return <div>暂无文件下载</div>;
-        }
-
-        return (
-          <div class={"mt-3"}>
-            <div> {children}</div>
-          </div>
-        );
-      },
-    });
-  };
+  const { viewCert, downloadCert } = useCertViewer();
  const userStore = useUserStore();
  const settingStore = useSettingStore();

@@ -208,6 +154,10 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
      },
      table: {
        scroll: { x: 1500 },
+        remove: {
+          confirmTitle: "确定要删除吗？",
+          confirmMessage: "将删除该流水线相关的所有数据，包括执行历史、证书文件、证书仓库记录等",
+        },
      },
      tabs: {
        name: "groupId",
@@ -281,7 +231,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
            type: "link",
            icon: "ph:certificate",
            async click({ row }) {
-              await viewCert(row);
+              await viewCert(row.id);
            },
          },
          download: {
@@ -291,7 +241,7 @@ export default function ({ crudExpose, context: { groupDictRef, selectedRowKeys
            tooltip: { title: "下载证书" },
            icon: "ant-design:download-outlined",
            async click({ row }) {
-              await downloadCert(row);
+              await downloadCert(row.id);
            },
          },
          remove: {
--- a/packages/ui/certd-client/src/views/certd/pipeline/detail.vue
+++ b/packages/ui/certd-client/src/views/certd/pipeline/detail.vue
@@ -34,6 +34,8 @@ const pipelineOptions: PipelineOptions = {
        stages: [],
        triggers: [],
        ...JSON.parse(detail.pipeline.content || "{}"),
+        type: detail.pipeline.type,
+        from: detail.pipeline.from,
      },
    } as PipelineDetail;
  },
--- a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
+++ b/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
@@ -1,18 +1,43 @@
 <template>
  <fs-page v-if="pipeline" class="page-pipeline-edit">
    <template #header>
-      <div class="title">
+      <div class="title flex-1">
        <fs-button class="back" icon="ion:chevron-back-outline" @click="goBack"></fs-button>
        <text-editable v-model="pipeline.title" :hover-show="false" :disabled="!editMode"></text-editable>
      </div>
-      <div class="more">
-        <template v-if="editMode">
-          <a-button type="primary" :loading="saveLoading" @click="save">保存</a-button>
-          <a-button class="ml-5" @click="cancel">取消</a-button>
-        </template>
-        <template v-else>
-          <a-button type="primary" @click="edit">编辑</a-button>
-        </template>
+      <div class="more flex items-center flex-1 justify-end">
+        <div v-if="isCert" class="flex items-center hidden md:block">
+          <a-tag class="mr-5 pointer" color="green" type="primary" text="查看证书" @click="viewCert(pipeline.id)">
+            <span class="flex"><fs-icon icon="ant-design:eye-outlined"></fs-icon> 查看证书</span>
+          </a-tag>
+          <a-tag class="mr-5 pointer" color="green" type="primary" text="下载证书" @click="downloadCert(pipeline.id)">
+            <span class="flex"> <fs-icon icon="ant-design:download-outlined"></fs-icon> 下载证书 </span>
+          </a-tag>
+        </div>
+
+        <div class="flex items-center hidden md:block">
+          <a-tag v-if="nextTriggerTimes" color="blue">
+            <span class="flex">
+              <fs-icon icon="ion:time-outline"></fs-icon>
+              下次执行时间：{{ nextTriggerTimes }}
+            </span>
+          </a-tag>
+          <a-tag v-else-if="nextTriggerTimes === false" color="red">
+            <span class="flex">
+              <fs-icon icon="ion:caret-forward-circle-outline"></fs-icon>
+              未设置触发源，不会自动执行
+            </span>
+          </a-tag>
+        </div>
+        <div class="basis-40 flex justify-end mr-10">
+          <template v-if="editMode">
+            <fs-button type="primary" :loading="saveLoading" @click="save">保存</fs-button>
+            <fs-button class="ml-5" @click="cancel">取消</fs-button>
+          </template>
+          <template v-else>
+            <fs-button icon="ant-design:edit-outlined" type="primary" @click="edit">编辑</fs-button>
+          </template>
+        </div>
      </div>
    </template>

@@ -241,7 +266,7 @@
                @cancel="historyCancel()"
              ></pi-history-timeline-item>
            </template>
-            <a-empty v-if="histories.length === 0"> </a-empty>
+            <a-empty v-if="histories.length === 0"></a-empty>
          </a-timeline>
        </a-page-header>
      </div>
@@ -255,7 +280,7 @@
 </template>

 <script lang="ts">
-import { defineComponent, onMounted, onUnmounted, provide, Ref, ref, watch } from "vue";
+import { defineComponent, onMounted, onUnmounted, provide, Ref, ref, watch, computed } from "vue";
 import { useRouter } from "vue-router";
 import PiTaskForm from "./component/task-form/index.vue";
 import PiTriggerForm from "./component/trigger-form/index.vue";
@@ -275,11 +300,23 @@ import { useUserStore } from "/@/store/user";
 import TaskShortcuts from "./component/shortcut/task-shortcuts.vue";
 import { eachSteps, findStep } from "../utils";
 import { PluginGroups } from "/@/store/plugin";
+import { getCronNextTimes } from "/@/components/cron-editor/utils";
+import { useCertViewer } from "/@/views/certd/pipeline/use";

 export default defineComponent({
  name: "PipelineEdit",
  // eslint-disable-next-line vue/no-unused-components
-  components: { FsIcon, PiHistoryTimelineItem, PiTaskForm, PiTriggerForm, PiTaskView, PiStatusShow, PiNotificationForm, VDraggable, TaskShortcuts },
+  components: {
+    FsIcon,
+    PiHistoryTimelineItem,
+    PiTaskForm,
+    PiTriggerForm,
+    PiTaskView,
+    PiStatusShow,
+    PiNotificationForm,
+    VDraggable,
+    TaskShortcuts,
+  },
  props: {
    pipelineId: {
      type: [Number, String],
@@ -309,7 +346,24 @@ export default defineComponent({

    const currentHistory: Ref<any> = ref({});

+    const nextTriggerTimes = computed(() => {
+      const triggers = pipeline.value.triggers;
+      if (!triggers || triggers.length === 0) {
+        return false;
+      }
+      let nextTimes: any = [];
+      for (const item of triggers) {
+        if (!item.props?.cron) {
+          continue;
+        }
+        const ret = getCronNextTimes(item.props?.cron, 1);
+        nextTimes.push(...ret);
+      }
+      return nextTimes.join("，");
+    });
+
    const router = useRouter();
+
    function goBack() {
      router.back();
    }
@@ -365,8 +419,10 @@ export default defineComponent({
      }
      return true;
    }
+
    const intervalLoadHistoryRef = ref();
    const isLoadingHistory = ref(false);
+
    function watchNewHistoryList() {
      intervalLoadHistoryRef.value = setInterval(async () => {
        if (isLoadingHistory.value) {
@@ -390,6 +446,7 @@ export default defineComponent({
        }
      }, 3000);
    }
+
    onMounted(() => {
      watchNewHistoryList();
    });
@@ -420,7 +477,15 @@ export default defineComponent({
          return;
        }
        const detail: PipelineDetail = await props.options.getPipelineDetail({ pipelineId: value });
-        currentPipeline.value = _.merge({ title: "新管道流程", stages: [], triggers: [], notifications: [] }, detail.pipeline);
+        currentPipeline.value = _.merge(
+          {
+            title: "新管道流程",
+            stages: [],
+            triggers: [],
+            notifications: [],
+          },
+          detail.pipeline
+        );
        pipeline.value = currentPipeline.value;
        await loadHistoryList(true);
      },
@@ -535,6 +600,7 @@ export default defineComponent({
      function isLastStage(index: number) {
        return false;
      }
+
      return {
        stageAdd,
        isLastStage,
@@ -654,6 +720,7 @@ export default defineComponent({
      }

      const validateErrors: Ref = ref({});
+
      function addValidateError(taskId: string, error: any) {
        const errors = validateErrors.value[taskId] || [];
        validateErrors.value[taskId] = errors;
@@ -708,6 +775,7 @@ export default defineComponent({
      function hasValidateError(taskId: string) {
        return validateErrors.value[taskId] != null;
      }
+
      const save = async (offEdit = true) => {
        doValidate();

@@ -771,9 +839,11 @@ export default defineComponent({
      };

      const logsCollapse = ref(false);
+
      function toggleLogsCollapse() {
        logsCollapse.value = !logsCollapse.value;
      }
+
      return {
        historyView,
        historyCancel,
@@ -838,7 +908,12 @@ export default defineComponent({
      };
    });

+    const { viewCert, downloadCert } = useCertViewer();
+    const isCert = computed(() => {
+      return currentPipeline.value?.type?.startsWith("cert");
+    });
    return {
+      isCert,
      pipeline,
      currentHistory,
      histories,
@@ -852,6 +927,9 @@ export default defineComponent({
      ...useHistory(),
      ...useNotification(),
      ...useScroll(),
+      nextTriggerTimes,
+      viewCert,
+      downloadCert,
    };
  },
 });
@@ -864,9 +942,11 @@ export default defineComponent({
      text-overflow: ellipsis;
      text-wrap: nowrap;
      display: flex;
+
      .back {
        margin-right: 10px;
      }
+
      .text-editable {
        width: 300px;
      }
@@ -876,47 +956,57 @@ export default defineComponent({
  .pi-status-show {
    display: inline-flex;
  }
+
  .fs-page-content {
    overflow-x: auto;
  }
+
  .layout {
    width: 100%;
    height: 100%;
    position: relative;
    display: flex;
    overflow-x: hidden;
+
    .layout-left {
      flex: 1;
      height: 100%;
    }
+
    .layout-right {
      width: 350px;
      height: 100%;
    }
  }
+
  .pipeline-container {
    width: 100%;
    height: 100%;
    position: relative;
    overflow: auto;
  }
+
  .pipeline {
    position: absolute;
    left: 0;
    top: 0;
    height: 100%;
+
    .stages {
      display: flex;
      overflow: auto;
      min-width: 100%;
      height: 100%;
+
      .stage {
        width: 300px;
        border-right: 1px solid #c7c7c7;
+
        .is-add {
          visibility: hidden;
          color: gray;
        }
+
        &:hover .is-add {
          visibility: visible;
        }
@@ -925,11 +1015,13 @@ export default defineComponent({
          padding: 20px;
          color: gray;
          display: flex;
+
          .stage-move-handle {
            cursor: move;
            margin-left: 4px;
          }
        }
+
        //.sortable-ghost {
        //  .line {
        //    visibility: hidden;
@@ -943,6 +1035,7 @@ export default defineComponent({

          &.line-left {
            left: 25px;
+
            .flow-line {
              border-right: 0;
            }
@@ -950,6 +1043,7 @@ export default defineComponent({

          &.line-right {
            right: 25px;
+
            .flow-line {
              border-left: 0;
            }
@@ -960,6 +1054,7 @@ export default defineComponent({
            border: 1px solid #c7c7c7;
            border-top: 0;
          }
+
          .add-stage-btn {
            display: inline-flex;
            visibility: hidden;
@@ -969,6 +1064,7 @@ export default defineComponent({
            bottom: -12px;
            left: -12px;
            z-index: 100;
+
            &:hover {
              color: #1890ff;
            }
@@ -981,6 +1077,7 @@ export default defineComponent({

            &.line-left {
              left: 0;
+
              .flow-line {
                border-right: 0;
                border-left: 0;
@@ -989,6 +1086,7 @@ export default defineComponent({

            &.line-right {
              right: 0;
+
              .flow-line {
                border-left: 0;
                border-right: 0;
@@ -1008,13 +1106,16 @@ export default defineComponent({
            }
          }
        }
+
        &.last-stage {
          .line {
            width: 50% !important;
            right: auto;
+
            .flow-line {
              border-right: 0;
            }
+
            .add-stage-btn {
              visibility: hidden;
            }
@@ -1038,6 +1139,7 @@ export default defineComponent({
                }
              }
            }
+
            .task {
              display: flex;
              flex-direction: column;
@@ -1050,6 +1152,7 @@ export default defineComponent({
                &.in-edit {
                  margin-right: 28px;
                }
+
                &.disabled {
                }
              }
@@ -1061,12 +1164,15 @@ export default defineComponent({
                //font-size: 18px;
                cursor: pointer;
                z-index: 10;
+
                &:hover {
                  color: #1890ff;
                }
+
                &.copy {
                  right: 30px;
                }
+
                &.drag {
                  right: 10px;
                  cursor: move;
@@ -1078,6 +1184,7 @@ export default defineComponent({
              }

              position: relative;
+
              .shortcut {
                position: absolute;
                bottom: -10px;
@@ -1092,6 +1199,7 @@ export default defineComponent({

  .layout-right {
    position: relative;
+
    &.collapsed {
      margin-right: -350px;
    }
--- a/packages/ui/certd-client/src/views/certd/pipeline/sub-domain/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/sub-domain/crud.tsx
@@ -79,7 +79,9 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
                return (
                  <div>
                    如果您不理解什么是子域托管，可以参考文档
-                    <a href={"https://help.aliyun.com/zh/dns/subdomain-management"}>子域管理</a>
+                    <a href={"https://help.aliyun.com/zh/dns/subdomain-management"} target={"_blank"}>
+                      子域管理
+                    </a>
                  </div>
                );
              },
--- a/packages/ui/certd-client/src/views/certd/pipeline/use.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/use.tsx
@@ -0,0 +1,65 @@
+import * as api from "/@/views/certd/pipeline/api";
+import { notification } from "ant-design-vue";
+import CertView from "/@/views/certd/pipeline/cert-view.vue";
+import { env } from "/@/utils/util.env";
+import { useModal } from "/@/use/use-modal";
+
+export function useCertViewer() {
+  const model = useModal();
+  const viewCert = async (id: number) => {
+    const cert = await api.GetCert(id);
+    if (!cert) {
+      notification.error({ message: "请先运行一次流水线" });
+      return;
+    }
+
+    model.success({
+      title: "查看证书",
+      maskClosable: true,
+      okText: "关闭",
+      width: 800,
+      content: () => {
+        return <CertView cert={cert}></CertView>;
+      },
+    });
+  };
+
+  const downloadCert = async (id: any) => {
+    const files = await api.GetFiles(id);
+    model.success({
+      title: "点击链接下载",
+      maskClosable: true,
+      okText: "关闭",
+      content: () => {
+        const children = [];
+        for (const file of files) {
+          const downloadUrl = `${env.API}/pi/history/download?pipelineId=${id}&fileId=${file.id}`;
+          children.push(
+            <div>
+              <div class={"flex-o m-5"}>
+                <fs-icon icon={"ant-design:cloud-download-outlined"} class={"mr-5 fs-16"}></fs-icon>
+                <a href={downloadUrl} target={"_blank"}>
+                  {file.filename}
+                </a>
+              </div>
+            </div>
+          );
+        }
+
+        if (children.length === 0) {
+          return <div>暂无文件下载</div>;
+        }
+
+        return (
+          <div class={"mt-3"}>
+            <div> {children}</div>
+          </div>
+        );
+      },
+    });
+  };
+  return {
+    viewCert,
+    downloadCert,
+  };
+}
--- a/packages/ui/certd-server/CHANGELOG.md
+++ b/packages/ui/certd-server/CHANGELOG.md
@@ -3,6 +3,41 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+
 ## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)

 ### Bug Fixes
--- a/packages/ui/certd-server/db/migration-mysql/v10025__history_trigger_type.sql
+++ b/packages/ui/certd-server/db/migration-mysql/v10025__history_trigger_type.sql
@@ -0,0 +1,2 @@
+
+ALTER TABLE pi_history ADD COLUMN `trigger_type` varchar(100);
--- a/packages/ui/certd-server/db/migration-pg/v10025__history_trigger_type.sql
+++ b/packages/ui/certd-server/db/migration-pg/v10025__history_trigger_type.sql
@@ -0,0 +1,2 @@
+
+ALTER TABLE pi_history ADD COLUMN "trigger_type" varchar(100);
--- a/packages/ui/certd-server/db/migration/v10025__history_trigger_type.sql
+++ b/packages/ui/certd-server/db/migration/v10025__history_trigger_type.sql
@@ -0,0 +1,2 @@
+
+ALTER TABLE pi_history ADD COLUMN "trigger_type" varchar(100);
--- a/packages/ui/certd-server/package.json
+++ b/packages/ui/certd-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.34.11",
+  "version": "1.35.2",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -40,21 +40,22 @@
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-acm": "^3.699.0",
    "@aws-sdk/client-cloudfront": "^3.699.0",
+    "@aws-sdk/client-iam": "^3.699.0",
    "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.34.11",
-    "@certd/basic": "^1.34.11",
-    "@certd/commercial-core": "^1.34.11",
+    "@certd/acme-client": "^1.35.2",
+    "@certd/basic": "^1.35.2",
+    "@certd/commercial-core": "^1.35.2",
    "@certd/cv4pve-api-javascript": "^8.4.1",
-    "@certd/jdcloud": "^1.34.11",
-    "@certd/lib-huawei": "^1.34.11",
-    "@certd/lib-k8s": "^1.34.11",
-    "@certd/lib-server": "^1.34.11",
-    "@certd/midway-flyway-js": "^1.34.11",
-    "@certd/pipeline": "^1.34.11",
-    "@certd/plugin-cert": "^1.34.11",
-    "@certd/plugin-lib": "^1.34.11",
-    "@certd/plugin-plus": "^1.34.11",
-    "@certd/plus-core": "^1.34.11",
+    "@certd/jdcloud": "^1.35.2",
+    "@certd/lib-huawei": "^1.35.2",
+    "@certd/lib-k8s": "^1.35.2",
+    "@certd/lib-server": "^1.35.2",
+    "@certd/midway-flyway-js": "^1.35.2",
+    "@certd/pipeline": "^1.35.2",
+    "@certd/plugin-cert": "^1.35.2",
+    "@certd/plugin-lib": "^1.35.2",
+    "@certd/plugin-plus": "^1.35.2",
+    "@certd/plus-core": "^1.35.2",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
    "@koa/cors": "^5.0.0",
--- a/packages/ui/certd-server/src/controller/user/monitor/site-info-controller.ts
+++ b/packages/ui/certd-server/src/controller/user/monitor/site-info-controller.ts
@@ -154,4 +154,5 @@ export class SiteInfoController extends CrudController<SiteInfoService> {
    await this.service.saveSetting(userId, setting);
    return this.ok({});
  }
+
 }
--- a/packages/ui/certd-server/src/modules/auto/auto-c-register-cron.ts
+++ b/packages/ui/certd-server/src/modules/auto/auto-c-register-cron.ts
@@ -4,6 +4,8 @@ import { logger } from '@certd/basic';
 import { SysSettingsService } from '@certd/lib-server';
 import { SiteInfoService } from '../monitor/index.js';
 import { Cron } from '../cron/cron.js';
+import {UserSettingsService} from "../mine/service/user-settings-service.js";
+import {UserSiteMonitorSetting} from "../mine/service/models.js";

@Autoload()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
@@ -22,6 +24,8 @@ export class AutoCRegisterCron {

  @Inject()
  sysSettingsService: SysSettingsService;
+  @Inject()
+  userSettingsService: UserSettingsService;

  @Inject()
  siteInfoService: SiteInfoService;
@@ -39,39 +43,30 @@ export class AutoCRegisterCron {
    // console.log('meta', meta);
    // const metas = listPropertyDataFromClass(CLASS_KEY, this.echoPlugin);
    // console.log('metas', metas);
-    this.registerSiteMonitorCron();
+    await this.registerSiteMonitorCron();
  }

-  registerSiteMonitorCron() {
-    const job = async () => {
-      logger.info('站点证书检查开始执行');
+  async registerSiteMonitorCron() {
+    //先注册公共job
+    await this.siteInfoService.registerSiteMonitorJob()

-      let offset = 0;
-      const limit = 50;
-      while (true) {
-        const res = await this.siteInfoService.page({
-          query: { disabled: false },
-          page: { offset, limit },
-        });
-        const { records } = res;
-
-        if (records.length === 0) {
-          break;
-        }
-        offset += records.length;
-        await this.siteInfoService.checkList(records);
+    //注册用户独立的检查时间
+    const monitorSettingList = await this.userSettingsService.list({
+      query:{
+        key: UserSiteMonitorSetting.__key__,
      }
+    })
+    for (const item of monitorSettingList) {
+      const setting = item.setting ?? JSON.parse(item.setting)
+      if(!setting?.cron){
+        continue
+      }
+      await this.siteInfoService.registerSiteMonitorJob(item.userId)
+    }

-      logger.info('站点证书检查完成');
-    };
-
-    this.cron.register({
-      name: 'siteMonitor',
-      cron: '0 0 0 * * *',
-      job,
-    });
    if (this.immediateTriggerSiteMonitor) {
-      job();
+      logger.info(`立即触发一次站点证书检查任务`)
+      await this.siteInfoService.triggerJobOnce()
    }
  }
 }
--- a/packages/ui/certd-server/src/modules/auto/https/server.ts
+++ b/packages/ui/certd-server/src/modules/auto/https/server.ts
@@ -58,7 +58,7 @@ export class HttpsServer {
      opts.app.callback()
    );
    this.server = httpServer;
-    const hostname = '0.0.0.0';
+    const hostname = '::';
    // A function that runs in the context of the http server
    // and reports what type of server listens on which port
    function listeningReporter() {
--- a/packages/ui/certd-server/src/modules/cron/cron.ts
+++ b/packages/ui/certd-server/src/modules/cron/cron.ts
@@ -85,6 +85,8 @@ export class Cron {
    }
    this.logger.info(`[cron] register cron : [${req.name}] ,${req.cron}`);

+    this.remove(req.name)
+
    const task = new CronTask(req, this.logger);
    this.queue.push(task);
    this.logger.info('当前定时任务数量：', this.getTaskSize());
--- a/packages/ui/certd-server/src/modules/mine/service/models.ts
+++ b/packages/ui/certd-server/src/modules/mine/service/models.ts
@@ -25,6 +25,8 @@ export class UserSiteMonitorSetting extends BaseSettings {
  static __key__ = "user.site.monitor";

  notificationId?:number= 0;
+  cron?:string = undefined;
+  retryTimes?:number = 3;
 }

 export class UserEmailSetting extends BaseSettings {
--- a/packages/ui/certd-server/src/modules/monitor/service/site-info-service.ts
+++ b/packages/ui/certd-server/src/modules/monitor/service/site-info-service.ts
@@ -1,22 +1,23 @@
-import { Inject, Provide, Scope, ScopeEnum } from "@midwayjs/core";
-import { BaseService, NeedSuiteException, NeedVIPException, SysSettingsService } from "@certd/lib-server";
-import { InjectEntityModel } from "@midwayjs/typeorm";
-import { Repository } from "typeorm";
-import { SiteInfoEntity } from "../entity/site-info.js";
-import { siteTester } from "./site-tester.js";
+import {Inject, Provide, Scope, ScopeEnum} from "@midwayjs/core";
+import {BaseService, NeedSuiteException, NeedVIPException, SysSettingsService} from "@certd/lib-server";
+import {InjectEntityModel} from "@midwayjs/typeorm";
+import {Repository} from "typeorm";
+import {SiteInfoEntity} from "../entity/site-info.js";
+import {siteTester} from "./site-tester.js";
 import dayjs from "dayjs";
-import { logger, utils } from "@certd/basic";
-import { PeerCertificate } from "tls";
-import { NotificationService } from "../../pipeline/service/notification-service.js";
-import { isComm, isPlus } from "@certd/plus-core";
-import { UserSuiteService } from "@certd/commercial-core";
-import { UserSettingsService } from "../../mine/service/user-settings-service.js";
-import { UserSiteMonitorSetting } from "../../mine/service/models.js";
-import { SiteIpService } from "./site-ip-service.js";
-import { SiteIpEntity } from "../entity/site-ip.js";
+import {logger, utils} from "@certd/basic";
+import {PeerCertificate} from "tls";
+import {NotificationService} from "../../pipeline/service/notification-service.js";
+import {isComm, isPlus} from "@certd/plus-core";
+import {UserSuiteService} from "@certd/commercial-core";
+import {UserSettingsService} from "../../mine/service/user-settings-service.js";
+import {UserSiteMonitorSetting} from "../../mine/service/models.js";
+import {SiteIpService} from "./site-ip-service.js";
+import {SiteIpEntity} from "../entity/site-ip.js";
+import {Cron} from "../../cron/cron.js";

@Provide()
-@Scope(ScopeEnum.Request, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
 export class SiteInfoService extends BaseService<SiteInfoEntity> {
  @InjectEntityModel(SiteInfoEntity)
  repository: Repository<SiteInfoEntity>;
@@ -36,6 +37,10 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
  @Inject()
  siteIpService: SiteIpService;

+
+  @Inject()
+  cron: Cron;
+
  //@ts-ignore
  getRepository() {
    return this.repository;
@@ -70,7 +75,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
      }
    });
    if (found) {
-      return { id: found.id };
+      return {id: found.id};
    }

    return await super.add(data);
@@ -89,7 +94,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
      throw new Error("userId is required");
    }
    return await this.repository.count({
-      where: { userId }
+      where: {userId}
    });
  }

@@ -141,7 +146,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
      };

      if (site.ipCheck) {
-       delete updateData.checkStatus
+        delete updateData.checkStatus
      }
      await this.update(updateData);

@@ -239,9 +244,11 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {

  async sendCheckErrorNotify(site: SiteInfoEntity, fromIpCheck = false) {
    const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
+    const setting = await this.userSettingsService.getSetting<UserSiteMonitorSetting>(site.userId, UserSiteMonitorSetting)
    // 发邮件
    await this.notificationService.send(
      {
+        id: setting?.notificationId,
        useDefault: true,
        logger: logger,
        body: {
@@ -262,11 +269,13 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
    const expires = site.certExpiresTime;
    const validDays = dayjs(expires).diff(dayjs(), "day");
    const url = await this.notificationService.getBindUrl("#/certd/monitor/site");
+    const setting = await this.userSettingsService.getSetting<UserSiteMonitorSetting>(site.userId, UserSiteMonitorSetting)
    const content = `站点名称： ${site.name} \n站点域名： ${site.domain} \n证书域名： ${site.certDomains} \n颁发机构： ${site.certProvider} \n过期时间： ${dayjs(site.certExpiresTime).format("YYYY-MM-DD")} \n`;
    if (validDays >= 0 && validDays < tipDays) {
      // 发通知
      await this.notificationService.send(
        {
+          id: setting?.notificationId,
          useDefault: true,
          logger: logger,
          body: {
@@ -281,6 +290,7 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
      //发过期通知
      await this.notificationService.send(
        {
+          id: setting?.notificationId,
          useDefault: true,
          logger: logger,
          body: {
@@ -300,17 +310,36 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
      throw new Error("userId is required");
    }
    const sites = await this.repository.find({
-      where: { userId }
+      where: {userId}
    });
-    this.checkList(sites);
+    this.checkList(sites,false);
  }

-  async checkList(sites: SiteInfoEntity[]) {
+  async checkList(sites: SiteInfoEntity[],isCommon: boolean) {
+    const cache = {}
+    const getFromCache = async (userId: number) =>{
+      if (cache[userId]) {
+        return cache[userId];
+      }
+      const setting =  await this.userSettingsService.getSetting<UserSiteMonitorSetting>(userId, UserSiteMonitorSetting)
+      cache[userId] = setting
+      return setting;
+    }
    for (const site of sites) {
-      this.doCheck(site).catch(e => {
+      let retryTimes = 3;
+      const setting = await getFromCache(site.userId)
+      if (isCommon) {
+        //公共的检查，排除有设置cron的用户
+        if  (setting?.cron) {
+          //设置了cron，跳过公共检查
+          continue;
+        }
+        retryTimes = setting.retryTimes??retryTimes
+      }
+      this.doCheck(site,true,retryTimes).catch(e => {
        logger.error(`检查站点证书失败，${site.domain}`, e.message);
      });
-      await utils.sleep(200);
+      await utils.sleep(100);
    }
  }

@@ -320,6 +349,12 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {

  async saveSetting(userId: number, bean: UserSiteMonitorSetting) {
    await this.userSettingsService.saveSetting(userId, bean);
+    if(bean.cron){
+      //注册job
+      await this.registerSiteMonitorJob(userId);
+    }else{
+      this.clearSiteMonitorJob(userId);
+    }
  }

  async ipCheckChange(req: { id: any; ipCheck: any }) {
@@ -396,4 +431,67 @@ export class SiteInfoService extends BaseService<SiteInfoEntity> {
    };
    await batchAdd(list);
  }
+
+  clearSiteMonitorJob(userId: number) {
+    this.cron.remove(`siteMonitor-${userId}`);
+  }
+
+  async registerSiteMonitorJob(userId?: number) {
+
+    if(!userId){
+      //注册公共job
+      logger.info(`注册站点证书检查定时任务`)
+      this.cron.register({
+        name: 'siteMonitor',
+        cron: '0 0 0 * * *',
+        job:async ()=>{
+          await this.triggerJobOnce()
+        },
+      });
+      logger.info(`注册站点证书检查定时任务完成`)
+    }else{
+      const setting = await this.userSettingsService.getSetting<UserSiteMonitorSetting>(userId, UserSiteMonitorSetting);
+      if (!setting.cron) {
+        return;
+      }
+      //注册个人的
+      this.cron.register({
+        name: `siteMonitor-${userId}`,
+        cron: setting.cron,
+        job: () => this.triggerJobOnce(userId),
+      });
+    }
+
+  }
+
+  async triggerJobOnce(userId?:number) {
+    logger.info(`站点证书检查开始执行[${userId??'所有用户'}]`);
+    const query:any = { disabled: false };
+    if(userId){
+      query.userId = userId;
+      //判断是否已关闭
+      const setting = await this.userSettingsService.getSetting<UserSiteMonitorSetting>(userId, UserSiteMonitorSetting);
+      if (!setting.cron) {
+        return;
+      }
+    }
+    let offset = 0;
+    const limit = 50;
+    while (true) {
+      const res = await this.page({
+        query: query,
+        page: { offset, limit },
+      });
+      const { records } = res;
+
+      if (records.length === 0) {
+        break;
+      }
+      offset += records.length;
+      const isCommon = !userId;
+      await this.checkList(records,isCommon);
+    }
+
+    logger.info(`站点证书检查完成[${userId??'所有用户'}]`);
+  }
 }
--- a/packages/ui/certd-server/src/modules/pipeline/entity/history.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/entity/history.ts
@@ -16,6 +16,9 @@ export class HistoryEntity {
  @Column({ comment: '结果状态', length: 20, nullable: true })
  status: string;

+  @Column({ name: 'trigger_type',comment: '触发类型', length: 20, nullable: true })
+  triggerType: string;
+
  @Column({
    name: 'end_time',
    comment: '结束时间',
--- a/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/history-service.ts
@@ -60,12 +60,13 @@ export class HistoryService extends BaseService<HistoryEntity> {
    return new HistoryDetail(entity, log);
  }

-  async start(pipeline: PipelineEntity) {
+  async start(pipeline: PipelineEntity,triggerType:string) {
    const bean = {
      userId: pipeline.userId,
      pipelineId: pipeline.id,
      title: pipeline.title,
      status: 'start',
+      triggerType
    };
    const { id } = await this.add(bean);
    //清除大于pipeline.keepHistoryCount的历史记录
--- a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
@@ -110,6 +110,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
  }

  async add(bean: PipelineEntity) {
+    bean.status = ResultType.none
    await this.save(bean);
    return bean;
  }
@@ -191,6 +192,9 @@ export class PipelineService extends BaseService<PipelineEntity> {
      await this.checkMaxPipelineCount(bean, pipeline, domains);
    }

+    if (!bean.status ){
+      bean.status = ResultType.none;
+    }
    if (!isUpdate) {
      //如果是添加，先保存一下，获取到id，更新pipeline.id
      await this.addOrUpdate(bean);
@@ -493,7 +497,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
    };

    const userId = entity.userId;
-    const historyId = await this.historyService.start(entity);
+    const historyId = await this.historyService.start(entity,triggerType);
    const userIsAdmin = await this.userService.isAdmin(userId);
    const user: UserInfo = {
      id: userId,
--- a/packages/ui/certd-server/src/plugins/index.ts
+++ b/packages/ui/certd-server/src/plugins/index.ts
@@ -14,6 +14,7 @@ export * from './plugin-cachefly/index.js';
 export * from './plugin-gcore/index.js';
 export * from './plugin-qnap/index.js';
 export * from './plugin-aws/index.js';
+export * from './plugin-aws-cn/index.js';
 export * from './plugin-dnsla/index.js';
 export * from './plugin-upyun/index.js';
 export * from './plugin-volcengine/index.js'
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
@@ -101,7 +101,6 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
    const requestOption = {
      method: 'POST',
    };
-
    try {
      const ret = await this.client.request('AddDomainRecord', params, requestOption);
      this.logger.info('添加域名解析成功:', JSON.stringify(options), ret.RecordId);
@@ -110,6 +109,11 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
      if (e.code === 'DomainRecordDuplicate') {
        return;
      }
+      if(e.code === "LastOperationNotFinished"){
+        this.logger.info('上一个操作还未完成，5s后重试')
+        await this.ctx.utils.sleep(5000)
+        return this.createRecord(options)
+      }
      this.logger.info('添加域名解析出错', e);
      this.resolveError(e, options);
    }
@@ -132,10 +136,18 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
    const requestOption = {
      method: 'POST',
    };
-
-    const ret = await this.client.request('DeleteDomainRecord', params, requestOption);
-    this.logger.info('删除域名解析成功:', fullRecord, value, ret.RecordId);
-    return ret.RecordId;
+    try{
+      const ret = await this.client.request('DeleteDomainRecord', params, requestOption);
+      this.logger.info('删除域名解析成功:', fullRecord, value, ret.RecordId);
+      return ret.RecordId;
+    }catch (e) {
+      if(e.code === "LastOperationNotFinished"){
+        this.logger.info('上一个操作还未完成，5s后重试')
+        await this.ctx.utils.sleep(5000)
+        return this.removeRecord(options)
+      }
+      throw e
+    }
  }
 }

--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-alb/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-alb/index.ts
@@ -1,29 +1,36 @@
-import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
-import { CertInfo ,CertApplyPluginNames, CertReader} from '@certd/plugin-cert';
-import { AliyunAccess, AliyunClient, AliyunSslClient, createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo, CertReader } from "@certd/plugin-cert";
+import {
+  AliyunAccess,
+  AliyunClient,
+  AliyunClientV2,
+  AliyunSslClient,
+  createCertDomainGetterInputDefine,
+  createRemoteSelectInputDefine
+} from "@certd/plugin-lib";

@IsTaskPlugin({
-  name: 'AliyunDeployCertToALB',
-  title: '阿里云-部署至ALB（应用负载均衡）',
-  icon: 'svg:icon-aliyun',
+  name: "AliyunDeployCertToALB",
+  title: "阿里云-部署至ALB（应用负载均衡）",
+  icon: "svg:icon-aliyun",
  group: pluginGroups.aliyun.key,
-  desc: 'ALB,更新监听器的默认证书',
+  desc: "ALB,更新监听器的默认证书",
  needPlus: false,
  default: {
    strategy: {
-      runStrategy: RunStrategy.SkipWhenSucceed,
-    },
-  },
+      runStrategy: RunStrategy.SkipWhenSucceed
+    }
+  }
 })
 export class AliyunDeployCertToALB extends AbstractTaskPlugin {
  @TaskInput({
-    title: '域名证书',
-    helper: '请选择证书申请任务输出的域名证书\n或者选择前置任务“上传证书到阿里云”任务的证书ID，可以减少上传到阿里云的证书数量',
+    title: "域名证书",
+    helper: "请选择证书申请任务输出的域名证书\n或者选择前置任务“上传证书到阿里云”任务的证书ID，可以减少上传到阿里云的证书数量",
    component: {
-      name: 'output-selector',
-      from: [...CertApplyPluginNames, 'uploadCertToAliyun'],
+      name: "output-selector",
+      from: [...CertApplyPluginNames, "uploadCertToAliyun"]
    },
-    required: true,
+    required: true
  })
  cert!: CertInfo | number;

@@ -31,122 +38,257 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
  certDomains!: string[];

  @TaskInput({
-    title: 'Access授权',
-    helper: '阿里云授权AccessKeyId、AccessKeySecret',
+    title: "证书接入点",
+    helper: "不会选就保持默认即可",
+    value: "cas.aliyuncs.com",
    component: {
-      name: 'access-selector',
-      type: 'aliyun',
+      name: "a-select",
+      options: [
+        { value: "cas.aliyuncs.com", label: "中国大陆" },
+        { value: "cas.ap-southeast-1.aliyuncs.com", label: "新加坡" },
+        { value: "cas.eu-central-1.aliyuncs.com", label: "德国（法兰克福）" }
+      ]
    },
-    required: true,
+    required: true
+  })
+  casEndpoint!: string;
+
+  @TaskInput({
+    title: "Access授权",
+    helper: "阿里云授权AccessKeyId、AccessKeySecret",
+    component: {
+      name: "access-selector",
+      type: "aliyun"
+    },
+    required: true
  })
  accessId!: string;

  @TaskInput(
    createRemoteSelectInputDefine({
-      title: 'ALB所在地区',
-      typeName: 'AliyunDeployCertToALB',
+      title: "ALB所在地区",
+      typeName: "AliyunDeployCertToALB",
      multi: false,
      action: AliyunDeployCertToALB.prototype.onGetRegionList.name,
-      watches: ['accessId'],
+      watches: ["accessId"]
    })
  )
  regionId: string;

  @TaskInput(
    createRemoteSelectInputDefine({
-      title: '负载均衡列表',
-      helper: '要部署证书的负载均衡ID',
-      typeName: 'AliyunDeployCertToALB',
+      title: "负载均衡列表",
+      helper: "要部署证书的负载均衡ID",
+      typeName: "AliyunDeployCertToALB",
      action: AliyunDeployCertToALB.prototype.onGetLoadBalanceList.name,
-      watches: ['regionId'],
+      watches: ["regionId"]
    })
  )
  loadBalancers!: string[];

  @TaskInput(
    createRemoteSelectInputDefine({
-      title: '监听器列表',
-      helper: '要部署证书的监听器列表',
-      typeName: 'AliyunDeployCertToALB',
+      title: "监听器列表",
+      helper: "要部署证书的监听器列表",
+      typeName: "AliyunDeployCertToALB",
      action: AliyunDeployCertToALB.prototype.onGetListenerList.name,
-      watches: ['loadBalancers'],
+      watches: ["loadBalancers"]
    })
  )
  listeners!: string[];

-  @TaskInput({
-    title: '证书接入点',
-    helper: '不会选就保持默认即可',
-    value: 'cas.aliyuncs.com',
-    component: {
-      name: 'a-select',
-      options: [
-        { value: 'cas.aliyuncs.com', label: '中国大陆' },
-        { value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡' },
-        { value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）' },
-      ],
-    },
-    required: true,
-  })
-  casEndpoint!: string;

-  async onInstance() {}
+  @TaskInput({
+      title: "部署证书类型",
+      value: "default",
+      component: {
+        name: "a-select",
+        vModel: "value",
+        options: [
+          {
+            label: "默认证书",
+            value: "default"
+          },
+          {
+            label: "扩展证书",
+            value: "extension"
+          }
+        ]
+      },
+      required: true
+    }
+  )
+  deployType: string = "default";
+
+
+  async onInstance() {
+  }

  async getLBClient(access: AliyunAccess, region: string) {
    const client = new AliyunClient({ logger: this.logger });

-    const version = '2020-06-16';
+    const version = "2020-06-16";
    await client.init({
      accessKeyId: access.accessKeyId,
      accessKeySecret: access.accessKeySecret,
      //https://wafopenapi.cn-hangzhou.aliyuncs.com
      endpoint: `https://alb.${region}.aliyuncs.com`,
-      apiVersion: version,
+      apiVersion: version
    });
    return client;
  }

+  getALBClientV2(access: AliyunAccess) {
+    return access.getClient(`alb.${this.regionId}.aliyuncs.com`);
+  }
+
  async execute(): Promise<void> {
    this.logger.info(`开始部署证书到阿里云(alb)`);
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const certId = await this.getAliyunCertId(access);

-    const client = await this.getLBClient(access, this.regionId);
+    //部署扩展证书
+    const albClientV2 = this.getALBClientV2(access);
+    if (this.deployType === "extension") {
+      await this.deployExtensionCert(albClientV2, certId);
+    } else {
+      const client = await this.getLBClient(access, this.regionId);
+      await this.deployDefaultCert(certId, client);
+    }

+    await this.ctx.utils.sleep(10000)
+    for (const listener of this.listeners) {
+      await this.clearInvalidCert(albClientV2, listener);
+    }
+
+
+    this.logger.info("执行完成");
+  }
+
+  private async deployDefaultCert(certId: any, client: AliyunClient) {
    for (const listener of this.listeners) {
-      //查询原来的证书
      let params: any = {};
      params = {
        ListenerId: listener,
        Certificates: [
          {
-            CertificateId: certId,
-          },
-        ],
+            CertificateId: certId
+          }
+        ]
      };

-      const res = await client.request('UpdateListenerAttribute', params);
+      const res = await client.request("UpdateListenerAttribute", params);
      this.checkRet(res);
      this.logger.info(`部署${listener}监听器证书成功`, JSON.stringify(res));
-
-      //删除旧证书关联
    }
-    this.logger.info('执行完成');
+  }
+
+  async deployExtensionCert(client: AliyunClientV2, certId: any) {
+    for (const listenerId of this.listeners) {
+      this.logger.info(`开始部署监听器${listenerId}的扩展证书`);
+      await client.doRequest({
+        // 接口名称
+        action: "AssociateAdditionalCertificatesWithListener",
+        // 接口版本
+        version: "2020-06-16",
+        data: {
+          query: {
+            ListenerId: listenerId,
+            Certificates: [
+              {
+                CertificateId: certId
+              }
+            ]
+          }
+        }
+      });
+
+      this.logger.info(`部署监听器${listenerId}的扩展证书成功`);
+    }
+  }
+
+  async clearInvalidCert(client: AliyunClientV2, listener: string) {
+    this.logger.info(`开始清理监听器${listener}的过期证书`);
+    const req = {
+      // 接口名称
+      action: "ListListenerCertificates",
+      // 接口版本
+      version: "2020-06-16",
+      data: {
+        query: {
+          ListenerId: listener
+        }
+      }
+    };
+    const res = await client.doRequest(req);
+    const list = res.Certificates;
+    if (list.length === 0) {
+      this.logger.info(`监听器${listener}没有绑定证书`);
+      return
+    }
+
+    const sslClient = new AliyunSslClient({
+      access: client.access,
+      logger: this.logger,
+      endpoint: this.casEndpoint
+    });
+
+
+    const certIds = [];
+    for (const item of list) {
+      if (item.Status !== "Associated") {
+        continue;
+      }
+      if (item.IsDefault) {
+        continue;
+      }
+      certIds.push( parseInt(item.CertificateId));
+    }
+    //检查是否过期，过期则删除
+    const invalidCertIds = [];
+    for (const certId of certIds) {
+      const res = await sslClient.getCertInfo(certId);
+      if (res.notAfter < new Date().getTime()) {
+        invalidCertIds.push(certId);
+      }
+    }
+    if (invalidCertIds.length === 0) {
+      this.logger.info(`监听器${listener}没有过期的证书`);
+      return
+    }
+    this.logger.info(`开始解绑过期的证书:${invalidCertIds}`);
+    await client.doRequest({
+      // 接口名称
+      action: "DissociateAdditionalCertificatesFromListener",
+      // 接口版本
+      version: "2020-06-16",
+      data: {
+        query: {
+          ListenerId: listener,
+          Certificates: invalidCertIds.map((item) => {
+            return {
+              CertificateId: item
+            }
+          })
+        }
+      }
+    });
+    this.logger.info(`解绑过期证书成功`);
  }

  async getAliyunCertId(access: AliyunAccess) {
    let certId: any = this.cert;
-    if (typeof this.cert === 'object') {
+    if (typeof this.cert === "object") {
      const sslClient = new AliyunSslClient({
        access,
        logger: this.logger,
-        endpoint: this.casEndpoint,
+        endpoint: this.casEndpoint
      });

-      const certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt))
+      const certName = this.buildCertName(CertReader.getMainDomain(this.cert.crt));
      certId = await sslClient.uploadCert({
        name: certName,
-        cert: this.cert,
+        cert: this.cert
      });
    }
    return certId;
@@ -154,74 +296,74 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {

  async onGetRegionList(data: any) {
    if (!this.accessId) {
-      throw new Error('请选择Access授权');
+      throw new Error("请选择Access授权");
    }
    const access = await this.getAccess<AliyunAccess>(this.accessId);
-    const client = await this.getLBClient(access, 'cn-shanghai');
+    const client = await this.getLBClient(access, "cn-shanghai");

-    const res = await client.request('DescribeRegions', {});
+    const res = await client.request("DescribeRegions", {});
    this.checkRet(res);
    if (!res?.Regions || res?.Regions.length === 0) {
-      throw new Error('没有找到Regions列表');
+      throw new Error("没有找到Regions列表");
    }

    return res.Regions.map((item: any) => {
      return {
        label: item.LocalName,
        value: item.RegionId,
-        endpoint: item.RegionEndpoint,
+        endpoint: item.RegionEndpoint
      };
    });
  }

  async onGetLoadBalanceList(data: any) {
    if (!this.accessId) {
-      throw new Error('请先选择Access授权');
+      throw new Error("请先选择Access授权");
    }
    if (!this.regionId) {
-      throw new Error('请先选择地区');
+      throw new Error("请先选择地区");
    }
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const client = await this.getLBClient(access, this.regionId);

    const params = {
-      MaxResults: 100,
+      MaxResults: 100
    };
-    const res = await client.request('ListLoadBalancers', params);
+    const res = await client.request("ListLoadBalancers", params);
    this.checkRet(res);
    if (!res?.LoadBalancers || res?.LoadBalancers.length === 0) {
-      throw new Error('没有找到LoadBalancers');
+      throw new Error("没有找到LoadBalancers");
    }

    return res.LoadBalancers.map((item: any) => {
      const label = `${item.LoadBalancerId}<${item.LoadBalancerName}}>`;
      return {
        label: label,
-        value: item.LoadBalancerId,
+        value: item.LoadBalancerId
      };
    });
  }

  async onGetListenerList(data: any) {
    if (!this.accessId) {
-      throw new Error('请先选择Access授权');
+      throw new Error("请先选择Access授权");
    }
    if (!this.regionId) {
-      throw new Error('请先选择地区');
+      throw new Error("请先选择地区");
    }
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const client = await this.getLBClient(access, this.regionId);

    const params: any = {
-      MaxResults: 100,
+      MaxResults: 100
    };
    if (this.loadBalancers && this.loadBalancers.length > 0) {
      params.LoadBalancerIds = this.loadBalancers;
    }
-    const res = await client.request('ListListeners', params);
+    const res = await client.request("ListListeners", params);
    this.checkRet(res);
    if (!res?.Listeners || res?.Listeners.length === 0) {
-      throw new Error('没有找到HTTPS监听器');
+      throw new Error("没有找到HTTPS监听器");
    }

    return res.Listeners.map((item: any) => {
@@ -229,16 +371,19 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
      return {
        label: label,
        value: item.ListenerId,
-        lbid: item.LoadBalancerId,
+        lbid: item.LoadBalancerId
      };
    });
  }

+
  checkRet(ret: any) {
    if (ret.Code != null) {
      throw new Error(ret.Message);
    }
  }
+
+
 }

 new AliyunDeployCertToALB();
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-nlb/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-nlb/index.ts
@@ -1,6 +1,13 @@
 import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
 import { CertInfo, CertReader } from "@certd/plugin-cert";
-import { AliyunAccess, AliyunClient, AliyunSslClient, createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from '@certd/plugin-lib';
+import {
+  AliyunAccess,
+  AliyunClient,
+  AliyunClientV2,
+  AliyunSslClient,
+  createCertDomainGetterInputDefine,
+  createRemoteSelectInputDefine
+} from "@certd/plugin-lib";
 import { CertApplyPluginNames} from '@certd/plugin-cert';
@IsTaskPlugin({
  name: 'AliyunDeployCertToNLB',
@@ -30,6 +37,23 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
  certDomains!: string[];

+
+  @TaskInput({
+    title: '证书接入点',
+    helper: '不会选就保持默认即可',
+    value: 'cas.aliyuncs.com',
+    component: {
+      name: 'a-select',
+      options: [
+        { value: 'cas.aliyuncs.com', label: '中国大陆' },
+        { value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡' },
+        { value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）' },
+      ],
+    },
+    required: true,
+  })
+  casEndpoint!: string;
+
  @TaskInput({
    title: 'Access授权',
    helper: '阿里云授权AccessKeyId、AccessKeySecret',
@@ -74,21 +98,30 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
  )
  listeners!: string[];

+
+
+
  @TaskInput({
-    title: '证书接入点',
-    helper: '不会选就保持默认即可',
-    value: 'cas.aliyuncs.com',
-    component: {
-      name: 'a-select',
-      options: [
-        { value: 'cas.aliyuncs.com', label: '中国大陆' },
-        { value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡' },
-        { value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）' },
-      ],
-    },
-    required: true,
-  })
-  casEndpoint!: string;
+      title: "部署证书类型",
+      value: "default",
+      component: {
+        name: "a-select",
+        vModel: "value",
+        options: [
+          {
+            label: "默认证书",
+            value: "default"
+          },
+          {
+            label: "扩展证书",
+            value: "extension"
+          }
+        ]
+      },
+      required: true
+    }
+  )
+  deployType: string = "default";

  async onInstance() {}

@@ -110,24 +143,137 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
    this.logger.info(`开始部署证书到阿里云(nlb)`);
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const certId = await this.getAliyunCertId(access);
+    const nlbClientV2 = this.getNLBClientV2(access);
+    if (this.deployType === "extension") {
+      //部署扩展证书
+      await this.deployExtensionCert(nlbClientV2, certId);
+    } else {
+      const client = await this.getLBClient(access, this.regionId);
+      await this.deployDefaultCert(certId, client);
+    }

-    const client = await this.getLBClient(access, this.regionId);
+    await this.ctx.utils.sleep(10000)
+    for (const listener of this.listeners) {
+      await this.clearInvalidCert(nlbClientV2, listener);
+    }

+    this.logger.info('执行完成');
+  }
+
+  async deployExtensionCert(client: AliyunClientV2, certId: any) {
+    for (const listenerId of this.listeners) {
+      this.logger.info(`开始部署监听器${listenerId}的扩展证书`);
+      await client.doRequest({
+        // 接口名称
+        action: "AssociateAdditionalCertificatesWithListener",
+        // 接口版本
+        version: "2022-04-30",
+        data: {
+          body: {
+            ListenerId: listenerId,
+            RegionId: this.regionId,
+            "AdditionalCertificateIds.1":  certId
+          }
+        }
+      });
+
+      this.logger.info(`部署监听器${listenerId}的扩展证书成功`);
+    }
+  }
+
+
+  async deployDefaultCert(certId: any, client: AliyunClient) {
    for (const listener of this.listeners) {
      //查询原来的证书
      const params: any = {
        RegionId: this.regionId,
        ListenerId: listener,
-        CertificateIds: [certId],
+        CertificateIds:[certId], //旧sdk
      };

      const res = await client.request('UpdateListenerAttribute', params);
      this.checkRet(res);
      this.logger.info(`部署${listener}监听器证书成功`, JSON.stringify(res));
-
-      //删除旧证书关联
    }
-    this.logger.info('执行完成');
+  }
+
+
+  getNLBClientV2(access: AliyunAccess) {
+    return access.getClient(`nlb.${this.regionId}.aliyuncs.com`);
+  }
+
+  async clearInvalidCert(client: AliyunClientV2, listener: string) {
+    this.logger.info(`开始清理监听器${listener}的过期证书`);
+    const req = {
+      // 接口名称
+      action: "ListListenerCertificates",
+      // 接口版本
+      version: "2022-04-30",
+      data: {
+        body: {
+          ListenerId: listener,
+          RegionId: this.regionId
+        }
+      }
+    };
+    const res = await client.doRequest(req);
+    const list = res.Certificates;
+    if (list.length === 0) {
+      this.logger.info(`监听器${listener}没有绑定证书`);
+      return
+    }
+
+    const sslClient = new AliyunSslClient({
+      access: client.access,
+      logger: this.logger,
+      endpoint: this.casEndpoint
+    });
+
+
+    const certIds = [];
+    for (const item of list) {
+      if (item.Status !== "Associated") {
+        continue;
+      }
+      if (item.IsDefault) {
+        continue;
+      }
+      certIds.push( parseInt(item.CertificateId));
+    }
+    //检查是否过期，过期则删除
+    const invalidCertIds = [];
+    for (const certId of certIds) {
+      const res = await sslClient.getCertInfo(certId);
+      if (res.notAfter < new Date().getTime()) {
+        invalidCertIds.push(certId);
+      }
+    }
+    if (invalidCertIds.length === 0) {
+      this.logger.info(`监听器${listener}没有过期的证书`);
+      return
+    }
+    this.logger.info(`开始解绑过期的证书:${invalidCertIds}`);
+
+    const ids:any = {}
+    let i = 0
+    for (const certId of invalidCertIds) {
+      i++
+      ids[`AdditionalCertificateIds.${i}`] = certId;
+    }
+    await client.doRequest({
+      // 接口名称
+      action: "DissociateAdditionalCertificatesFromListener",
+      // 接口版本
+      version: "2022-04-30",
+      data: {
+        body: {
+          ListenerId: listener,
+          RegionId: this.regionId,
+          ...ids
+        }
+      }
+    });
+    this.logger.info(`解绑过期证书成功`);
  }

  async getAliyunCertId(access: AliyunAccess) {
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-slb/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-slb/index.ts
@@ -233,6 +233,7 @@ export class AliyunDeployCertToSLB extends AbstractTaskPlugin {
      RegionId: this.regionId,
      AliCloudCertificateId: aliyunCert.certId,
      AliCloudCertificateName: aliyunCert.certName,
+      AliCloudCertificateRegionId: aliyunCert.casRegion
    };

    const res = await client.request('UploadServerCertificate', params);
--- a/packages/ui/certd-server/src/plugins/plugin-aws-cn/access.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aws-cn/access.ts
@@ -0,0 +1,38 @@
+import { AccessInput, BaseAccess, IsAccess } from '@certd/pipeline';
+
+export const AwsCNRegions = [
+  { label: 'cn-north-1', value: 'cn-north-1' },
+  { label: 'cn-northwest-1', value: 'cn-northwest-1' },
+];
+
+@IsAccess({
+  name: 'aws-cn',
+  title: '亚马逊云科技（国区）授权',
+  desc: '',
+  icon: 'svg:icon-aws',
+})
+export class AwsCNAccess extends BaseAccess {
+  @AccessInput({
+    title: 'accessKeyId',
+    component: {
+      placeholder: 'accessKeyId',
+    },
+    helper:
+      '右上角->安全凭证->访问密钥，[点击前往](https://cn-north-1.console.amazonaws.cn/iam/home?region=cn-north-1#/security_credentials/access-key-wizard#)',
+    required: true,
+  })
+  accessKeyId = '';
+
+  @AccessInput({
+    title: 'secretAccessKey',
+    component: {
+      placeholder: 'secretAccessKey',
+    },
+    required: true,
+    encrypt: true,
+    helper: '请妥善保管您的安全访问密钥。您可以在AWS管理控制台的IAM中创建新的访问密钥。',
+  })
+  secretAccessKey = '';
+}
+
+new AwsCNAccess();
--- a/packages/ui/certd-server/src/plugins/plugin-aws-cn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aws-cn/index.ts
@@ -0,0 +1,2 @@
+export * from './plugins/index.js';
+export * from './access.js';
--- a/packages/ui/certd-server/src/plugins/plugin-aws-cn/libs/aws-iam-client.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aws-cn/libs/aws-iam-client.ts
@@ -0,0 +1,42 @@
+// 导入所需的 SDK 模块
+import { AwsCNAccess } from '../access.js';
+import { CertInfo } from '@certd/plugin-cert';
+
+type AwsIAMClientOptions = { access: AwsCNAccess; region: string };
+
+export class AwsIAMClient {
+  options: AwsIAMClientOptions;
+  access: AwsCNAccess;
+  region: string;
+  constructor(options: AwsIAMClientOptions) {
+    this.options = options;
+    this.access = options.access;
+    this.region = options.region;
+  }
+  async importCertificate(certInfo: CertInfo, certName: string) {
+    // 创建 IAM 客户端
+    const { IAMClient, UploadServerCertificateCommand } = await import('@aws-sdk/client-iam');
+    const iamClient = new IAMClient({
+      region: this.region, // 替换为您的 AWS 区域
+      credentials: {
+        accessKeyId: this.access.accessKeyId, // 从环境变量中读取
+        secretAccessKey: this.access.secretAccessKey,
+      },
+    });
+
+    const cert = certInfo.crt.split('-----END CERTIFICATE-----')[0] + '-----END CERTIFICATE-----';
+    const chain = certInfo.crt.split('-----END CERTIFICATE-----\n')[1];
+    // 构建上传参数
+    const command = new UploadServerCertificateCommand({
+      Path: '/cloudfront/',
+      ServerCertificateName: certName,
+      CertificateBody: cert,
+      PrivateKey: certInfo.key,
+      CertificateChain: chain
+    })
+    const data = await iamClient.send(command);
+    console.log('Upload successful:', data);
+    // 返回证书 ID
+    return data.ServerCertificateMetadata.ServerCertificateId;
+  }
+}
--- a/packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/index.ts
@@ -0,0 +1 @@
+export * from './plugin-deploy-to-cloudfront.js';
--- a/packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/plugin-deploy-to-cloudfront.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aws-cn/plugins/plugin-deploy-to-cloudfront.ts
@@ -0,0 +1,164 @@
+import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { AwsCNAccess, AwsCNRegions } from "../access.js";
+import { AwsIAMClient } from "../libs/aws-iam-client.js";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+
+@IsTaskPlugin({
+  name: 'AwsCNDeployToCloudFront',
+  title: 'AWS(国区)-部署证书到CloudFront',
+  desc: '部署证书到 AWS CloudFront',
+  icon: 'svg:icon-aws',
+  group: pluginGroups.aws.key,
+  needPlus: false,
+  default: {
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed,
+    },
+  },
+})
+export class AwsCNDeployToCloudFront extends AbstractTaskPlugin {
+  @TaskInput({
+    title: '域名证书',
+    helper: '请选择前置任务输出的域名证书',
+    component: {
+      name: 'output-selector',
+      from: [...CertApplyPluginNames, 'AwsUploadToACM'],
+    },
+    required: true,
+  })
+  cert!: CertInfo | string;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+  @TaskInput({
+    title: '区域',
+    helper: '证书上传区域',
+    component: {
+      name: 'a-auto-complete',
+      vModel: 'value',
+      options: AwsCNRegions,
+    },
+    required: true,
+  })
+  region!: string;
+
+  @TaskInput({
+    title: 'Access授权',
+    helper: 'aws的授权',
+    component: {
+      name: 'access-selector',
+      type: 'aws-cn',
+    },
+    required: true,
+  })
+  accessId!: string;
+
+  @TaskInput({
+    title: '证书名称',
+    helper: '上传后将以此名称作为前缀备注',
+  })
+  certName!: string;
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: '分配ID',
+      helper: '请选择distributions id',
+      action: AwsCNDeployToCloudFront.prototype.onGetDistributions.name,
+      required: true,
+    })
+  )
+  distributionIds!: string[];
+
+  async onInstance() {}
+
+  async execute(): Promise<void> {
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+
+    let certId = this.cert as string;
+    if (typeof this.cert !== 'string') {
+      //先上传
+      certId = await this.uploadToIAM(access, this.cert);
+    }
+    //部署到CloudFront
+
+    const { CloudFrontClient, UpdateDistributionCommand, GetDistributionConfigCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+
+    // update-distribution
+    for (const distributionId of this.distributionIds) {
+      // get-distribution-config
+      const getDistributionConfigCommand = new GetDistributionConfigCommand({
+        Id: distributionId,
+      });
+
+      const configData = await cloudFrontClient.send(getDistributionConfigCommand);
+      const updateDistributionCommand = new UpdateDistributionCommand({
+        DistributionConfig: {
+          ...configData.DistributionConfig,
+          ViewerCertificate: {
+            ...configData.DistributionConfig.ViewerCertificate,
+            IAMCertificateId: certId,
+          },
+        },
+        Id: distributionId,
+        IfMatch: configData.ETag,
+      });
+      await cloudFrontClient.send(updateDistributionCommand);
+      this.logger.info(`部署${distributionId}完成:`);
+    }
+    this.logger.info('部署完成');
+  }
+
+  private async uploadToIAM(access: AwsCNAccess, cert: CertInfo) {
+    const acmClient = new AwsIAMClient({
+      access,
+      region: this.region,
+    });
+    const awsCertID = await acmClient.importCertificate(cert, this.appendTimeSuffix(this.certName));
+    this.logger.info('证书上传成功,id=', awsCertID);
+    return awsCertID;
+  }
+
+  //查找分配ID列表选项
+  async onGetDistributions() {
+    if (!this.accessId) {
+      throw new Error('请选择Access授权');
+    }
+
+    const access = await this.getAccess<AwsCNAccess>(this.accessId);
+    const { CloudFrontClient, ListDistributionsCommand } = await import('@aws-sdk/client-cloudfront');
+    const cloudFrontClient = new CloudFrontClient({
+      region: this.region,
+      credentials: {
+        accessKeyId: access.accessKeyId,
+        secretAccessKey: access.secretAccessKey,
+      },
+    });
+    // list-distributions
+    const listDistributionsCommand = new ListDistributionsCommand({});
+    const data = await cloudFrontClient.send(listDistributionsCommand);
+    const distributions = data.DistributionList?.Items;
+    if (!distributions || distributions.length === 0) {
+      throw new Error('找不到CloudFront分配ID，您可以手动输入');
+    }
+
+    const options = distributions.map((item: any) => {
+      return {
+        value: item.Id,
+        label: `${item.DomainName}<${item.Id}>`,
+        domain: item.DomainName,
+      };
+    });
+    return this.ctx.utils.options.buildGroupOptions(options, this.certDomains);
+  }
+}
+
+new AwsCNDeployToCloudFront();
--- a/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-github/plugins/plugin-check-release.ts
@@ -71,6 +71,7 @@ export class GithubCheckRelease extends AbstractTaskPlugin {

    if(res.tag_name == null || res.tag_name ==lastVersion){
      this.logger.info(`暂无更新，${res.tag_name}`);
+      this.lastVersion = res.tag_name || lastVersion;
      return "skip"
    }
    //有更新
--- a/packages/ui/certd-server/src/plugins/plugin-proxmox/access.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-proxmox/access.ts
@@ -58,6 +58,16 @@ export class ProxmoxAccess extends BaseAccess {
    encrypt: true,
  })
  password = '';
+
+  @AccessInput({
+    title: '领域',
+    component: {
+      placeholder: 'realm',
+    },
+    required: true,
+    encrypt: false,
+  })
+  realm = '';
 }

 new ProxmoxAccess();
--- a/packages/ui/certd-server/src/plugins/plugin-proxmox/plugins/plugin-upload.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-proxmox/plugins/plugin-upload.ts
@@ -95,7 +95,7 @@ export class ProxmoxUploadCert extends AbstractPlusTaskPlugin {
    const access: ProxmoxAccess = await this.getAccess<ProxmoxAccess>(this.accessId);
    const pve = await import('@certd/cv4pve-api-javascript');
    const client = new pve.PveClient(access.host, access.port);
-    const login = await client.login(access.username, access.password, 'pam');
+    const login = await client.login(access.username, access.password, access.realm || 'pam');
    if (!login) {
      throw new Error(`Login failed:${JSON.stringify(login)}`);
    }
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
Author	SHA1	Message	Date
xiaojunnuo	f252871fb8	v1.35.2	2025-06-09 23:57:04 +08:00
xiaojunnuo	107196122c	build: prepare to build	2025-06-09 23:54:50 +08:00
xiaojunnuo	563c02d8da	build: prepare to build	2025-06-09 23:50:44 +08:00
xiaojunnuo	765934970a	chore: 数据库	2025-06-09 23:50:19 +08:00
xiaojunnuo	9cbdfda829	perf: 优化阿里云nlb支持部署扩展证书	2025-06-09 23:41:44 +08:00
xiaojunnuo	c1fbc8cd68	fix: 修复阿里云新加坡clb无法部署证书的bug	2025-06-09 23:41:21 +08:00
xiaojunnuo	a92107cc47	fix: 修复检查github release 插件无法保存最后版本的bug	2025-06-09 23:35:17 +08:00
xiaojunnuo	3e84e116e8	fix: 修复阿里云新加坡clb无法部署证书的bug	2025-06-09 22:46:59 +08:00
xiaojunnuo	7c0cdd169e	perf: 子域名托管帮助链接优化为打开新窗口 Closes https://github.com/certd/certd/issues/419	2025-06-09 22:28:56 +08:00
xiaojunnuo	424fd96615	perf: 阿里云dns操作增加重试机制	2025-06-09 11:42:25 +08:00
xiaojunnuo	ebfcea88da	chore:	2025-06-09 11:38:07 +08:00
xiaojunnuo	3c7eb2f5e2	chore: 小优化	2025-06-09 11:32:06 +08:00
xiaojunnuo	936167972f	fix: 修复站点监控定时器多次添加的bug	2025-06-09 11:14:45 +08:00
xiaojunnuo	7f6070c960	perf: history增加触发类型显示	2025-06-09 11:13:51 +08:00
xiaojunnuo	0aea9c129c	build: publish	2025-06-07 09:12:22 +08:00
xiaojunnuo	d20fb7daa8	build: trigger build image	2025-06-07 09:12:06 +08:00
xiaojunnuo	a619f8a2fe	v1.35.1	2025-06-07 09:10:46 +08:00
xiaojunnuo	0acb858d7b	build: prepare to build	2025-06-07 09:08:51 +08:00
xiaojunnuo	e459be76fe	build: prepare to build	2025-06-07 09:05:35 +08:00
xiaojunnuo	c4c59ccc75	revert:	2025-06-07 01:19:47 +08:00
xiaojunnuo	c820315409	perf: 优化流水线页面，增加下次执行时间、查看证书显示	2025-06-07 01:19:37 +08:00
xiaojunnuo	2a19b61b7a	perf: aliyun alb支持部署扩展证书	2025-06-07 00:15:16 +08:00
xiaojunnuo	e1cf64ae16	perf: 修改 HTTPS 服务器监听地址 - 将 HTTPS服务器的监听地址从 '0.0.0.0' 修改为 '::'，以支持 IPv6 https://github.com/certd/certd/issues/416	2025-06-06 22:27:41 +08:00
xiaojunnuo	d3c2f8eb43	perf: 站点证书监控支持定时设置，重试次数设置	2025-06-06 18:20:30 +08:00
xiaojunnuo	a00453c83a	fix: 修复站点监控通知渠道设置无效的bug	2025-06-06 16:12:30 +08:00
xiaojunnuo	2eb0e54909	perf: 证书申请支持letencrypt profile选项	2025-06-06 15:12:24 +08:00
xiaojunnuo	ac87bc57e9	fix: 某些证书提供商的证书确实commonName导致无法转换证书的问题	2025-06-06 13:53:05 +08:00
xiaojunnuo	2b8ea857f0	build: publish	2025-06-06 00:12:42 +08:00
xiaojunnuo	11c52114b2	build: trigger build image	2025-06-06 00:12:26 +08:00
xiaojunnuo	f55f9b4dd3	v1.35.0	2025-06-06 00:11:09 +08:00
xiaojunnuo	cdd369ea98	build: prepare to build	2025-06-06 00:09:15 +08:00
xiaojunnuo	f2aab9f476	build: prepare to build	2025-06-06 00:02:00 +08:00
xiaojunnuo	2619dc3556	chore:	2025-06-06 00:01:39 +08:00
xiaojunnuo	1bbed351ba	Merge branch 'v2-dev' into v2	2025-06-05 23:56:47 +08:00
xiaojunnuo	4cfb2644c6	build: publish	2025-06-05 23:52:05 +08:00
xiaojunnuo	5b85c7ad39	build: trigger build image	2025-06-05 23:51:48 +08:00
greper	9d6ad771a3	perf: AWS 中国区 CloudFront 证书部署（IAM 证书）@wifi9984 feat: AWS 中国区 CloudFront 证书部署（IAM 证书） @wifi9984	2025-06-05 15:50:31 +08:00
greper	bafccb20c6	perf: 为proxmox登录添加领域字段（@yajiedesign）为proxmox登录添加领域字段	2025-06-05 15:48:32 +08:00
yajiedesign	ca58056a75	根据要求修改	2025-06-05 14:25:36 +08:00
yajiedesign	fba7afc4e9	为proxmox登录添加领域字段	2025-06-05 13:39:10 +08:00
greper	9d10c45dac	Merge pull request #411 from 5aaee9/v2 支持为 Lego 添加额外的命令参数	2025-06-04 16:41:17 +08:00
Indexyz	b84159f2f1	feat(lego): support for command options	2025-06-04 16:31:25 +08:00
wifi9984	6702ca10a1	feat: 完善注释	2025-05-31 22:19:34 +08:00
wifi9984	4b44bd5e61	reset pnpm-lock	2025-05-31 22:00:32 +08:00
wifi9984	8a55beda92	feat: AWS 中国区 CloudFront 证书部署（IAM 证书）	2025-05-31 21:46:21 +08:00
@@ -1 +1 @@
 :57
 :12
@@ -1 +1 @@
 :48
 :54
				`@@ -0,0 +1,2 @@`

				ALTER TABLE pi_history ADD COLUMN `trigger_type` varchar(100);
				`@@ -0,0 +1,2 @@`

				`ALTER TABLE pi_history ADD COLUMN "trigger_type" varchar(100);`
				`@@ -0,0 +1 @@`
				`export * from './plugin-deploy-to-cloudfront.js';`