v1.36.18

build: prepare to build
perf: 支持部署到dokploy
2026-04-03 22:20:51 +08:00 · 2025-08-29 00:41:56 +08:00 · 2025-08-29 00:39:03 +08:00 · 2025-08-29 00:38:45 +08:00 · 2025-08-28 22:39:11 +08:00 · 2025-08-28 21:28:32 +08:00
1105 changed files with 30309 additions and 11482 deletions
--- a/.editorconfig
+++ b/.editorconfig
@@ -0,0 +1,11 @@
+#
+# http://editorconfig.org
+#
+
+root = true
+
+[*]
+indent_style = space
+indent_size = 2
+trim_trailing_whitespace = true
+
--- a/.github/ISSUE_TEMPLATE/1plugin.md
+++ b/.github/ISSUE_TEMPLATE/1plugin.md
@@ -0,0 +1,36 @@
+---
+name: Plugin Apply
+about: 部署插件申请支持
+title: "[Plugin] "
+labels: feature
+---
+
+> > 感谢您支持certd，请按如下规范提交issue
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+# 新部署插件申请支持
+
+## 1. 需求描述
+`请在此处简要描述你的需求`
+
+
+## 2. 要部署证书应用的信息
+
+1. 应用名称：
+
+
+2. 应用网址/项目地址/官方网站：
+
+
+3. 管理证书界面截图（或者手动部署证书方式介绍及截图）：
+
+
+4. 是否有API接口，接口地址：
+
+
+5. 如果没有API接口，网页登录是否需要验证码：
+
+
+6. 是否可以提供测试账号？（如果可以请留下联系方式或者加作者好友）
+
+
--- a/.github/ISSUE_TEMPLATE/2dns.md
+++ b/.github/ISSUE_TEMPLATE/2dns.md
@@ -0,0 +1,36 @@
+---
+name: DNS Provider Apply
+about: 域名提供商申请支持
+title: "[DNS] "
+labels: feature
+---
+
+
+> 感谢您支持certd，请按如下规范提交issue
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+# 新域名提供商支持申请
+
+## 1. 基本信息
+请填写如下内容：
+
+1. 域名提供商名称：
+
+
+2. 管理页面地址：
+
+
+3. 是否有API接口，接口地址：
+
+
+4. 如果没有API接口，网页登录是否有验证码：
+
+
+5. 是否可以提供测试账号？（如果可以请留下联系方式或者加作者好友）
+
+
+
+## 2. 截图
+
+`域名管理页面截图`
+
--- a/.github/ISSUE_TEMPLATE/3bug.md
+++ b/.github/ISSUE_TEMPLATE/3bug.md
@@ -1,21 +1,28 @@
-> 感谢您支持certd，请按如下规范提交issue    
+---
+name: Bug Report
+about: 错误或问题报告
+title: "[BUG] "
+labels: bug
+---
+
+
+> 感谢您支持certd，请按如下规范提交issue
 > 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)

-
-## 一、问题描述
+# bug提交
+## 1、问题描述
 `请在此处简要描述你所遇到的问题，必要时请贴出相关截图辅助理解和定位`

-### 复现步骤
+### 2、复现步骤
 `请描述复现问题的详细步骤`
 `如果非示例页面的问题，最好能提供最小复现示例的代码、或者仓库链接`


-### 报错截图
+### 3.报错截图
 `请贴出报错日志截图`

-### 效果截图
+### 4、效果截图
 `请贴出效果截图`
-#### 1. 期望效果
-
-#### 2. 实际效果
+#### 4.1. 期望效果

+#### 4.2. 实际效果
--- a/.github/ISSUE_TEMPLATE/4feature.md
+++ b/.github/ISSUE_TEMPLATE/4feature.md
@@ -0,0 +1,24 @@
+---
+name: Feature Request
+about: 新需求、新特性申请支持
+title: "[Feature] "
+labels: feature
+---
+
+> > 感谢您支持certd，请按如下规范提交issue
+> 如果有条件，请尽量在[github上提交](https://github.com/certd/certd/issues)
+
+
+# 新特性申请
+>注意：这里仅供如果是要申请新的部署插件，请提交插件申请
+
+## 1. 需求描述，需求背景
+`请在此处简要描述你所遇到的问题，必要时请贴出相关截图辅助理解`
+
+
+## 2. 期望效果
+`必要时可以截图描述你的期望效果`
+
+
+## 3. 你的解决方案
+`如果你有解决方案，请描述你的方案`
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,412 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Bug Fixes
+
+* 更新我爱云CDN域名地址，和部分目录结构 [@tyjsjxh](https://github.com/tyjsjxh)  ([#514](https://github.com/certd/certd/issues/514)) ([78e7a81](https://github.com/certd/certd/commit/78e7a81638c2ee779f0ab6c3ba7e5c6f6e064151))
+* 修复cron选择组件星期显示错误的bug ([eb75e52](https://github.com/certd/certd/commit/eb75e52278f94a72643f7317e6740fb42666c68a))
+* 修复proxmox某些情况下执行卡住的bug ([ebd6917](https://github.com/certd/certd/commit/ebd6917a1d40ae4d94555c32b7e3c093d0599b94))
+
+### Performance Improvements
+
+* 部署到k8s支持自动创建secret ([c09c962](https://github.com/certd/certd/commit/c09c962cb676ca261610aa9f3e5105c9dae43f43))
+* 短信验证码支持腾讯云 ([9108459](https://github.com/certd/certd/commit/9108459ae42bcd95a59acba164a64e82e5f2cfe6))
+* 商业版支持自定义插件的参数配置 ([17f23f3](https://github.com/certd/certd/commit/17f23f37516af925d5049291d67d41e4271f81f8))
+* 腾讯云插件支持国际版 ([58e82d5](https://github.com/certd/certd/commit/58e82d5dbd4ebf089ef239578ef9b68454d17b30))
+* 腾讯云EO插件支持自动获取zoneid和域名列表 ([70fcdc9](https://github.com/certd/certd/commit/70fcdc9ebbfb7c883c0c8a2138f61a0776a9491b))
+* 支持部署到阿里云云原生API网关、AI网关 ([2ca20be](https://github.com/certd/certd/commit/2ca20be197720201fceabcce9d927f4dbc1cc872))
+* 支持部署到华为云obs ([9feb9d0](https://github.com/certd/certd/commit/9feb9d04b3c56ec95c06fcf4fd071eb0e88ffc6f))
+* 支持部署到dokploy ([7dbdeae](https://github.com/certd/certd/commit/7dbdeaebe0bfee7521a863fe5e6b4a712aec5876))
+* 支持删除宝塔证书夹中的过期证书 ([3575113](https://github.com/certd/certd/commit/3575113655be751d19f88c64491e98a89042d6a2))
+* 支持p7b证书格式 ([d9f4a57](https://github.com/certd/certd/commit/d9f4a5793d68a017a5d80ad5385cbda603c4e165))
+* lecdnv2支持api token ([e448934](https://github.com/certd/certd/commit/e4489343fee7754be07bcfc3323969dc3a30e90c))
+* openapi返回证书时挑选匹配范围最小的那一个；增加format参数，增加返回值p7b格式，增加detail返回 ([2085bcc](https://github.com/certd/certd/commit/2085bcceb61c3723c9bdfec4c4cc0917631ff5e5))
+* ssh 配置sudo免密提示 ([e1e7011](https://github.com/certd/certd/commit/e1e7011853ad0c5bd7b09c3690861d5aa34b2db4))
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+### Bug Fixes
+
+* 修复新部署的无法保存公共eab配置的bug ([d5dee75](https://github.com/certd/certd/commit/d5dee75df3bd635a597436e448b2de1407531f3a))
+
+### Performance Improvements
+
+* 阿里云 FC3.0 不在要求证书加密方式为旧版， 修复支持的协议类型可以正常选择 ([a34db74](https://github.com/certd/certd/commit/a34db7449eff6ad1dda01de673bf85579fa3865a))
+* 部署到腾讯云cdn，每个域名增加3每秒延迟 ([f7d43ad](https://github.com/certd/certd/commit/f7d43ad5af4663d4be369820a80d1fd9817ca4ab))
+* 腾讯云关闭证书通知增加开关选项，在腾讯云授权里面 ([a77c777](https://github.com/certd/certd/commit/a77c777980dd38d97d983124eeed1596879bba95))
+* 证书申请任务默认不发送申请成功通知 ([0283bd2](https://github.com/certd/certd/commit/0283bd2f978dbcd13d361129135e439dd9fbc180))
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Bug Fixes
+
+* 修复授权配置复制功能，无法复制已加密字段的问题 ([221e068](https://github.com/certd/certd/commit/221e068bac3af6cd5d1794f8cd4c2ec5c0bc3f45))
+
+### Performance Improvements
+
+* 百度云支持上传到证书托管，支持部署到负载均衡 ([798a48a](https://github.com/certd/certd/commit/798a48aa9686fd5d11cfffb6cd93eadfc40aacb3))
+* 部署到百度cdn支持自动获取域名列表选择 ([4e432ed](https://github.com/certd/certd/commit/4e432ed03f4fb564e85a2f284ee26b58400b82f5))
+* 验证码可重试次数设置为3次 ([1bdceee](https://github.com/certd/certd/commit/1bdceeecf4b5daecdd621a05a2596b6eb45ce8ea))
+* 增加找回密码的验证码可重试次数 [@nicheng-he](https://github.com/nicheng-he)  ([#496](https://github.com/certd/certd/issues/496)) ([fe03f99](https://github.com/certd/certd/commit/fe03f9942b5662fb90cad86da10782f5dc3603f5))
+* 支持阿里云API网关 ([9e1e4ee](https://github.com/certd/certd/commit/9e1e4eeec2859759ca5b07834c9d24cf88a6ad33))
+* 支持部署到金山云CDN ([dfa74a6](https://github.com/certd/certd/commit/dfa74a69f7cbb9009d3e20c7eecfa1b905a00cf0))
+* 支持更新金山云cdn证书 ([462e22a](https://github.com/certd/certd/commit/462e22a3b0a94887462fe6aa68e4671a365e0737))
+* 支持apisix证书部署 ([9b63fb4](https://github.com/certd/certd/commit/9b63fb4ee2c6b56139160c5bf63482dab0869c2b))
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Bug Fixes
+
+* 修复  https://cas.undefined.aliyuncs.com 的bug ([60e6aa9](https://github.com/certd/certd/commit/60e6aa9b54a761a47e39acee4a1ff947a745be27))
+* 修复阿里云clb api接口没有使用region的问题 ([0770f17](https://github.com/certd/certd/commit/0770f174a14313e28d08113e69829ef6cc02d719))
+* 修复站点监控使用自定义dns解析域名报错的bug ([eb8cd53](https://github.com/certd/certd/commit/eb8cd53de27991321e36dd14e5ce95f42b51351f))
+
+### Performance Improvements
+
+* 部署到阿里云支持选择bucket和域名 ([013b9c4](https://github.com/certd/certd/commit/013b9c4c7c2adf485d086123ccea448719577fd4))
+* 清理数据库备份的临时目录 ([fd95549](https://github.com/certd/certd/commit/fd95549de9a5d8cec09772ee2630bb7521e15e1f))
+* 添加免费通知,OneBot V11协议通知支持 ([#491](https://github.com/certd/certd/issues/491)) [@ayakasuki](https://github.com/ayakasuki)  ([be053d4](https://github.com/certd/certd/commit/be053d47e41084f817882400882b64143d036d1a))
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+* 注册时支持填写用户名 ([fdcfcc7](https://github.com/certd/certd/commit/fdcfcc77a0db87954e0b026635d3ccdd9bc6cee8))
+* add start:server npm script for quick server launch from root directory ([#484](https://github.com/certd/certd/issues/484)) [@orzyyyy](https://github.com/orzyyyy) ([fae1981](https://github.com/certd/certd/commit/fae1981161080f698c3f1263b712306d63baae64))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复复制流水线为空的bug ([b070773](https://github.com/certd/certd/commit/b0707739fdfbae3d78db4efd3f180db05c4e4164))
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+* 优化start脚本 ([238ad7c](https://github.com/certd/certd/commit/238ad7ce51f17e1098c624e7f61ee2d98de1e02d))
+* 运行主机脚本插件支持选择运行策略 ([86b3df1](https://github.com/certd/certd/commit/86b3df194126476e1f58e0952a77e986f62eecce))
+* cdnfly 支持 账号密码登陆授权 ([e87f6d5](https://github.com/certd/certd/commit/e87f6d56f524dbbb9e3243e382b348b6e49f0d2c))
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+* 首页增加更新日志按钮 ([41ce848](https://github.com/certd/certd/commit/41ce8489dc2f03a705dfa3fbb357769defb56c60))
+* 增加版本过低提示 ([d1ce360](https://github.com/certd/certd/commit/d1ce36038cab72b5dc1b320d0a708c261ffbdacb))
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+### Bug Fixes
+
+* 安全更新，备份数据库插件仅限管理员运行 ([13dfca1](https://github.com/certd/certd/commit/13dfca1749275526c82465a17c482b607c820fdd))
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+### Bug Fixes
+
+* 企业微信通知改成text类型，因为markdown类型不支持@用户 ([747d266](https://github.com/certd/certd/commit/747d26674248082e678a3fd5ecc94712641a2716))
+* api接口获取不到证书的bug ([05a33a0](https://github.com/certd/certd/commit/05a33a0ec9999e2802f6c7b23cc1c61a2b9e963d))
+
+### Performance Improvements
+
+* 部署到阿里云oss插件支持选择上传到阿里云cas中的证书 ([2ea2c8c](https://github.com/certd/certd/commit/2ea2c8c05fc40f79595f1bbde67c1413558bf684))
+* 优化子域名托管的说明 ([b15f514](https://github.com/certd/certd/commit/b15f514018b728acb0922ee3f93c1f302eb5d471))
+* 账号即将过期通知 ([e403450](https://github.com/certd/certd/commit/e40345095f31e2fb8e2333a6647466659133fa0c))
+* 子域名托管重复域名不允许添加 ([ffc0c7b](https://github.com/certd/certd/commit/ffc0c7bb7b16d9904fd2d905d1c4e1d4854e92a9))
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+### Bug Fixes
+
+* 修复ssh无法执行命令的bug ([9763cb0](https://github.com/certd/certd/commit/9763cb00e5d95b2fa5d1c2d3d4a8eecac71600e6))
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+### Bug Fixes
+
+* 修复流水线列表页报length错误的bug ([9864792](https://github.com/certd/certd/commit/9864792bbfd149e770d6e1ffa809573694f99dd3))
+* 修复流水线页面状态没有刷新的bug ([93e9498](https://github.com/certd/certd/commit/93e9498b410353f504e11e264db62468895d7290))
+* 修复自定义证书检查时间重启之后不生效的bug ([38e867c](https://github.com/certd/certd/commit/38e867c917bbc68bd228bdd8064f3e7358d6413d))
+
+### Performance Improvements
+
+* 支持上传证书到各种对象存储，oss、cos、七牛、s3、minio等 ([1da8617](https://github.com/certd/certd/commit/1da8617a53a675776635bbc3bcb3c6d7dff83e27))
+* 支持邮箱发送证书 ([95332d5](https://github.com/certd/certd/commit/95332d5db96cd54ddab6ab737332417a09169b39))
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+### Bug Fixes
+
+* 修复某些页面翻译不全显示错误的bug ([0b3158f](https://github.com/certd/certd/commit/0b3158fdd5fe5bb0a98c4e65715dbc3de2c38047))
+* 修复运行流水线后会闪烁一下的bug ([dfc9362](https://github.com/certd/certd/commit/dfc9362084082ee535b898f23b2609c1d946a6fd))
+
+### Performance Improvements
+
+* 部署plesk证书，支持删除未使用的证书 ([902d246](https://github.com/certd/certd/commit/902d246d1a7473ad90f604028c4eb09c8c67d99c))
+* 通知和定时器的删除按钮显示为红色更显眼 ([61ba83c](https://github.com/certd/certd/commit/61ba83c77546c3d505d081e19a3d68c127662bf1))
+* 优化流水线列表页面、详情页面性能，精简返回数据 ([609ac9c](https://github.com/certd/certd/commit/609ac9c9a2dde605eb09834ae59693c1cb238765))
+* 支持自动选择校验方式申请证书 ([3f99432](https://github.com/certd/certd/commit/3f9943270cfb12946e38e6272bc5e8d95ad6ab9e))
+* OpenAPI支持autoApply参数 ([42f4d14](https://github.com/certd/certd/commit/42f4d1477dc791520a874aed56035abcbc8c433b))
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+### Bug Fixes
+
+* 某些插件找不到的bug ([4b3f4a8](https://github.com/certd/certd/commit/4b3f4a868a8b0800c5c59de9d0f47bddc079e7b3))
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+### Bug Fixes
+
+* 修复查看证书对话框翻译错误的bug ([8626b6d](https://github.com/certd/certd/commit/8626b6d9f235c511766f2ae98e0a37f6cebb621c))
+* 修复translation后分组编辑打不开的bug ([46a1b74](https://github.com/certd/certd/commit/46a1b7479923d2feb2dece202a5932b99981b2cd))
+* 执行windows nginx命令时，改为return code判断是否执行成功 ([b37cffd](https://github.com/certd/certd/commit/b37cffd704cd08b8bdd68a6e284706eabe59e78d))
+
+### Performance Improvements
+
+* 优化证书进度条颜色 ([2af91db](https://github.com/certd/certd/commit/2af91dbf2ae36a4ed17c6788bc2a2a79a3bb29f8))
+* 站点证书即将过期通知标题颜色优化为红色 ([80c5331](https://github.com/certd/certd/commit/80c5331a5d4c320323d9b9b800e4ea3b72577b33))
+* 支持部署到阿里云vod ([98da4e1](https://github.com/certd/certd/commit/98da4e1791ed8bb21daf2a9914fda875d14633c9))
+* 支持部署证书到网宿CDN ([c3da026](https://github.com/certd/certd/commit/c3da026b33106f5195959825a68cadbe49efef00))
+* 重置管理员密码同时可以清除管理员的2FA设置 ([1ece091](https://github.com/certd/certd/commit/1ece0915f172d5f8b8adb866434e7efcc5c8c46d))
+* output-selector from参数支持更丰富的过滤规则 ([87853a2](https://github.com/certd/certd/commit/87853a201535f3bfe8505c40f8f5229d82ffcc73))
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+### Bug Fixes
+
+* 修复开放接口添加按钮文本显示问题 ([f93ba99](https://github.com/certd/certd/commit/f93ba9970c12680f38eba2a7abd4b72cf3f5b6a6))
+
+### Performance Improvements
+
+* 优化部署到腾讯TKE插件，支持Opaque类型选择，优化填写说明 ([1445325](https://github.com/certd/certd/commit/144532530a865b634e68539e4888e26f52f73492))
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+### Bug Fixes
+
+* 修复notification编辑按钮无法打开对话框的bug ([0cea26c](https://github.com/certd/certd/commit/0cea26c6287f52adf273b4a525c37bea8555c68c))
+* 优化更新飞牛os证书有效期，修复某些情况下部署证书后飞牛无法访问https的bug ([610c919](https://github.com/certd/certd/commit/610c919c72037becc0ed326f5d5b18c963dfcb3a))
+
+### Performance Improvements
+
+* 证书检查支持自定义dns服务器 ([c53bb7c](https://github.com/certd/certd/commit/c53bb7cf677faa32729709ae0c10359db5194d7a))
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+### Bug Fixes
+
+* 修复通知和触发器无法编辑的bug ([a2e0951](https://github.com/certd/certd/commit/a2e09510426680eb425c0d7ad337f39d3f052054))
+
+### Performance Improvements
+
+* 支持部署到七牛云DCDN ([bde601b](https://github.com/certd/certd/commit/bde601bfffb4f7345d97e1e3b064520816d31555))
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Bug Fixes
+
+* 支持自定义证书生成插件 ([481cc02](https://github.com/certd/certd/commit/481cc029fafaf280aa844cd3ca30f4653ec35d55))
+
+### Features
+
+* 支持模版创建流水线 ([2559f0e](https://github.com/certd/certd/commit/2559f0e822db095d1d26a7f1d517622dce22a5c2))
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 部署到ssh主机命令支持前置命令 ([991b741](https://github.com/certd/certd/commit/991b741cbe223b342f534157da63b71e81661f8e))
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+* 添加用户资料编辑功能 ([7c0f43c](https://github.com/certd/certd/commit/7c0f43c8a3052f73afee3e93c9fcbc43c44ab690))
+* 优化阿里云waf的日志信息 ([821c6d8](https://github.com/certd/certd/commit/821c6d807d4b3cc5092d09a6282b8cbafb9e7c9f))
+* 优化中英文翻译与切换 ([acaa8b1](https://github.com/certd/certd/commit/acaa8b173183b4423584ee070e6e332e0ac0eb2d))
+* 站点IP监控前先同步一下IP ([a080b60](https://github.com/certd/certd/commit/a080b606ab6e289d96b17ef7d2879b4603f889ba))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+* 修复邮箱包含.号校验失败的bug ([65dcae7](https://github.com/certd/certd/commit/65dcae79f8faa7a6cb425e10a0fdb6758b0719f3))
+
+### Performance Improvements
+
+* 首次打开任务日志查看页面，自动滚动到底部 ([43fee42](https://github.com/certd/certd/commit/43fee42198e8697185b427b1fa3eb79409603393))
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+* 修复重试次数设置无效的bug ([e2099ac](https://github.com/certd/certd/commit/e2099ac9ca344bc70bfa4219002e9138708973ae))
+
+### Performance Improvements
+
+* 授权列表类型颜色优化 ([1e86338](https://github.com/certd/certd/commit/1e863382d3d1a8cc95a1abf51e75bf6eaea3244f))
+* 支持雨云dns解析 ([8354348](https://github.com/certd/certd/commit/83543487e7418683bd79cfe3b9e0d792bdb977f7))
+* 支持雨云dns解析以及雨云证书更新 ([43c7a19](https://github.com/certd/certd/commit/43c7a1984926f5d4647760cc134bb0aede3a7b7a))
+* github 版本检查支持执行脚本 ([bad3504](https://github.com/certd/certd/commit/bad3504d4a15e6989b967b66aa9da8c6981f25bf))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 ### Bug Fixes
--- a/README.md
+++ b/README.md
@@ -1,9 +1,12 @@
 # Certd

-Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系统。       
-后缀d取自linux守护进程的命名风格，意为证书守护进程。    
+[English](./README_en.md) | [中文](./README.md)

-关键字：证书自动申请、证书自动更新、证书自动续期、证书自动续签、证书管理工具
+Certd® 是一个免费的全自动证书管理系统，让你的网站证书永不过期。   
+后缀d取自linux守护进程的命名风格，意为证书守护进程
+   
+
+>首创流水线申请部署证书模式，已被多个项目“借鉴”，被抄也是一种成功。

 > 关于证书续期：
 >* 实际上没有办法不改变证书文件本身情况下直接续期或者续签。
@@ -20,21 +23,19 @@ Certd 是一个免费全自动申请和自动部署更新SSL证书的管理系
 * 全自动部署更新证书（目前支持部署到主机、阿里云、腾讯云等70+部署插件）
 * 支持通配符域名/泛域名，支持多个域名打到一个证书上，支持pem、pfx、der、jks等多种证书格式
 * 邮件通知、webhook通知、企微、钉钉、飞书、anpush等多种通知方式
-* 私有化部署，数据保存本地，安装升级非常简单快捷
-* 镜像由Github Actions构建，过程公开透明
+* 私有化部署，数据保存本地，安装简单快捷，镜像由Github Actions构建，过程公开透明
 * 授权加密，站点隐藏，2FA，密码防爆破等多重安全保障
 * 支持SQLite，PostgreSQL、MySQL多种数据库
 * 开放接口支持
 * 站点证书监控
 * 多用户管理
+* 多语言支持（中英双语切换）
+* 各版本向下兼容，一键无忧升级


  ![](./docs/images/intro/intro.svg)


-
-
- 
 ## 二、在线体验

 官方Demo地址，自助注册后体验    
@@ -82,10 +83,12 @@ https://certd.handfree.work/

 您可以根据实际情况从如下方式中选择一种方式进行私有化部署：

-1. [宝塔面板方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
-2. [1Panel面板方式部署 推荐](https://certd.docmirror.cn/guide/install/1panel/)
-3. [Docker方式部署 推荐](https://certd.docmirror.cn/guide/install/docker/)
-4. [源码方式部署 不建议](https://certd.docmirror.cn/guide/install/source/)
+1. 【推荐】[Docker方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
+2. 【推荐】[宝塔面板方式部署 ](https://certd.docmirror.cn/guide/install/docker/)
+3. 【推荐】[1Panel面板方式部署](https://certd.docmirror.cn/guide/install/1panel/)
+4. 【推荐】[雨云一键部署](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2) ： 首充翻倍，每月仅需2.2元    
+[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2)
+5. 【不推荐】[源码方式部署 ](https://certd.docmirror.cn/guide/install/source/)

 #### Docker镜像说明：
 * 国内镜像地址:
@@ -110,11 +113,20 @@ https://certd.handfree.work/
 > * 请务必使用web应用防火墙防护本应用，防止XSS、SQL注入等攻击
 > * 请务必做好服务器本身的安全防护，防止数据库泄露
 > * 请务必做好数据备份，避免数据丢失
+> * [更多安全生产建议点我](https://certd.docmirror.cn/guide/feature/safe/)


+## 五、生态
+ 
+###  1.  客户端工具 SSL-Assistant
+`SSL Assistant` 是一个运行于主机上的证书部署管理助手客户端。    
+支持自动扫描主机`Nginx`配置，然后从`Certd`拉取证书并部署。     
+在不想暴露ssh主机密码情况下，该工具非常好用。
+
+开源地址： https://github.com/Youngxj/SSL-Assistant


-## 五、更多帮助
+## 六、更多帮助
 请访问官方文档：[https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/)

 * 升级方法：[升级方法](https://certd.docmirror.cn/guide/install/upgrade/)
@@ -124,7 +136,7 @@ https://certd.handfree.work/
 * 更新日志：[CHANGELOG](./CHANGELOG.md)


-## 六、联系作者
+## 七、联系作者
 如有疑问，欢迎加入群聊（请备注certd）

 | 加群 | 微信群 | QQ群 |
@@ -138,7 +150,7 @@ https://certd.handfree.work/
 | 二维码 | <img height="230" src="./docs/guide/contact/images/me.png"> |


-## 七、捐赠
+## 八、捐赠
 ************************
 支持开源，为爱发电，我已入驻爱发电   
 https://afdian.com/a/greper
@@ -162,26 +174,29 @@ https://afdian.com/a/greper

 ************************

-## 八、贡献代码
+## 九、贡献代码

 1. 本地开发请参考 [贡献插件向导](https://certd.docmirror.cn/guide/development/)
 2. 作为贡献者，代表您同意您贡献的代码如下许可：
   1. 可以调整开源协议以使其更严格或更宽松。
   2. 可以用于商业用途。

+感谢以下贡献者做出的贡献。

+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>

-## 九、 开源许可
+## 十、 开源许可
 * 本项目遵循 GNU Affero General Public License（AGPL）开源协议。   
 * 允许个人和公司内部自由使用、复制、修改和分发本项目，未获得商业授权情况下禁止任何形式的商业用途 
 * 未获得商业授权情况下，禁止任何对logo、版权信息及授权许可相关代码的修改。
 * 如需商业授权，请联系作者。


-## 十、我的其他项目（求Star）
+## 十一、我的其他项目（求Star）

-| 项目名称                                                    | stars                                                                                                 | 项目描述                              | 
-|---------------------------------------------------------|-------------------------------------------------------------------------------------------------------|-----------------------------------|
-| [袖手AI](https://ai.handsfree.work/)                    |                                                                                                       | 袖手GPT，国内可用，无需FQ，每日免费额度            | 
+| 项目名称 | stars  | 项目描述  | 
+| --------- |--------- |----------- |
 | [fast-crud](https://gitee.com/fast-crud/fast-crud/)     | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/>   | 基于vue3的crud快速开发框架                 |  
-| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |                       
+| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | 直连访问github工具，无需FQ，解决github无法访问的问题 |
--- a/README_en.md
+++ b/README_en.md
@@ -0,0 +1,183 @@
+# Certd
+
+[English](./README_en.md) | [中文](./README.md)
+
+Certd® is a free, fully automated certificate management system that ensures your website certificates never expire. The suffix 'd' is inspired by the naming convention of Linux daemons, representing a certificate daemon.
+
+> We pioneered the pipeline-based certificate application and deployment model, which has been "referenced" by multiple projects. Being copied is also a form of success.
+
+> Regarding certificate renewal:
+>* In fact, it's impossible to renew or reissue a certificate without modifying the certificate file itself.
+>* What we refer to as renewal is essentially applying for a new certificate following the full process and redeploying it.
+>* Free certificates expire in 90 days, which may be shortened in the future. Therefore, automated deployment is essential.
+
+> The number of pipelines is now unlimited. Welcome to use it.
+
+## 1. Features
+This project not only supports automated certificate application but also automated certificate deployment and updates, ensuring your certificates never expire.
+
+* Fully automated certificate application (supports domains registered with all registrars and multiple domain verification methods such as DNS-01, HTTP-01, and CNAME proxy).
+* Fully automated certificate deployment and updates (currently supports deployment to over 70 plugins, including hosts, Alibaba Cloud, Tencent Cloud, etc.).
+* Supports wildcard domains/pan-domains, allows multiple domains in a single certificate, and supports various certificate formats such as pem, pfx, der, and jks.
+* Multiple notification methods, including email, webhook, WeChat Work, DingTalk, Lark, and anpush.
+* On-premises deployment, local data storage, simple and quick installation. Images are built by Github Actions, with a transparent process.
+* Multiple security measures, including authorization encryption, site hiding, 2FA, and password brute-force protection.
+* Supports multiple databases such as SQLite, PostgreSQL, and MySQL.
+* Open API support.
+* Site certificate monitoring.
+* Multi-user management.
+* Multi-language support (Chinese and English switching).
+* Downward compatibility across all versions, with one-click worry-free upgrades.
+
+  ![](./docs/images/intro/intro.svg)
+
+## 2. Online Experience
+Visit the official demo site and register to experience it.
+
+https://certd.handfree.work/
+
+> Note: Data will be cleaned up irregularly, and scheduled tasks may be stopped. For production use, please deploy it yourself.
+> The content contains sensitive information. Make sure to deploy it locally for production use.
+
+![Home Page](./docs/images/start/home.png)
+
+## 3. Usage Tutorial
+Just 3 steps to ensure your certificates never expire.
+
+### 1. Create a Certificate Pipeline
+![Demonstration](packages/ui/certd-client/public/static/doc/images/1-add.png)
+
+> After successful addition, you can directly run the pipeline to apply for a certificate.
+
+### 2. Add a Deployment Task
+Normally, we need to deploy certificates to applications. Certd supports a wide range of deployment plugins. You can choose based on your needs, such as deploying to Nginx, Alibaba Cloud, Tencent Cloud, K8S, CDN, Baota, 1Panel, etc.
+
+Here's a demonstration of deploying certificates to a host's Nginx:
+![Demonstration](packages/ui/certd-client/public/static/doc/images/5-1-add-host.png)
+
+If the current deployment plugins don't meet your needs, you can also download them manually and deploy them yourself.
+![Demonstration](packages/ui/certd-client/public/static/doc/images/13-3-download.png)
+
+### 3. Run Scheduled Tasks
+![Demonstration](packages/ui/certd-client/public/static/doc/images/12-1-log-success.png)
+
+↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓↓
+-------> [Click here to view detailed usage steps](./step.md) <--------
+↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑↑
+
+For more tutorials, please visit the official documentation [certd.docmirror.cn](https://certd.docmirror.cn/guide/).
+
+## 4. On-Premises Deployment
+Since certificates, authorization information, and other data are highly sensitive, please make sure to deploy them on-premises to ensure data security.
+
+You can choose one of the following deployment methods based on your needs:
+
+1. 【Recommended】[Docker Deployment](https://certd.docmirror.cn/guide/install/docker/)
+2. 【Recommended】[BT Panel Deployment](https://certd.docmirror.cn/guide/install/docker/)
+3. 【Recommended】[1Panel Deployment](https://certd.docmirror.cn/guide/install/1panel/)
+4. 【Recommended】[Rainyun One-Click Deployment](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_): Double your first recharge, only $2.2 per month.
+[<img src="https://rainyun-apps.cn-nb1.rains3.com/materials/deploy-on-rainyun-cn.svg">](https://app.rainyun.com/apps/rca/store/6646/?ref=NzExMDQ2_)
+5. 【Not Recommended】[Source Code Deployment](https://certd.docmirror.cn/guide/install/source/)
+
+#### Docker Image Information:
+* Domestic Image Addresses:
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest`
+  * `registry.cn-shenzhen.aliyuncs.com/handsfree/certd:armv7`, `[version]-armv7`
+* DockerHub Addresses:
+  * `https://hub.docker.com/r/greper/certd`
+  * `greper/certd:latest`
+  * `greper/certd:armv7`, `greper/certd:[version]-armv7`
+* GitHub Packages Addresses:
+  * `ghcr.io/certd/certd:latest`
+  * `ghcr.io/certd/certd:armv7`, `ghcr.io/certd/certd:[version]-armv7`
+
+* Images are built automatically by `Actions`, with a transparent process. Please use them with confidence.
+  * [Click here to view image build logs](https://github.com/certd/certd/actions/workflows/build-image.yml)
+
+![](./docs/images/action/action-build.jpg)
+
+> Note:
+> * The certificates, authorization information, and other data stored in this application are highly sensitive. Please take appropriate security measures.
+> * Make sure to use the HTTPS protocol to access this application to avoid man-in-the-middle attacks.
+> * Make sure to use a web application firewall to protect this application from attacks such as XSS and SQL injection.
+> * Make sure to secure the server itself to prevent database leakage.
+> * Make sure to back up your data to avoid data loss.
+> * [Click here for more production safety suggestions](https://certd.docmirror.cn/guide/feature/safe/)
+
+## 5. Ecosystem
+
+### 1. Client Tool: SSL-Assistant
+`SSL Assistant` is a certificate deployment and management assistant client that runs on hosts. It supports automatic scanning of the host's `Nginx` configuration and pulling certificates from `Certd` for deployment. This tool is very useful when you don't want to expose your SSH host password.
+
+Open-source Address: https://github.com/Youngxj/SSL-Assistant
+
+## 6. More Help
+Please visit the official documentation: [https://certd.docmirror.cn/](https://certd.docmirror.cn/guide/).
+
+* Upgrade Method: [Upgrade Guide](https://certd.docmirror.cn/guide/install/upgrade/)
+* Common Issues: [Forgot Password](https://certd.docmirror.cn/guide/use/forgotpasswd/)
+* Multi-Database: [Multi-Database Configuration](https://certd.docmirror.cn/guide/install/database/)
+* Site Security: [Site Security Features](https://certd.docmirror.cn/guide/feature/safe/)
+* Changelog: [CHANGELOG](./CHANGELOG.md)
+
+## 7. Contact the Author
+If you have any questions, feel free to join the group chat (please mention 'certd' in your message).
+
+| Join Group | WeChat Group | QQ Group |
+|---------|-------|-------|
+| QR Code | <img height="230" src="./docs/guide/contact/images/wx.png"> | <img height="230" src="./docs/guide/contact/images/qq.png"> |
+
+You can also add the author as a friend.
+
+| Add Author as Friend | WeChat QQ |
+|---------|-------|-------|
+| QR Code | <img height="230" src="./docs/guide/contact/images/me.png"> |
+
+## 8. Donation
+************************
+Support open-source projects and contribute with love. I've joined Afdian.
+https://afdian.com/a/greper
+
+Benefits of Contribution:
+1. Join the exclusive contributor group and get one-on-one technical support from the author.
+2. Your requests will be prioritized and implemented as professional edition features.
+3. Receive a one-year professional edition activation code.
+
+Comparison of Professional Edition Privileges:
+
+| Feature | Free Edition | Professional Edition |
+|---------|---------------------------------------|--------------------------------|
+| Free Certificate Application | Unlimited for free | Unlimited for free |
+| Number of Domains | Unlimited | Unlimited |
+| Number of Certificate Pipelines | Unlimited | Unlimited |
+| Site Certificate Monitoring | Limited to 1 | Unlimited |
+| Automatic Deployment Plugins | Most plugins such as Alibaba Cloud CDN, Tencent Cloud, QiNiu CDN, Host Deployment, Baota, 1Panel | Synology |
+| Notifications | Email, Custom Webhook | Email without configuration, WeChat Work, DingTalk, Lark, anpush, ServerChan, etc. |
+
+************************
+
+## 9. Contribute Code
+
+1. For local development, please refer to the [Plugin Contribution Guide](https://certd.docmirror.cn/guide/development/).
+2. As a contributor, you agree that your contributed code is subject to the following license:
+   1. The open-source license can be adjusted to be more or less restrictive.
+   2. It can be used for commercial purposes.
+
+Thank you to the following contributors.
+
+<a href="https://github.com/certd/certd/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=certd/certd" />
+</a>
+
+## 10. Open-Source License
+* This project follows the GNU Affero General Public License (AGPL).
+* Individuals and companies are allowed to use, copy, modify, and distribute this project freely for internal use. Any form of commercial use is prohibited without obtaining commercial authorization.
+* Without commercial authorization, any modification of the logo, copyright information, and license-related code is prohibited.
+* For commercial authorization, please contact the author.
+
+## 11. My Other Projects (Please Star)
+
+| Project Name | Stars | Project Description |
+|----------------|---------------|--------------|
+| [fast-crud](https://gitee.com/fast-crud/fast-crud/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/fast-crud/fast-crud?logo=github"/> | A fast CRUD development framework based on Vue3. |
+| [dev-sidecar](https://github.com/docmirror/dev-sidecar/) | <img alt="GitHub stars" src="https://img.shields.io/github/stars/docmirror/dev-sidecar?logo=github"/> | A tool to access GitHub directly without a VPN, solving the problem of inaccessible GitHub. |
--- a/build.trigger
+++ b/build.trigger
@@ -1 +1 @@
-00:14
+23:58
--- a/docker/run/docker-compose.yaml
+++ b/docker/run/docker-compose.yaml
@@ -11,12 +11,15 @@ services:
      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
      - /data/certd:/app/data
+      #   ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准，考虑挂载localtime文件
+      #- /etc/localtime:/etc/localtime
+      #- /etc/timezone:/etc/timezone
    ports: # 端口映射
      #  ↓↓↓↓ ---------------------------------------------------------- 如果端口有冲突，可以修改第一个7001为其他不冲突的端口号，第二个7001不要动
      - "7001:7001"
      #  ↓↓↓↓ ---------------------------------------------------------- https端口，可以根据实际情况，是否暴露该端口
      - "7002:7002"
-    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+    #↓↓↓↓ -------------------------------------------------------------- 如果出现getaddrinfo EAI_AGAIN 或 getaddrinfo ENOTFOUND 错误，可以尝试设置dns
 #    dns:
 #      - 223.5.5.5      # 阿里云公共dns
 #      - 223.6.6.6
@@ -38,11 +41,11 @@ services:
 #      - ip6net
    environment:
 #             ↓↓↓↓ ----------------------------------------------------- 使用上海东八时区
-#      - TZ=Asia/Shanghai
+      - TZ=Asia/Shanghai
 #     设置环境变量即可自定义certd配置
 #     配置项见： packages/ui/certd-server/src/config/config.default.ts
 #     配置规则： certd_ + 配置项, 点号用_代替
-#                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，重启之后，管理员密码将改成123456，然后请及时修改回false
+#                                    #↓↓↓↓ ----------------------------- 如果忘记管理员密码，可以设置为true，docker compose up -d 重建容器之后，管理员密码将改成123456，然后请及时修改回false
      - certd_system_resetAdminPasswd=false

 #     默认使用sqlite文件数据库，如果需要使用其他数据库，请设置以下环境变量
--- a/docs/.vitepress/config.ts
+++ b/docs/.vitepress/config.ts
@@ -91,14 +91,14 @@ export default defineConfig({
                        {text: "多数据库支持", link: "/guide/install/database.md"},
                        {text: "开放接口", link: "/guide/open/index.md"},
                        {
-                            text: "站点安全",  link: "/guide/feature/safe"
+                            text: "站点安全",  link: "/guide/feature/safe/"
                        },
                        {
                            text: "插件列表", items: [
-                                {text: "授权提供商", link: "/guide/plugins/access"},
-                                {text: "DNS提供商", link: "/guide/plugins/dns-provider"},
-                                {text: "任务插件", link: "/guide/plugins/deploy"},
-                                {text: "通知插件", link: "/guide/plugins/notification"},
+                                {text: "授权提供商", link: "/guide/plugins/access.md"},
+                                {text: "DNS提供商", link: "/guide/plugins/dns-provider.md"},
+                                {text: "任务插件", link: "/guide/plugins/deploy.md"},
+                                {text: "通知插件", link: "/guide/plugins/notification.md"},
                            ]
                        },
                    ]
@@ -106,7 +106,7 @@ export default defineConfig({
                {
                    text: "常见问题",
                    items: [
-                        {text: "QA", link: "/guide/qa/use"},
+                        {text: "QA", link: "/guide/qa/use.md"},
                        {text: "常见报错处理", link: "/guide/qa/"},
                        {text: "群晖证书部署", link: "/guide/use/synology/"},
                        {text: "腾讯云密钥获取", link: "/guide/use/tencent/"},
@@ -139,7 +139,6 @@ export default defineConfig({
                        {text: "捐赠", link: "/guide/donate/"},
                        {text: "开源协议", link: "/guide/license/"},
                        {text: "我的其他开源项目", link: "/guide/link/"},
-
                    ]
                }
            ],
--- a/docs/guide/changelogs/CHANGELOG.md
+++ b/docs/guide/changelogs/CHANGELOG.md
@@ -3,6 +3,401 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+### Bug Fixes
+
+* 修复新部署的无法保存公共eab配置的bug ([d5dee75](https://github.com/certd/certd/commit/d5dee75df3bd635a597436e448b2de1407531f3a))
+
+### Performance Improvements
+
+* 阿里云 FC3.0 不在要求证书加密方式为旧版， 修复支持的协议类型可以正常选择 ([a34db74](https://github.com/certd/certd/commit/a34db7449eff6ad1dda01de673bf85579fa3865a))
+* 部署到腾讯云cdn，每个域名增加3每秒延迟 ([f7d43ad](https://github.com/certd/certd/commit/f7d43ad5af4663d4be369820a80d1fd9817ca4ab))
+* 腾讯云关闭证书通知增加开关选项，在腾讯云授权里面 ([a77c777](https://github.com/certd/certd/commit/a77c777980dd38d97d983124eeed1596879bba95))
+* 证书申请任务默认不发送申请成功通知 ([0283bd2](https://github.com/certd/certd/commit/0283bd2f978dbcd13d361129135e439dd9fbc180))
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Bug Fixes
+
+* 修复授权配置复制功能，无法复制已加密字段的问题 ([221e068](https://github.com/certd/certd/commit/221e068bac3af6cd5d1794f8cd4c2ec5c0bc3f45))
+
+### Performance Improvements
+
+* 百度云支持上传到证书托管，支持部署到负载均衡 ([798a48a](https://github.com/certd/certd/commit/798a48aa9686fd5d11cfffb6cd93eadfc40aacb3))
+* 部署到百度cdn支持自动获取域名列表选择 ([4e432ed](https://github.com/certd/certd/commit/4e432ed03f4fb564e85a2f284ee26b58400b82f5))
+* 验证码可重试次数设置为3次 ([1bdceee](https://github.com/certd/certd/commit/1bdceeecf4b5daecdd621a05a2596b6eb45ce8ea))
+* 增加找回密码的验证码可重试次数 [@nicheng-he](https://github.com/nicheng-he)  ([#496](https://github.com/certd/certd/issues/496)) ([fe03f99](https://github.com/certd/certd/commit/fe03f9942b5662fb90cad86da10782f5dc3603f5))
+* 支持阿里云API网关 ([9e1e4ee](https://github.com/certd/certd/commit/9e1e4eeec2859759ca5b07834c9d24cf88a6ad33))
+* 支持部署到金山云CDN ([dfa74a6](https://github.com/certd/certd/commit/dfa74a69f7cbb9009d3e20c7eecfa1b905a00cf0))
+* 支持更新金山云cdn证书 ([462e22a](https://github.com/certd/certd/commit/462e22a3b0a94887462fe6aa68e4671a365e0737))
+* 支持apisix证书部署 ([9b63fb4](https://github.com/certd/certd/commit/9b63fb4ee2c6b56139160c5bf63482dab0869c2b))
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Bug Fixes
+
+* 修复  https://cas.undefined.aliyuncs.com 的bug ([60e6aa9](https://github.com/certd/certd/commit/60e6aa9b54a761a47e39acee4a1ff947a745be27))
+* 修复阿里云clb api接口没有使用region的问题 ([0770f17](https://github.com/certd/certd/commit/0770f174a14313e28d08113e69829ef6cc02d719))
+* 修复站点监控使用自定义dns解析域名报错的bug ([eb8cd53](https://github.com/certd/certd/commit/eb8cd53de27991321e36dd14e5ce95f42b51351f))
+
+### Performance Improvements
+
+* 部署到阿里云支持选择bucket和域名 ([013b9c4](https://github.com/certd/certd/commit/013b9c4c7c2adf485d086123ccea448719577fd4))
+* 清理数据库备份的临时目录 ([fd95549](https://github.com/certd/certd/commit/fd95549de9a5d8cec09772ee2630bb7521e15e1f))
+* 添加免费通知,OneBot V11协议通知支持 ([#491](https://github.com/certd/certd/issues/491)) [@ayakasuki](https://github.com/ayakasuki)  ([be053d4](https://github.com/certd/certd/commit/be053d47e41084f817882400882b64143d036d1a))
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+* 注册时支持填写用户名 ([fdcfcc7](https://github.com/certd/certd/commit/fdcfcc77a0db87954e0b026635d3ccdd9bc6cee8))
+* add start:server npm script for quick server launch from root directory ([#484](https://github.com/certd/certd/issues/484)) [@orzyyyy](https://github.com/orzyyyy) ([fae1981](https://github.com/certd/certd/commit/fae1981161080f698c3f1263b712306d63baae64))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复复制流水线为空的bug ([b070773](https://github.com/certd/certd/commit/b0707739fdfbae3d78db4efd3f180db05c4e4164))
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+* 授权管理支持模糊查询 ([866eb62](https://github.com/certd/certd/commit/866eb6241baa7b21f6eddc649966324c188236c6))
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+* 优化start脚本 ([238ad7c](https://github.com/certd/certd/commit/238ad7ce51f17e1098c624e7f61ee2d98de1e02d))
+* 运行主机脚本插件支持选择运行策略 ([86b3df1](https://github.com/certd/certd/commit/86b3df194126476e1f58e0952a77e986f62eecce))
+* cdnfly 支持 账号密码登陆授权 ([e87f6d5](https://github.com/certd/certd/commit/e87f6d56f524dbbb9e3243e382b348b6e49f0d2c))
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+### Performance Improvements
+
+* 阿里云部分插件优化  [@nicheng-he](https://github.com/nicheng-he) ([e3738f6](https://github.com/certd/certd/commit/e3738f6422270d75ec414c15a343248cc4cad6e1))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 上传到阿里云cas，证书前缀无效的bug ([b382351](https://github.com/certd/certd/commit/b382351c7b91ec10e1f61d94bec5aad075207ec8))
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+* 首页增加更新日志按钮 ([41ce848](https://github.com/certd/certd/commit/41ce8489dc2f03a705dfa3fbb357769defb56c60))
+* 增加版本过低提示 ([d1ce360](https://github.com/certd/certd/commit/d1ce36038cab72b5dc1b320d0a708c261ffbdacb))
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+### Bug Fixes
+
+* 安全更新，备份数据库插件仅限管理员运行 ([13dfca1](https://github.com/certd/certd/commit/13dfca1749275526c82465a17c482b607c820fdd))
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+### Bug Fixes
+
+* 企业微信通知改成text类型，因为markdown类型不支持@用户 ([747d266](https://github.com/certd/certd/commit/747d26674248082e678a3fd5ecc94712641a2716))
+* api接口获取不到证书的bug ([05a33a0](https://github.com/certd/certd/commit/05a33a0ec9999e2802f6c7b23cc1c61a2b9e963d))
+
+### Performance Improvements
+
+* 部署到阿里云oss插件支持选择上传到阿里云cas中的证书 ([2ea2c8c](https://github.com/certd/certd/commit/2ea2c8c05fc40f79595f1bbde67c1413558bf684))
+* 优化子域名托管的说明 ([b15f514](https://github.com/certd/certd/commit/b15f514018b728acb0922ee3f93c1f302eb5d471))
+* 账号即将过期通知 ([e403450](https://github.com/certd/certd/commit/e40345095f31e2fb8e2333a6647466659133fa0c))
+* 子域名托管重复域名不允许添加 ([ffc0c7b](https://github.com/certd/certd/commit/ffc0c7bb7b16d9904fd2d905d1c4e1d4854e92a9))
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+### Bug Fixes
+
+* 修复ssh无法执行命令的bug ([9763cb0](https://github.com/certd/certd/commit/9763cb00e5d95b2fa5d1c2d3d4a8eecac71600e6))
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+### Bug Fixes
+
+* 修复流水线列表页报length错误的bug ([9864792](https://github.com/certd/certd/commit/9864792bbfd149e770d6e1ffa809573694f99dd3))
+* 修复流水线页面状态没有刷新的bug ([93e9498](https://github.com/certd/certd/commit/93e9498b410353f504e11e264db62468895d7290))
+* 修复自定义证书检查时间重启之后不生效的bug ([38e867c](https://github.com/certd/certd/commit/38e867c917bbc68bd228bdd8064f3e7358d6413d))
+
+### Performance Improvements
+
+* 支持上传证书到各种对象存储，oss、cos、七牛、s3、minio等 ([1da8617](https://github.com/certd/certd/commit/1da8617a53a675776635bbc3bcb3c6d7dff83e27))
+* 支持邮箱发送证书 ([95332d5](https://github.com/certd/certd/commit/95332d5db96cd54ddab6ab737332417a09169b39))
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+### Bug Fixes
+
+* 修复某些页面翻译不全显示错误的bug ([0b3158f](https://github.com/certd/certd/commit/0b3158fdd5fe5bb0a98c4e65715dbc3de2c38047))
+* 修复运行流水线后会闪烁一下的bug ([dfc9362](https://github.com/certd/certd/commit/dfc9362084082ee535b898f23b2609c1d946a6fd))
+
+### Performance Improvements
+
+* 部署plesk证书，支持删除未使用的证书 ([902d246](https://github.com/certd/certd/commit/902d246d1a7473ad90f604028c4eb09c8c67d99c))
+* 通知和定时器的删除按钮显示为红色更显眼 ([61ba83c](https://github.com/certd/certd/commit/61ba83c77546c3d505d081e19a3d68c127662bf1))
+* 优化流水线列表页面、详情页面性能，精简返回数据 ([609ac9c](https://github.com/certd/certd/commit/609ac9c9a2dde605eb09834ae59693c1cb238765))
+* 支持自动选择校验方式申请证书 ([3f99432](https://github.com/certd/certd/commit/3f9943270cfb12946e38e6272bc5e8d95ad6ab9e))
+* OpenAPI支持autoApply参数 ([42f4d14](https://github.com/certd/certd/commit/42f4d1477dc791520a874aed56035abcbc8c433b))
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+### Bug Fixes
+
+* 某些插件找不到的bug ([4b3f4a8](https://github.com/certd/certd/commit/4b3f4a868a8b0800c5c59de9d0f47bddc079e7b3))
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+### Bug Fixes
+
+* 修复查看证书对话框翻译错误的bug ([8626b6d](https://github.com/certd/certd/commit/8626b6d9f235c511766f2ae98e0a37f6cebb621c))
+* 修复translation后分组编辑打不开的bug ([46a1b74](https://github.com/certd/certd/commit/46a1b7479923d2feb2dece202a5932b99981b2cd))
+* 执行windows nginx命令时，改为return code判断是否执行成功 ([b37cffd](https://github.com/certd/certd/commit/b37cffd704cd08b8bdd68a6e284706eabe59e78d))
+
+### Performance Improvements
+
+* 优化证书进度条颜色 ([2af91db](https://github.com/certd/certd/commit/2af91dbf2ae36a4ed17c6788bc2a2a79a3bb29f8))
+* 站点证书即将过期通知标题颜色优化为红色 ([80c5331](https://github.com/certd/certd/commit/80c5331a5d4c320323d9b9b800e4ea3b72577b33))
+* 支持部署到阿里云vod ([98da4e1](https://github.com/certd/certd/commit/98da4e1791ed8bb21daf2a9914fda875d14633c9))
+* 支持部署证书到网宿CDN ([c3da026](https://github.com/certd/certd/commit/c3da026b33106f5195959825a68cadbe49efef00))
+* 重置管理员密码同时可以清除管理员的2FA设置 ([1ece091](https://github.com/certd/certd/commit/1ece0915f172d5f8b8adb866434e7efcc5c8c46d))
+* output-selector from参数支持更丰富的过滤规则 ([87853a2](https://github.com/certd/certd/commit/87853a201535f3bfe8505c40f8f5229d82ffcc73))
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+### Bug Fixes
+
+* 修复开放接口添加按钮文本显示问题 ([f93ba99](https://github.com/certd/certd/commit/f93ba9970c12680f38eba2a7abd4b72cf3f5b6a6))
+
+### Performance Improvements
+
+* 优化部署到腾讯TKE插件，支持Opaque类型选择，优化填写说明 ([1445325](https://github.com/certd/certd/commit/144532530a865b634e68539e4888e26f52f73492))
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+### Bug Fixes
+
+* 修复notification编辑按钮无法打开对话框的bug ([0cea26c](https://github.com/certd/certd/commit/0cea26c6287f52adf273b4a525c37bea8555c68c))
+* 优化更新飞牛os证书有效期，修复某些情况下部署证书后飞牛无法访问https的bug ([610c919](https://github.com/certd/certd/commit/610c919c72037becc0ed326f5d5b18c963dfcb3a))
+
+### Performance Improvements
+
+* 证书检查支持自定义dns服务器 ([c53bb7c](https://github.com/certd/certd/commit/c53bb7cf677faa32729709ae0c10359db5194d7a))
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+### Bug Fixes
+
+* 修复通知和触发器无法编辑的bug ([a2e0951](https://github.com/certd/certd/commit/a2e09510426680eb425c0d7ad337f39d3f052054))
+
+### Performance Improvements
+
+* 支持部署到七牛云DCDN ([bde601b](https://github.com/certd/certd/commit/bde601bfffb4f7345d97e1e3b064520816d31555))
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Bug Fixes
+
+* 支持自定义证书生成插件 ([481cc02](https://github.com/certd/certd/commit/481cc029fafaf280aa844cd3ca30f4653ec35d55))
+
+### Features
+
+* 支持模版创建流水线 ([2559f0e](https://github.com/certd/certd/commit/2559f0e822db095d1d26a7f1d517622dce22a5c2))
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 部署到ssh主机命令支持前置命令 ([991b741](https://github.com/certd/certd/commit/991b741cbe223b342f534157da63b71e81661f8e))
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+* 添加用户资料编辑功能 ([7c0f43c](https://github.com/certd/certd/commit/7c0f43c8a3052f73afee3e93c9fcbc43c44ab690))
+* 优化阿里云waf的日志信息 ([821c6d8](https://github.com/certd/certd/commit/821c6d807d4b3cc5092d09a6282b8cbafb9e7c9f))
+* 优化中英文翻译与切换 ([acaa8b1](https://github.com/certd/certd/commit/acaa8b173183b4423584ee070e6e332e0ac0eb2d))
+* 站点IP监控前先同步一下IP ([a080b60](https://github.com/certd/certd/commit/a080b606ab6e289d96b17ef7d2879b4603f889ba))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+* 修复邮箱包含.号校验失败的bug ([65dcae7](https://github.com/certd/certd/commit/65dcae79f8faa7a6cb425e10a0fdb6758b0719f3))
+
+### Performance Improvements
+
+* 首次打开任务日志查看页面，自动滚动到底部 ([43fee42](https://github.com/certd/certd/commit/43fee42198e8697185b427b1fa3eb79409603393))
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+* 修复重试次数设置无效的bug ([e2099ac](https://github.com/certd/certd/commit/e2099ac9ca344bc70bfa4219002e9138708973ae))
+
+### Performance Improvements
+
+* 授权列表类型颜色优化 ([1e86338](https://github.com/certd/certd/commit/1e863382d3d1a8cc95a1abf51e75bf6eaea3244f))
+* 支持雨云dns解析 ([8354348](https://github.com/certd/certd/commit/83543487e7418683bd79cfe3b9e0d792bdb977f7))
+* 支持雨云dns解析以及雨云证书更新 ([43c7a19](https://github.com/certd/certd/commit/43c7a1984926f5d4647760cc134bb0aede3a7b7a))
+* github 版本检查支持执行脚本 ([bad3504](https://github.com/certd/certd/commit/bad3504d4a15e6989b967b66aa9da8c6981f25bf))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([c1fbc8c](https://github.com/certd/certd/commit/c1fbc8cd68ae020ef342e4e92f4d9b4869ca1ead))
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+* 修复检查github release 插件无法保存最后版本的bug ([a92107c](https://github.com/certd/certd/commit/a92107cc47133883b099d5228b06373e84c8bb50))
+* 修复站点监控定时器多次添加的bug ([9361679](https://github.com/certd/certd/commit/936167972fe83e519bc01a0dd961d9c0635d24ab))
+
+### Performance Improvements
+
+* 阿里云dns操作增加重试机制 ([424fd96](https://github.com/certd/certd/commit/424fd96615c05e949af8c837c261c1400bdffba2))
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+* 子域名托管帮助链接优化为打开新窗口 ([7c0cdd1](https://github.com/certd/certd/commit/7c0cdd169e2f943e703e433677f2f437d4aa02ee))
+* history增加触发类型显示 ([7f6070c](https://github.com/certd/certd/commit/7f6070c960ed7bf02add5ab36436de6573f2f1fa))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+* 修复站点监控通知渠道设置无效的bug ([a00453c](https://github.com/certd/certd/commit/a00453c83a58114ce2873dd6e6aaf313f1ce0f87))
+
+### Performance Improvements
+
+* 修改 HTTPS 服务器监听地址 ([e1cf64a](https://github.com/certd/certd/commit/e1cf64ae16d4abfe4299ff16d5088c30cf3c6365))
+* 优化流水线页面，增加下次执行时间、查看证书显示 ([c820315](https://github.com/certd/certd/commit/c8203154094fae3d17198747f49f5f41ddf29a4e))
+* 站点证书监控支持定时设置，重试次数设置 ([d3c2f8e](https://github.com/certd/certd/commit/d3c2f8eb436e670772d14a54acd6b541c5aa3978))
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* 完善注释 ([6702ca1](https://github.com/certd/certd/commit/6702ca10a17f5d7dbff789b039f7269496f66b97))
+* AWS 中国区 CloudFront 证书部署（IAM 证书） ([8a55bed](https://github.com/certd/certd/commit/8a55beda924b3be2a53b9ba80d9487cefa8bf887))
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复用户最大流水线数量校验的问题 ([919f70a](https://github.com/certd/certd/commit/919f70a5fd2842ca69f96f1659bb5a7ba3f73776))
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+* 修复cv4pve sdk (proxmox插件连接失败时无法正常结束任务的bug) ([49f26b4](https://github.com/certd/certd/commit/49f26b4049a0549b0270395157e96e8f04a68bc4))
+* 修复flexcdn部署证书的顶级CA名称显示 ([6467edb](https://github.com/certd/certd/commit/6467edb84324d7c80a85212675dbacedc459df83))
+* 修复flexcdn证书commonNames错误的问题 ([ace363f](https://github.com/certd/certd/commit/ace363fa355436e769b27f71cc487d30d6441780))
+
+### Performance Improvements
+
+* 分组选择支持清空选项 ([03e2e99](https://github.com/certd/certd/commit/03e2e9949837b34eb3ea56d14a9e8a5dabc96063))
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/certd/certd/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+* 增加下载日志按钮 ([6ff509d](https://github.com/certd/certd/commit/6ff509d263c0182645b4692c10b5fedb192db964))
+* 站点监控支持批量导入域名和ip ([2d7729d](https://github.com/certd/certd/commit/2d7729dbe98f29088f5f317db2b52cc1ede223a6))
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Bug Fixes
+
+* **flexcdn:** fix cert upload and skipSslVerify required ([c48da5d](https://github.com/certd/certd/commit/c48da5dea7f0f0cdeae643b106b4a678acc3b14b))
+
+### Performance Improvements
+
+* 阿里云CLB支持部署到扩展域名 ([0e8339c](https://github.com/certd/certd/commit/0e8339c70190890d449099e1d26e5ed06ff135fb))
+* 优化流水线名称过长时的显示 ([6a0cc1b](https://github.com/certd/certd/commit/6a0cc1b1f3ad508f9e4093b3b682b163f12389eb))
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Bug Fixes
+
+* 修复Farcdn证书有效期错误的问题 ([1fe4c36](https://github.com/certd/certd/commit/1fe4c367f7128de9ba5e3395ae06bc81e63a7d5a))
+
+### Performance Improvements
+
+* 不止证书自动化，插件解锁无限可能 ([a9b302e](https://github.com/certd/certd/commit/a9b302e38d3328d75df8b2da3d8b914851e55e9c))
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+* 支持github 新版本检查并发布通知 ([356703c](https://github.com/certd/certd/commit/356703c83ea18c6efb8931402e181280d7b7e696))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 更新 1panel API 版本支持v1/v2设置 ([e6195ad](https://github.com/certd/certd/commit/e6195ade3ec54b138825b8d6738f86eb8afdd720))
+* 同步更新namesilo接口，修复无法创建和删除dns记录的问题 ([36b02c2](https://github.com/certd/certd/commit/36b02c2cec145c13d4ef29d49aba5b6b4f697df2))
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+* 修复部署到华为cdn，子账号ak查询不到域名的bug ([ebb292a](https://github.com/certd/certd/commit/ebb292a2f7a425c1bc810f59468beb3f1d5bc3f0))
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 优化站点ip检查 ([a463711](https://github.com/certd/certd/commit/a463711b03a20120f2a298be15d71ca152d27f21))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+* farcdn优化 ([a06ef07](https://github.com/certd/certd/commit/a06ef07178ed73c537e21c7d57e5e5144d2c056d))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+### Performance Improvements
+
+* 优化阿里云DCDN插件，支持多选 ([b091657](https://github.com/certd/certd/commit/b091657b5c537acf2442a2bfc345d0a77f5e2c50))
+* 支持部署到farcdn ([e08cf57](https://github.com/certd/certd/commit/e08cf57b72128998f487ab6469868052fbce0dba))
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复又拍云 CDN 设置证书参数和强制 HTTPS 配置报错的bug ([7984b62](https://github.com/certd/certd/commit/7984b625ba6727132f205db8e25f790bce27b2f7))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 二次认证页面中，添加动态验证码输入框的焦点控制，提升用户体验 ([bb22f06](https://github.com/certd/certd/commit/bb22f062ed4ab4b5b71938270fe4cc666af6b8e7))
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 1panel增加授权测试按钮 ([566b12f](https://github.com/certd/certd/commit/566b12f5d14ce10e8f5cf1807c58f7bf27f0d199))
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
+## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)
+
+### Bug Fixes
+
+* 修复部署flexcdn问题 ([76b19a4](https://github.com/certd/certd/commit/76b19a4980f8edba5238543b82a7811e1003746c))
+* 修复插件导入的bug ([677fec0](https://github.com/certd/certd/commit/677fec0a0b6fceb4966705e471bbfeeda91610c7))
+* 修复导入在线插件不生效的bug ([fcf8309](https://github.com/certd/certd/commit/fcf8309c238208281ecb4575b2c3cfe50c11d783))
+* 修复自建插件保存丢失部署策略的bug ([863e74d](https://github.com/certd/certd/commit/863e74dd2e3912f950ff5025b5ed0070aeb37035))
+
+### Performance Improvements
+
+* 调整小助手，仅在登录之后显示 ([aebb07c](https://github.com/certd/certd/commit/aebb07c5cc8b1f233b9d203ff017ac60e6971a85))
+
 ## [1.34.3](https://github.com/certd/certd/compare/v1.34.2...v1.34.3) (2025-05-15)

 ### Performance Improvements
--- a/docs/guide/install/baota/index.md
+++ b/docs/guide/install/baota/index.md
@@ -10,15 +10,16 @@
 * 登录宝塔面板，在菜单栏中点击 Docker，首次进入会提示安装Docker服务，点击立即安装，按提示完成安装

 ### 2、部署certd
+以下两种方式任选一种：

-#### 2.1 应用商店一键部署【推荐】
+#### 2.1 应用商店方式一键部署【推荐】

 * 在宝塔Docker应用商店中找到`certd`（要先点右上角更新应用）
 * 点击安装，配置域名等基本信息即可完成安装

 > 需要宝塔9.2.0及以上版本才支持

-#### 2.2 容器编排部署
+#### 2.2 容器编排方式部署

 1. 打开`docker-compose.yaml`,整个内容复制下来    
   https://gitee.com/certd/certd/raw/v2/docker/run/docker-compose.yaml
@@ -43,12 +44,15 @@ admin/123456
 ## 三、如何升级
 宝塔升级certd非常简单

-`docker`->`容器编排`->`左侧选择Certd`->`更新镜像`
+打开容器页面： `docker`->`容器编排`->`左侧选择Certd`->`更新镜像`     
+
 ![img.png](./images/upgrade.png)


 ## 四、数据备份

+部署方式不同，数据保存位置不同
+
 ### 4.1 应用商店部署方式
 点击进入安装路径，数据保存在`./data`目录下，可以手动备份

@@ -62,7 +66,6 @@ admin/123456
 数据默认保存在`/data/certd`目录下，可以手动备份


-
 ### 4.3 自动备份

 > 建议配置一条 [数据库备份流水线](../../use/backup/)，自动备份
--- a/docs/guide/install/images/github-release-2.png
+++ b/docs/guide/install/images/github-release-2.png
--- a/docs/guide/install/images/github-release.png
+++ b/docs/guide/install/images/github-release.png
--- a/docs/guide/install/source/index.md
+++ b/docs/guide/install/source/index.md
@@ -4,7 +4,7 @@
 ## 一、源码安装

 ### 环境要求
- nodejs 20 及以上
+- nodejs 22 及以上
 ### 源码启动
 ```shell
 # 克隆代码
--- a/docs/guide/install/upgrade.md
+++ b/docs/guide/install/upgrade.md
@@ -13,4 +13,54 @@
 :::

 ## 升级日志
+可以查看最新版本号，以及所有版本的更新日志     
 [CHANGELOG](../changelogs/CHANGELOG.md)
+
+
+## 自动升级配置
+
+### 1. 方法一：使用watchtower监控
+
+修改docker-compose.yaml文件增加如下配置， 使用watchtower监控自动升级
+```yaml
+services:
+  certd:
+    ...
+    labels:
+      com.centurylinklabs.watchtower.enable: "true"
+
+#         ↓↓↓↓ ---------------------------------------------------------  自动升级，上面certd的版本号要保持为latest
+  certd-updater:  # 添加 Watchtower 服务
+    image: containrrr/watchtower:latest
+    container_name: certd-updater
+    restart: unless-stopped
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    # 配置 自动更新
+    environment:
+      - WATCHTOWER_CLEANUP=true            # 自动清理旧版本容器
+      - WATCHTOWER_INCLUDE_STOPPED=false   # 不更新已停止的容器
+      - WATCHTOWER_LABEL_ENABLE=true       # 根据容器标签进行更新
+      - WATCHTOWER_POLL_INTERVAL=600       # 每 10 分钟检查一次更新
+
+```
+
+
+### 2. 方法二：使用Certd版本监控功能
+
+选择Github-检查Release版本插件
+![](./images/github-release.png)
+按如下图填写配置
+![](./images/github-release-2.png)
+
+
+检测到新版本后执行宿主机升级命令：
+
+```shell
+# 拉取最新镜像
+docker pull registry.cn-shenzhen.aliyuncs.com/handsfree/certd:latest
+# 升级容器命令， 替换成你自己的certd更新命令
+export RESTART_CERT='sleep 10; cd ~/deploy/certd/ ; docker compose down; docker compose up -d'
+# 构造一个脚本10s后在后台执行，避免容器销毁时执行太快，导致流水线任务无法结束
+nohup sh -c '$RESTART_CERT' >/dev/null  2>&1 & echo '10秒后重启' && exit
+```
--- a/docs/guide/open/index.md
+++ b/docs/guide/open/index.md
@@ -18,4 +18,13 @@ header中传入x-certd-token即可调用开放接口
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   

 ## SDK
-待开发
+待开发
+
+## 客户端工具
+
+### SSL-Assistant
+`SSL Assistant` 是一个基于 Go 语言开发的跨平台证书部署管理助手。    
+支持自动扫描主机`Nginx`配置，然后从Certd拉取证书并部署。     
+在不想暴露ssh主机密码情况下，该工具非常好用。
+
+开源地址： https://github.com/Youngxj/SSL-Assistant
--- a/docs/guide/qa/index.md
+++ b/docs/guide/qa/index.md
@@ -1,12 +1,12 @@
 # 常见报错解决

 ## 1. getaddrinfo ENOTFOUND错误
-如果出现`getaddrinfo ENOTFOUND`错误，可以尝试在`docker-compose.yaml`中设置dns
+如果出现`getaddrinfo ENOTFOUND`/`getaddrinfo EAI_AGAIN`错误，可以尝试在`docker-compose.yaml`中设置dns
 ```yaml
 version: '3.3' # 兼容旧版docker-compose
 services:
  certd:
-    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND错误，可以尝试设置dns
+    #↓↓↓↓ ------------ # 如果出现getaddrinfo ENOTFOUND 或 EAI_AGAIN错误，可以尝试设置dns
    dns:
      - 223.5.5.5      # 阿里云公共dns
      - 223.6.6.6
@@ -65,8 +65,16 @@ networks:
 docker logs -f --tail 200 certd
 ```

-
-
+## 6. 容器内走时不准，或者时区不对
+走时不准确，慢慢偏差越来越大    
+或者整个时区都不对    
+可以尝试挂载localtime文件
+```yaml
+    volumes:
+      #   ↓↓↓↓↓ -------------------- 如果走时不准，请尝试挂载localtime文件
+      - /etc/localtime:/etc/localtime
+      - /etc/timezone:/etc/timezone
+```



--- a/docs/guide/use/comm/payments/alipay.md
+++ b/docs/guide/use/comm/payments/alipay.md
@@ -2,19 +2,24 @@

 ## 配置步骤

-1. 创建应用，获取APPID
+
+1. 注册支付宝商家账号
+   * 开通电脑网站支付产品(需营业执照)： https://b.alipay.com/page/product-workspace/all-product
+   
+
+2. 开放平台，创建应用，获取APPID
   * 登录支付宝开放平台，进入开发者中心，创建网页应用，获取应用的AppId（左上角复制）
   * 开发者中心：https://open.alipay.com/develop/manage


-2. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）
+3. 进入应用详情，选择开发设置，配置接口加签方式 （选择密钥类型）

   * 参考文档：https://opendocs.alipay.com/common/02kdnc?pathHash=fb0c752a
   * 此步骤完成后，可以获取应用的私钥、支付宝公钥。     
   * 注意：支付宝不会保存应用的私钥，你需要自己保管好私钥。


-3. 在Certd后台配置支付宝 
+4. 在Certd后台配置支付宝 

   * 进入“系统”->"设置"->“支付设置”
   * 启用支付宝，选择“支付宝配置”，点击添加
--- a/docs/guide/use/tencent/images/opaque.png
+++ b/docs/guide/use/tencent/images/opaque.png
--- a/docs/guide/use/tencent/images/tcpssl.png
+++ b/docs/guide/use/tencent/images/tcpssl.png
--- a/docs/guide/use/tencent/index.md
+++ b/docs/guide/use/tencent/index.md
@@ -8,8 +8,11 @@
 ![](./tencent-access.png)


+
 ## 如何避免收到腾讯云证书过期邮件

+> 新版本已经自动将证书设置为免提醒，certd上传的证书后续都不会再提醒了。
+
 腾讯云在证书有效期还剩28天时会发送过期通知邮件    
 您可以通过配置“腾讯云过期证书删除”任务来避免收到此类邮件。

@@ -18,4 +21,17 @@
 注意点：
 > 1. 选择腾讯云授权，需授权`服务角色SSL_QCSLinkedRoleInReplaceLoadCertificate`权限
 > 2. `1.26.14`版本之前Certd创建的证书流水线默认是到期前20天才更新证书，需要将之前创建的证书申请任务的更新天数修改为35天，保证删除之前就已经替换掉即将过期证书
-![](./images/delete2.png)
+![](./images/delete2.png)
+
+
+
+
+## TKE service 的 TCP_SSL Opaque类型证书授权
+
+部署证书到腾讯云TKE，如果报以下错误：     
+`is forbidden: User "xxxxxx-xxxxx" cannot get resource "secrets" in API group "" in the namespace "default"'`     
+则需要单独从授权管理侧再授权子用户的权限
+
+![](./images/tcpssl.png)
+
+![](./images/opaque.png)
--- a/lerna.json
+++ b/lerna.json
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.34.4"
+  "version": "1.36.18"
 }
--- a/package.json
+++ b/package.json
@@ -14,13 +14,14 @@
  },
  "scripts": {
    "start": "lerna bootstrap --hoist",
+    "start:server": "cd ./packages/ui/certd-server && npm start",
    "devb": "lerna run dev-build",
    "i-all": "lerna link && lerna exec npm install  ",
    "publish": "npm run prepublishOnly2  && lerna publish --force-publish=pro/plus-core --conventional-commits --create-release github && npm run afterpublishOnly && npm run commitAll",
    "afterpublishOnly": "npm run copylogs && time /t >build.trigger && git add ./build.trigger && git commit -m \"build: trigger build image\" && TIMEOUT /T 10 && git push",
    "transform-sql": "cd ./packages/ui/certd-server/db/ && node --experimental-json-modules transform.js",
    "commitAll": "git add . && git commit -m \"build: publish\" && git push && npm run commitPro",
-    "commitPro": "cd ./packages/core/ && git add . && git commit -m \"build: publish\" && git push",
+    "commitPro": "cd ./packages/pro/ && git add . && git commit -m \"build: publish\" && git push",
    "copylogs": "copyfiles \"CHANGELOG.md\"  ./docs/guide/changelogs/",
    "prepublishOnly1": "npm run check && lerna run build ",
    "prepublishOnly2": "npm run check && npm run before-build && lerna run build ",
@@ -28,13 +29,15 @@
    "deploy1": "node --experimental-json-modules deploy.js ",
    "check": "node --experimental-json-modules publish-check.js",
    "init": "lerna run build",
+    "init:dev": "lerna run build",
    "docs:dev": "vitepress dev docs",
-    "docs:build": "vitepress build docs",
+    "docs:build": "npm run copylogs && vitepress build docs",
    "docs:preview": "vitepress preview docs",
    "pub": "echo 1"
  },
  "license": "AGPL-3.0",
  "dependencies": {
+    "@certd/ui-server": "link:packages/ui/certd-server",
    "axios": "^1.7.7",
    "copyfiles": "^2.4.1",
    "lodash-es": "^4.17.21",
--- a/packages/core/acme-client/.editorconfig
+++ b/packages/core/acme-client/.editorconfig
@@ -6,7 +6,7 @@ root = true

 [*]
 indent_style = space
-indent_size = 4
+indent_size = 2
 trim_trailing_whitespace = true

 [{*.yml,*.yaml}]
--- a/packages/core/acme-client/CHANGELOG.md
+++ b/packages/core/acme-client/CHANGELOG.md
@@ -3,6 +3,140 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/publishlab/node-acme-client/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.17](https://github.com/publishlab/node-acme-client/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.16](https://github.com/publishlab/node-acme-client/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Performance Improvements
+
+* 部署到百度cdn支持自动获取域名列表选择 ([4e432ed](https://github.com/publishlab/node-acme-client/commit/4e432ed03f4fb564e85a2f284ee26b58400b82f5))
+
+## [1.36.15](https://github.com/publishlab/node-acme-client/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.14](https://github.com/publishlab/node-acme-client/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.13](https://github.com/publishlab/node-acme-client/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.12](https://github.com/publishlab/node-acme-client/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.11](https://github.com/publishlab/node-acme-client/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.10](https://github.com/publishlab/node-acme-client/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.9](https://github.com/publishlab/node-acme-client/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.7](https://github.com/publishlab/node-acme-client/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.6](https://github.com/publishlab/node-acme-client/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.5](https://github.com/publishlab/node-acme-client/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.4](https://github.com/publishlab/node-acme-client/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.3](https://github.com/publishlab/node-acme-client/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.2](https://github.com/publishlab/node-acme-client/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.36.1](https://github.com/publishlab/node-acme-client/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/acme-client
+
+# [1.36.0](https://github.com/publishlab/node-acme-client/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.5](https://github.com/publishlab/node-acme-client/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.4](https://github.com/publishlab/node-acme-client/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.3](https://github.com/publishlab/node-acme-client/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.2](https://github.com/publishlab/node-acme-client/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.35.1](https://github.com/publishlab/node-acme-client/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/publishlab/node-acme-client/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/publishlab/node-acme-client/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.11](https://github.com/publishlab/node-acme-client/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/publishlab/node-acme-client/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+### Performance Improvements
+
+* 优化cname检查，当有冲突的cname记录时，给出提示 ([e639a8f](https://github.com/publishlab/node-acme-client/commit/e639a8f9f12640ffcca69f1a6a0324459924afbd))
+
+## [1.34.10](https://github.com/publishlab/node-acme-client/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.9](https://github.com/publishlab/node-acme-client/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.8](https://github.com/publishlab/node-acme-client/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.7](https://github.com/publishlab/node-acme-client/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.6](https://github.com/publishlab/node-acme-client/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.34.5](https://github.com/publishlab/node-acme-client/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
 ## [1.34.4](https://github.com/publishlab/node-acme-client/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/acme-client
--- a/packages/core/acme-client/package.json
+++ b/packages/core/acme-client/package.json
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.34.4",
+    "version": "1.36.18",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.34.4",
+        "@certd/basic": "^1.36.18",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -27,7 +27,7 @@
        "https-proxy-agent": "^7.0.5",
        "lodash-es": "^4.17.21",
        "node-forge": "^1.3.1",
-        "punycode": "^2.3.1"
+        "punycode.js": "^2.3.1"
    },
    "devDependencies": {
        "@types/node": "^20.14.10",
@@ -69,5 +69,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+    "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -75,6 +75,9 @@ export default async (client, userOpts) => {

    log("[auto] Placing new certificate order with ACME provider");
    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+        orderPayload.profile = opts.profile;
+    }
    const order = await client.createOrder(orderPayload);
    const authorizations = await client.getAuthorizations(order);

@@ -213,12 +216,16 @@ export default async (client, userOpts) => {
        return promise;
    }

-    async function runPromisePa(tasks, waitTime = 5000) {
+    async function runPromisePa(tasks, waitTime = 8000) {
        const results = [];
+        let j = 0
        // eslint-disable-next-line no-await-in-loop,no-restricted-syntax
        for (const task of tasks) {
+            j++
+            log(`开始第${j}个任务`);
            results.push(task());
            // eslint-disable-next-line no-await-in-loop
+            log(`wait ${Math.floor(waitTime/1000)}s`)
            await wait(waitTime);
        }
        return Promise.all(results);
@@ -242,6 +249,7 @@ export default async (client, userOpts) => {
                log(`跳过本地验证（skipChallengeVerification=true），等待 60s`);
                await wait(60 * 1000);
            } else {
+                log("开始本地校验")
                await runPromisePa(localVerifyTasks, 1000);
                log(`本地校验完成，等待${waitDnsDiffuseTime}s`)
                await wait(waitDnsDiffuseTime * 1000)
--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -90,10 +90,12 @@ const defaultOpts = {
 */

 class AcmeClient {
+    sslProvider
    constructor(opts) {
        if (!Buffer.isBuffer(opts.accountKey)) {
            opts.accountKey = Buffer.from(opts.accountKey);
        }
+        this.sslProvider = opts.sslProvider;

        this.opts = { ...defaultOpts, ...opts };
        this.backoffOpts = {
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -66,6 +66,7 @@ export interface ClientAutoOptions {
    challengePriority?: string[];
    preferredChain?: string;
    signal?: AbortSignal;
+    profile?:string;
 }

 export class Client {
@@ -203,6 +204,7 @@ export const agents: any;
 export function setLogger(fn: (message: any, ...args: any[]) => void): void;

 export function walkTxtRecord(record: any): Promise<string[]>;
+export function getAuthoritativeDnsResolver(record:string): Promise<any>;

 export const CancelError: typeof CancelError;

--- a/packages/core/basic/CHANGELOG.md
+++ b/packages/core/basic/CHANGELOG.md
@@ -3,6 +3,137 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+### Performance Improvements
+
+* 证书检查支持自定义dns服务器 ([c53bb7c](https://github.com/certd/certd/commit/c53bb7cf677faa32729709ae0c10359db5194d7a))
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/basic
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+* 支持日志写入文件 ([37edbf5](https://github.com/certd/certd/commit/37edbf5824d6aaae68ea1ef7259c6f739d418d2c))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 支持部署到宝塔aaWAF ([094565c](https://github.com/certd/certd/commit/094565ccd619ef671c6c11ce5fb7fd54a7a21d1c))
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 ### Bug Fixes
--- a/packages/core/basic/build.md
+++ b/packages/core/basic/build.md
@@ -1 +1 @@
-23:58
+00:39
--- a/packages/core/basic/package.json
+++ b/packages/core/basic/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/core/basic/src/utils/index.ts
+++ b/packages/core/basic/src/utils/index.ts
@@ -34,6 +34,7 @@ import { locker } from "./util.lock.js";
 import { mitter } from "./util.mitter.js";

 import * as request from "./util.request.js";
+export * from "./util.cache.js";
 export const utils = {
  sleep,
  http,
--- a/packages/core/basic/src/utils/util.cache.ts
+++ b/packages/core/basic/src/utils/util.cache.ts
@@ -1,8 +1,53 @@
 // LRUCache

-import { LRUCache } from 'lru-cache';
+import { LRUCache } from "lru-cache";

 export const cache = new LRUCache<string, any>({
  max: 1000,
  ttl: 1000 * 60 * 10,
 });
+
+export class LocalCache<V = any> {
+  cache: Map<string, { value: V; expiresAt: number }>;
+  constructor(opts: { clearInterval?: number } = {}) {
+    this.cache = new Map();
+    setInterval(() => {
+      this.clearExpires();
+    }, opts.clearInterval ?? 5 * 60 * 1000);
+  }
+
+  get(key: string): V | undefined {
+    const entry = this.cache.get(key);
+    if (!entry) {
+      return undefined;
+    }
+
+    // 检查是否过期
+    if (Date.now() > entry.expiresAt) {
+      this.cache.delete(key);
+      return undefined;
+    }
+
+    return entry.value;
+  }
+
+  set(key: string, value: V, ttl = 300000) {
+    // 默认5分钟 (300000毫秒)
+    this.cache.set(key, {
+      value,
+      expiresAt: Date.now() + ttl,
+    });
+  }
+
+  clear() {
+    this.cache.clear();
+  }
+
+  clearExpires() {
+    for (const [key, entry] of this.cache) {
+      if (entry.expiresAt < Date.now()) {
+        this.cache.delete(key);
+      }
+    }
+  }
+}
--- a/packages/core/basic/src/utils/util.log.ts
+++ b/packages/core/basic/src/utils/util.log.ts
@@ -18,16 +18,31 @@ const OutputAppender = {
  },
 };

+let logFilePath = "./logs/app.log";
 export function resetLogConfigure() {
  // @ts-ignore
  log4js.configure({
-    appenders: { std: { type: "stdout" }, output: { type: OutputAppender } },
-    categories: { default: { appenders: ["std"], level: "info" }, pipeline: { appenders: ["std", "output"], level: "info" } },
+    appenders: {
+      std: { type: "stdout" },
+      output: { type: OutputAppender },
+      file: {
+        type: "dateFile",
+        filename: logFilePath,
+        keepFileExt: true,
+        compress: true,
+        numBackups: 3,
+      },
+    },
+    categories: { default: { appenders: ["std", "file"], level: "info" }, pipeline: { appenders: ["std", "file", "output"], level: "info" } },
  });
 }
 resetLogConfigure();
 export const logger = log4js.getLogger("default");

+export function resetLogFilePath(filePath: string) {
+  logFilePath = filePath;
+  resetLogConfigure();
+}
 export function buildLogger(write: (text: string) => void) {
  const logger = log4js.getLogger("pipeline");
  const _secrets: string[] = [];
@@ -41,8 +56,15 @@ export function buildLogger(write: (text: string) => void) {
        if (item == null) {
          continue;
        }
-        //换成同长度的*号， item可能有多行
-        text = text.replaceAll(item, "*".repeat(item.length));
+        if (item.includes(text)) {
+          //整个包含
+          text = "*".repeat(text.length);
+          continue;
+        }
+        if (text.includes(item)) {
+          //换成同长度的*号， item可能有多行
+          text = text.replaceAll(item, "*".repeat(item.length));
+        }
      }
      write(text);
    },
--- a/packages/core/basic/src/utils/util.request.ts
+++ b/packages/core/basic/src/utils/util.request.ts
@@ -97,11 +97,17 @@ export function createAxiosService({ logger }: { logger: Logger }) {
      if (config.logRes == null) {
        config.logRes = false;
      }
+      if (config.logData == null) {
+        config.logData = false;
+      }

      logger.info(`http request:${config.url}，method:${config.method}`);
      if (config.logParams !== false && config.params) {
        logger.info(`params:${JSON.stringify(config.params)}`);
      }
+      if (config.logData !== false && config.data) {
+        logger.info(`data:${JSON.stringify(config.data)}`);
+      }
      if (config.timeout == null) {
        config.timeout = 15000;
      }
@@ -209,6 +215,10 @@ export function createAxiosService({ logger }: { logger: Logger }) {
        logger.error("AggregateError", error);
      }
      const err = new HttpError(error);
+      if (error.response?.config?.logParams === false) {
+        delete err.request?.params;
+        delete err.request?.data;
+      }
      return Promise.reject(err);
    }
  );
@@ -222,6 +232,7 @@ export type HttpRequestConfig<D = any> = {
  skipCheckRes?: boolean;
  logParams?: boolean;
  logRes?: boolean;
+  logData?: boolean;
  httpProxy?: string;
  returnOriginRes?: boolean;
 } & AxiosRequestConfig<D>;
--- a/packages/core/basic/src/utils/util.sleep.ts
+++ b/packages/core/basic/src/utils/util.sleep.ts
@@ -1,5 +1,5 @@
 export default function (timeout: number) {
-  return new Promise((resolve) => {
+  return new Promise(resolve => {
    setTimeout(() => {
      resolve({});
    }, timeout);
--- a/packages/core/pipeline/CHANGELOG.md
+++ b/packages/core/pipeline/CHANGELOG.md
@@ -3,6 +3,164 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Performance Improvements
+
+* 百度云支持上传到证书托管，支持部署到负载均衡 ([798a48a](https://github.com/certd/certd/commit/798a48aa9686fd5d11cfffb6cd93eadfc40aacb3))
+* 支持部署到金山云CDN ([dfa74a6](https://github.com/certd/certd/commit/dfa74a69f7cbb9009d3e20c7eecfa1b905a00cf0))
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Bug Fixes
+
+* 修复自定义插件onlyAdmin报错的bug ([4e5e862](https://github.com/certd/certd/commit/4e5e862f5834ad180e4428959c272d444a6f78ab))
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+### Bug Fixes
+
+* 安全更新，备份数据库插件仅限管理员运行 ([13dfca1](https://github.com/certd/certd/commit/13dfca1749275526c82465a17c482b607c820fdd))
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+### Performance Improvements
+
+* 支持邮箱发送证书 ([95332d5](https://github.com/certd/certd/commit/95332d5db96cd54ddab6ab737332417a09169b39))
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Performance Improvements
+
+* 阿里云waf cname站点选择支持翻页及域名查询 ([4cf9858](https://github.com/certd/certd/commit/4cf98584dacc5999752732f136246647a2f1f07d))
+* 支持选择运行策略设置 ([60f055f](https://github.com/certd/certd/commit/60f055f293ce237c21cd9050333dad9609eceac1))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Performance Improvements
+
+* 支持批量修改通知和定时 ([e11b3be](https://github.com/certd/certd/commit/e11b3becfd4abe6547e84d09adc38ebd6e1c4b87))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+### Bug Fixes
+
+* 修复消息内容存在()<>等括号情况下无法发送tg通知的bug ([c937583](https://github.com/certd/certd/commit/c937583a50d8513d76adead3648f83eee2fcc6f9))
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/pipeline
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Performance Improvements
+
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+* 站点监控支持监控IP ([9cc4c01](https://github.com/certd/certd/commit/9cc4c017ae646a18284e732769b82636feda01d3))
+* 支持批量重新运行 ([8189982](https://github.com/certd/certd/commit/818998259ddc75e722196ac5c365038818539b9b))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 优化 RunnableError错误信息展示 ([36bc3ff](https://github.com/certd/certd/commit/36bc3ff22da93ba342c3c1103d7ee2bbcecf44f2))
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* 优化钉钉通知标题颜色 ([a560999](https://github.com/certd/certd/commit/a560999d13eed18d08dd32ee530166569e3f8746))
+* 优化飞书通知为卡片模式 ([a818a3d](https://github.com/certd/certd/commit/a818a3d293e22fb46979bc77055c05621a6fed81))
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 ### Bug Fixes
--- a/packages/core/pipeline/package.json
+++ b/packages/core/pipeline/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,8 +17,8 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.34.4",
-    "@certd/plus-core": "^1.34.4",
+    "@certd/basic": "^1.36.18",
+    "@certd/plus-core": "^1.36.18",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -44,5 +44,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/core/pipeline/src/access/api.ts
+++ b/packages/core/pipeline/src/access/api.ts
@@ -37,6 +37,7 @@ export type AccessContext = {
  http: HttpClient;
  logger: ILogger;
  utils: typeof utils;
+  accessService: IAccessService;
 };

 export abstract class BaseAccess implements IAccess {
--- a/packages/core/pipeline/src/access/decorator.ts
+++ b/packages/core/pipeline/src/access/decorator.ts
@@ -1,5 +1,5 @@
 // src/decorator/memoryCache.decorator.ts
-import { AccessContext, AccessDefine, AccessInputDefine } from "./api.js";
+import { AccessContext, AccessDefine, AccessInputDefine, IAccessService } from "./api.js";
 import { Decorator } from "../decorator/index.js";
 import * as _ from "lodash-es";
 import { accessRegistry } from "./registry.js";
@@ -41,7 +41,7 @@ export function AccessInput(input?: AccessInputDefine): PropertyDecorator {
  };
 }

-export async function newAccess(type: string, input: any, ctx?: AccessContext) {
+export async function newAccess(type: string, input: any, accessService: IAccessService, ctx?: AccessContext) {
  const register = accessRegistry.get(type);
  if (register == null) {
    throw new Error(`access ${type} not found`);
@@ -58,6 +58,7 @@ export async function newAccess(type: string, input: any, ctx?: AccessContext) {
      http,
      logger,
      utils,
+      accessService,
    };
  }
  access.setCtx(ctx);
--- a/packages/core/pipeline/src/context/index.ts
+++ b/packages/core/pipeline/src/context/index.ts
@@ -2,3 +2,35 @@ import { IContext } from "../core/index.js";

 export type UserContext = IContext;
 export type PipelineContext = IContext;
+
+export type PageSearch = {
+  pageNo?: number;
+  pageSize?: number;
+  searchKey?: string;
+  // sortBy?: string;
+  // sortOrder?: "asc" | "desc";
+};
+
+export type PageRes = {
+  pageNo?: number;
+  pageSize?: number;
+  total?: string;
+  list: any[];
+};
+
+export class Pager {
+  pageNo: number;
+  pageSize: number;
+  constructor(req: PageSearch) {
+    this.pageNo = req.pageNo ?? 1;
+    this.pageSize = req.pageSize || 50;
+  }
+
+  getOffset() {
+    return (this.pageNo - 1) * (this.pageSize ?? 50);
+  }
+
+  setOffset(offset: number) {
+    this.pageNo = Math.ceil(offset / (this.pageSize ?? 50)) + 1;
+  }
+}
--- a/packages/core/pipeline/src/core/executor.ts
+++ b/packages/core/pipeline/src/core/executor.ts
@@ -218,7 +218,7 @@ export class Executor {
            returnType: ResultType.error,
            runnable: t,
          });
-          errorMessage += `任务${t.title}执行失败，错误详情:${e.message}；`;
+          errorMessage += `任务${t.title}执行失败，错误详情：${e.message}；`;
        }
      }
      if (errorList.length > 0) {
@@ -295,6 +295,12 @@ export class Executor {
    const pluginConfig = await this.options.pluginConfigService.getPluginConfig(pluginName);
    //从outputContext读取输入参数
    const input = cloneDeep(step.input);
+    const sysInput = pluginConfig.sysSetting?.input || {};
+    //注入系统设置参数
+    for (const sysInputKey in sysInput) {
+      input[sysInputKey] = sysInput[sysInputKey];
+    }
+
    Decorator.inject(define.input, instance, input, (item, key) => {
      if (item.component?.name === "output-selector") {
        const contextKey = input[key];
@@ -314,12 +320,6 @@ export class Executor {
      }
    });

-    const sysInput = pluginConfig.sysSetting?.input || {};
-    //注入系统设置参数
-    for (const sysInputKey in sysInput) {
-      input[sysInputKey] = sysInput[sysInputKey];
-    }
-
    const newInputHash = hashUtils.md5(JSON.stringify(input));
    step.status!.inputHash = newInputHash;
    //判断是否需要跳过
@@ -352,6 +352,7 @@ export class Executor {
      pipeline: this.pipeline,
      runtime: this.runtime,
      step,
+      define: cloneDeep(define),
      lastStatus,
      http,
      download,
@@ -438,7 +439,7 @@ export class Executor {
        const runnableError = error as RunnableError;
        content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n`;
        for (const re of runnableError.errors) {
-          content += ` - ${re.runnable.title} 执行失败\n  错误详情:${re.e.message}\n\n`;
+          content += ` - ${re.runnable.title} 执行失败，错误详情：${re.e?.message || re.e?.error?.message}\n\n`;
        }
      } else {
        content = `流水线ID:${this.pipeline.id}，运行ID:${this.runtime.id}\n\n${this.currentStatusMap?.currentStep?.title} 执行失败\n\n错误详情:${error.message}`;
@@ -452,12 +453,12 @@ export class Executor {
        continue;
      }

-      if (notification.type === "email") {
+      if (notification.type === "email" && notification.options?.receivers) {
        try {
          await this.options.emailService?.send({
            subject,
            content,
-            receivers: notification.options.receivers,
+            receivers: notification.options?.receivers,
          });
        } catch (e) {
          logger.error("send email error", e);
@@ -489,7 +490,15 @@ export class Executor {
    }
  }

+  /**
+   *
+   * @param stepId 如果==ALL 清除所有
+   */
  clearLastStatus(stepId: string) {
+    if (stepId === "ALL") {
+      this.lastStatusMap.clear();
+      return;
+    }
    this.lastStatusMap.clearById(stepId);
  }
 }
--- a/packages/core/pipeline/src/core/run-history.ts
+++ b/packages/core/pipeline/src/core/run-history.ts
@@ -203,6 +203,7 @@ export class RunnableCollection {
    if (runnable?.status) {
      runnable.status.status = ResultType.none;
      runnable.status.result = ResultType.none;
+      runnable.status.output = {};
      runnable.status.inputHash = "";
      // @ts-ignore
      runnable.input = {};
--- a/packages/core/pipeline/src/dt/pipeline.ts
+++ b/packages/core/pipeline/src/dt/pipeline.ts
@@ -52,7 +52,9 @@ export type Stage = Runnable & {
 export type Trigger = {
  id: string;
  title: string;
-  cron: string;
+  props: {
+    cron: string;
+  };
  type: string;
 };

@@ -78,14 +80,13 @@ export type EmailOptions = {
  receivers: string[];
 };
 export type NotificationWhen = "error" | "success" | "turnToSuccess" | "start";
-export type NotificationType = "email" | "url";
+export type NotificationType = "email" | "other";
 export type Notification = {
  type: NotificationType;
  when: NotificationWhen[];
-  options: EmailOptions;
+  options?: EmailOptions;
  notificationId: number;
  title: string;
-  subType: string;
 };

 export type Pipeline = Runnable & {
--- a/packages/core/pipeline/src/notification/api.ts
+++ b/packages/core/pipeline/src/notification/api.ts
@@ -4,7 +4,6 @@ import { FormItemProps, HistoryResult, Pipeline } from "../dt/index.js";
 import { HttpClient, ILogger, utils } from "@certd/basic";
 import * as _ from "lodash-es";
 import { IEmailService } from "../service/index.js";
-import { isPlus } from "@certd/plus-core";

 export type NotificationBody = {
  userId?: number;
@@ -81,9 +80,6 @@ export abstract class BaseNotification implements INotification {
  logger!: ILogger;

  async doSend(body: NotificationBody) {
-    if (this.define.needPlus && !isPlus()) {
-      body.content = `${body.content}\n\n注意：此通知渠道已调整为专业版功能，后续版本将不再支持发送，请尽快修改或升级为专业版`;
-    }
    return await this.send(body);
  }
  abstract send(body: NotificationBody): Promise<void>;
@@ -121,9 +117,13 @@ export abstract class BaseNotification implements INotification {
  async onTestRequest() {
    return await this.doSend({
      userId: 0,
-      title: "【Certd】测试通知【*.foo.com】，标题长度测试、测试、测试",
-      content: `测试通知,*.foo.com
+      title: "【标题】测试通知【*.foo.com】，标题长度测试、测试、测试",
+      content: `测试通知
+域名测试: *.foo.com
 换行测试
+(括号测试)
+<尖括号测试>
+[中括号测试]
      `,
      pipeline: {
        id: 1,
--- a/packages/core/pipeline/src/plugin/api.ts
+++ b/packages/core/pipeline/src/plugin/api.ts
@@ -59,6 +59,7 @@ export type PluginDefine = Registrable & {
      form: any;
    };
  };
+  onlyAdmin?: boolean;
  needPlus?: boolean;
  showRunStrategy?: boolean;
  pluginType?: string; //类型
@@ -85,6 +86,7 @@ export type TaskInstanceContext = {
  runtime: RunHistory;
  //步骤定义
  step: Step;
+  define: PluginDefine;
  //日志
  logger: ILogger;
  //当前步骤输入参数跟上一次执行比较是否有变化
@@ -152,6 +154,22 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    this.logger = ctx.logger;
    this.accessService = ctx.accessService;
    this.http = ctx.http;
+    // 将证书加入secret
+    // @ts-ignore
+    if (this.cert && this.cert.crt && this.cert.key) {
+      //有证书
+      // @ts-ignore
+      const cert: any = this.cert;
+      this.registerSecret(cert.crt);
+      this.registerSecret(cert.key);
+      this.registerSecret(cert.one);
+    }
+
+    if (this.ctx?.define?.onlyAdmin) {
+      if (!this.isAdmin()) {
+        throw new Error("只有管理员才能运行此任务");
+      }
+    }
  }

  async getAccess<T = any>(accessId: string | number, isCommon = false) {
@@ -186,6 +204,14 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    return res as T;
  }

+  registerSecret(value: string) {
+    // @ts-ignore
+    if (this.logger?.addSecret) {
+      // @ts-ignore
+      this.logger.addSecret(value);
+    }
+  }
+
  randomFileId() {
    return Math.random().toString(36).substring(2, 9);
  }
@@ -227,6 +253,11 @@ export abstract class AbstractTaskPlugin implements ITaskPlugin {
    return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
  }

+  buildCertName(domain: string) {
+    domain = domain.replaceAll("*", "_").replaceAll(".", "_");
+    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+  }
+
  async onRequest(req: PluginRequestHandleReq<any>) {
    if (!req.action) {
      throw new Error("action is required");
--- a/packages/core/pipeline/src/plugin/group.ts
+++ b/packages/core/pipeline/src/plugin/group.ts
@@ -27,7 +27,9 @@ export const pluginGroups = {
  tencent: new PluginGroup("tencent", "腾讯云", 4, "svg:icon-tencentcloud"),
  volcengine: new PluginGroup("volcengine", "火山引擎", 4, "svg:icon-volcengine"),
  jdcloud: new PluginGroup("jdcloud", "京东云", 4, "svg:icon-jdcloud"),
+  baidu: new PluginGroup("baidu", "百度云", 4, "ant-design:baidu-outlined"),
  qiniu: new PluginGroup("qiniu", "七牛云", 5, "svg:icon-qiniuyun"),
  aws: new PluginGroup("aws", "亚马逊云", 6, "svg:icon-aws"),
  other: new PluginGroup("other", "其他", 10, "clarity:plugin-line"),
+  admin: new PluginGroup("admin", "管理", 11, "ion:settings-outline"),
 };
--- a/packages/core/pipeline/src/service/email.ts
+++ b/packages/core/pipeline/src/service/email.ts
@@ -1,7 +1,9 @@
 export type EmailSend = {
  subject: string;
-  content: string;
  receivers: string[];
+  content?: string;
+  attachments?: any[];
+  html?: string;
 };

 export interface IEmailService {
--- a/packages/libs/lib-huawei/CHANGELOG.md
+++ b/packages/libs/lib-huawei/CHANGELOG.md
@@ -3,6 +3,130 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/lib-huawei
--- a/packages/libs/lib-huawei/package.json
+++ b/packages/libs/lib-huawei/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/libs/lib-iframe/CHANGELOG.md
+++ b/packages/libs/lib-iframe/CHANGELOG.md
@@ -3,6 +3,130 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/lib-iframe
--- a/packages/libs/lib-iframe/package.json
+++ b/packages/libs/lib-iframe/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/libs/lib-jdcloud/CHANGELOG.md
+++ b/packages/libs/lib-jdcloud/CHANGELOG.md
@@ -3,6 +3,130 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/jdcloud
--- a/packages/libs/lib-jdcloud/package.json
+++ b/packages/libs/lib-jdcloud/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.34.4",
+  "version": "1.36.18",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -61,5 +61,5 @@
      "fetch"
    ]
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/libs/lib-k8s/CHANGELOG.md
+++ b/packages/libs/lib-k8s/CHANGELOG.md
@@ -3,6 +3,136 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Performance Improvements
+
+* 部署到k8s支持自动创建secret ([c09c962](https://github.com/certd/certd/commit/c09c962cb676ca261610aa9f3e5105c9dae43f43))
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* k8s ack、tke 支持重启ingress ([95715a0](https://github.com/certd/certd/commit/95715a007d931c64fa7dd953d94957398e00a443))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+### Performance Improvements
+
+* 部署到k8s，tke，ack忽悠证书校验 ([ab84835](https://github.com/certd/certd/commit/ab848353621869464a2c9a45fdb5e28d998b8a58))
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/lib-k8s
--- a/packages/libs/lib-k8s/package.json
+++ b/packages/libs/lib-k8s/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.34.4",
+    "@certd/basic": "^1.36.18",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/libs/lib-k8s/src/index.ts
+++ b/packages/libs/lib-k8s/src/index.ts
@@ -1 +1 @@
-export * from './lib/k8s.client.js';
+export * from "./lib/k8s.client.js";
--- a/packages/libs/lib-k8s/src/lib/k8s.client.ts
+++ b/packages/libs/lib-k8s/src/lib/k8s.client.ts
@@ -1,7 +1,7 @@
-import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from '@kubernetes/client-node';
-import dns from 'dns';
-import { ILogger } from '@certd/basic';
-import _ from 'lodash-es';
+import { CoreV1Api, KubeConfig, NetworkingV1Api, V1Ingress, V1Secret } from "@kubernetes/client-node";
+import dns from "dns";
+import { ILogger } from "@certd/basic";
+import _ from "lodash-es";

 export type K8sClientOpts = {
  kubeConfigStr: string;
@@ -9,6 +9,7 @@ export type K8sClientOpts = {
  //{  [domain]:{ip:'xxx.xx.xxx'} }
  //暂时没用
  lookup?: any;
+  skipTLSVerify?: boolean;
 };
 export class K8sClient {
  kubeconfig!: KubeConfig;
@@ -16,10 +17,12 @@ export class K8sClient {
  lookup!: (hostnameReq: any, options: any, callback: any) => void;
  client!: CoreV1Api;
  logger: ILogger;
+  skipTLSVerify?: boolean;
  constructor(opts: K8sClientOpts) {
    this.kubeConfigStr = opts.kubeConfigStr;
    this.logger = opts.logger;
    this.setLookup(opts.lookup);
+    this.skipTLSVerify = opts.skipTLSVerify;
    this.init();
  }

@@ -27,6 +30,18 @@ export class K8sClient {
    const kubeconfig = new KubeConfig();
    kubeconfig.loadFromString(this.kubeConfigStr);
    this.kubeconfig = kubeconfig;
+
+    try {
+      if (this.skipTLSVerify == true) {
+        for (const cluster of kubeconfig.getClusters()) {
+          // @ts-ignore
+          cluster["skipTLSVerify"] = this.skipTLSVerify;
+        }
+      }
+    } catch (e) {
+      this.logger.warn("skipTLSVerify error", e);
+    }
+
    this.client = kubeconfig.makeApiClient(CoreV1Api);

    // const reqOpts = { kubeconfig, request: {} } as any;
@@ -47,9 +62,9 @@ export class K8sClient {
      return;
    }
    this.lookup = (hostnameReq: any, options: any, callback: any) => {
-      this.logger.info('custom lookup', hostnameReq, localRecords);
+      this.logger.info("custom lookup", hostnameReq, localRecords);
      if (localRecords[hostnameReq]) {
-        this.logger.info('local record', hostnameReq, localRecords[hostnameReq]);
+        this.logger.info("local record", hostnameReq, localRecords[hostnameReq]);
        callback(null, localRecords[hostnameReq].ip, 4);
      } else {
        dns.lookup(hostnameReq, options, callback);
@@ -63,7 +78,7 @@ export class K8sClient {
   * @returns secretsList
   */
  async getSecrets(opts: { namespace: string }) {
-    const namespace = opts.namespace || 'default';
+    const namespace = opts.namespace || "default";
    return await this.client.listNamespacedSecret(namespace);
  }

@@ -73,9 +88,9 @@ export class K8sClient {
   * @returns {Promise<*>}
   */
  async createSecret(opts: { namespace: string; body: V1Secret }) {
-    const namespace = opts.namespace || 'default';
+    const namespace = opts.namespace || "default";
    const created = await this.client.createNamespacedSecret(namespace, opts.body);
-    this.logger.info('new secrets:', opts.body);
+    this.logger.info("new secrets:", opts.body.metadata);
    return created.body;
  }

@@ -88,25 +103,41 @@ export class K8sClient {
  //   return await this.client.replaceNamespacedSecret(secretName, namespace, opts.body);
  // }

-  async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret }) {
-    const namespace = opts.namespace || 'default';
+  async patchSecret(opts: { namespace: string; secretName: string; body: V1Secret; createOnNotFound?: boolean }) {
+    const namespace = opts.namespace || "default";
    const secretName = opts.secretName;
    if (secretName == null) {
-      throw new Error('secretName 不能为空');
+      throw new Error("secretName 不能为空");
    }
-    this.logger.info('patch secret:', secretName, namespace);
-    const oldSecret = await this.client.readNamespacedSecret(secretName, namespace);
+    this.logger.info("patch secret:", secretName, namespace);
+    let oldSecret: any = null;
+    try {
+      oldSecret = await this.client.readNamespacedSecret(secretName, namespace);
+    } catch (e) {
+      //@ts-ignore
+      if (e.response?.body?.code === 404) {
+        this.logger.warn(`secret ${secretName} 不存在`);
+        if (opts.createOnNotFound) {
+          //没有找到，则创建
+          const res = await this.createSecret({ namespace, body: opts.body });
+          this.logger.info(`secret ${secretName} 已创建`);
+          return res;
+        }
+      }
+      throw e;
+    }
+
    const newSecret = _.merge(oldSecret.body, opts.body);
    const res = await this.client.replaceNamespacedSecret(secretName, namespace, newSecret);
-    this.logger.info('secret updated');
+    this.logger.info(`secret ${secretName} 已更新`);
    return res.body;
  }

  async getIngressList(opts: { namespace: string }) {
-    const namespace = opts.namespace || 'default';
+    const namespace = opts.namespace || "default";
    const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
    const res = await client.listNamespacedIngress(namespace);
-    this.logger.info('ingress list get:', res.body);
+    this.logger.info("ingress list get:", res.body);
    return res.body;
  }

@@ -122,17 +153,31 @@ export class K8sClient {
  // }

  async patchIngress(opts: { namespace: string; ingressName: string; body: V1Ingress }) {
-    const namespace = opts.namespace || 'default';
+    const namespace = opts.namespace || "default";
    const ingressName = opts.ingressName;
    if (!ingressName) {
-      throw new Error('ingressName 不能为空');
+      throw new Error("ingressName 不能为空");
    }
-    this.logger.info('patch ingress:', ingressName, namespace);
+    this.logger.info("patch ingress:", ingressName, namespace);
    const client = this.kubeconfig.makeApiClient(NetworkingV1Api);
    const oldIngress = await client.readNamespacedIngress(ingressName, namespace);
    const newIngress = _.merge(oldIngress.body, opts.body);
    const res = await client.replaceNamespacedIngress(ingressName, namespace, newIngress);
-    this.logger.info('ingress patched', opts.body);
+    this.logger.info("ingress patched", opts.body);
    return res;
  }
+
+  async restartIngress(namespace: string, ingressNames: string[], labels: any) {
+    const body = {
+      metadata: {
+        labels: {
+          ...labels,
+        },
+      },
+    };
+    for (const ingress of ingressNames) {
+      await this.patchIngress({ namespace, ingressName: ingress, body });
+      this.logger.info(`ingress已重启:${ingress}`);
+    }
+  }
 }
--- a/packages/libs/lib-server/CHANGELOG.md
+++ b/packages/libs/lib-server/CHANGELOG.md
@@ -3,6 +3,145 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Bug Fixes
+
+* 修复授权配置复制功能，无法复制已加密字段的问题 ([221e068](https://github.com/certd/certd/commit/221e068bac3af6cd5d1794f8cd4c2ec5c0bc3f45))
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* 新增找回密码功能 [@nicheng-he](https://github.com/nicheng-he) ([81ac240](https://github.com/certd/certd/commit/81ac240ac84db0af2f56b6352e227ecb49f38377))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+### Performance Improvements
+
+* 优化流水线列表页面、详情页面性能，精简返回数据 ([609ac9c](https://github.com/certd/certd/commit/609ac9c9a2dde605eb09834ae59693c1cb238765))
+* OpenAPI支持autoApply参数 ([42f4d14](https://github.com/certd/certd/commit/42f4d1477dc791520a874aed56035abcbc8c433b))
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/lib-server
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Performance Improvements
+
+* 支持设置用户有效期 ([6ac3bc5](https://github.com/certd/certd/commit/6ac3bc564f407dad2cd0b0b0744e887387aa5da3))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Performance Improvements
+
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Performance Improvements
+
+* 站点证书监控增加通知设置 ([3422a1a](https://github.com/certd/certd/commit/3422a1a59fd0d2c0f17fa9c7e8988ac527ecfdd9))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/lib-server
--- a/packages/libs/lib-server/package.json
+++ b/packages/libs/lib-server/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.34.4",
+  "version": "1.36.18",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -27,10 +27,10 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.34.4",
-    "@certd/basic": "^1.34.4",
-    "@certd/pipeline": "^1.34.4",
-    "@certd/plus-core": "^1.34.4",
+    "@certd/acme-client": "^1.36.18",
+    "@certd/basic": "^1.36.18",
+    "@certd/pipeline": "^1.36.18",
+    "@certd/plus-core": "^1.36.18",
    "@midwayjs/cache": "~3.14.0",
    "@midwayjs/core": "~3.20.3",
    "@midwayjs/i18n": "~3.20.3",
@@ -61,5 +61,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/libs/lib-server/src/basic/base-service.ts
+++ b/packages/libs/lib-server/src/basic/base-service.ts
@@ -84,6 +84,7 @@ export abstract class BaseService<T> {
      ...where,
    });
    await this.modifyAfter(idArr);
+    return ids
  }

  resolveIdArr(ids: string | any[]) {
@@ -163,8 +164,11 @@ export abstract class BaseService<T> {
  }

  private buildListQuery(listReq: ListReq<T>) {
-    const { query, sort, buildQuery } = listReq;
+    const { query, sort, buildQuery,select } = listReq;
    const qb = this.getRepository().createQueryBuilder('main');
+    if (select) {
+      qb.setFindOptions({select});
+    }
    if (query) {
      const keys = Object.keys(query);
      for (const key of keys) {
@@ -190,6 +194,7 @@ export abstract class BaseService<T> {
    if (buildQuery) {
      buildQuery(qb);
    }
+
    return qb;
  }

--- a/packages/libs/lib-server/src/basic/constants.ts
+++ b/packages/libs/lib-server/src/basic/constants.ts
@@ -107,5 +107,17 @@ export const Constants = {
      code: 20012,
      message: '证书还未生成',
    },
+    openCertApplying: {
+      code: 20013,
+      message: '证书正在申请中，请稍后重新获取',
+    },
+    openDomainNoVerifier:{
+      code: 20014,
+      message: '域名校验方式未配置',
+    },
+    openEmailNotFound: {
+      code: 20021,
+      message: '用户邮箱还未配置',
+    },
  },
 };
--- a/packages/libs/lib-server/src/basic/exception/common-exception.ts
+++ b/packages/libs/lib-server/src/basic/exception/common-exception.ts
@@ -11,13 +11,13 @@ export class CommonException extends BaseException {
 }

 export class CodeException extends BaseException {
-  constructor(res: { code: number; message: string }) {
-    super("CodeException", res.code, res.message);
+  constructor(res: { code: number; message: string; data?: any }) {
+    super("CodeException", res.code, res.message, res.data);
  }
 }

 export class TextException extends BaseException {
-  constructor(name, code,message, data?) {
+  constructor(name, code, message, data?) {
    super(name, code, message, data);
  }
 }
--- a/packages/libs/lib-server/src/system/settings/service/models.ts
+++ b/packages/libs/lib-server/src/system/settings/service/models.ts
@@ -16,11 +16,13 @@ export class SysPublicSettings extends BaseSettings {
  static __access__ = 'public';

  registerEnabled = false;
+  userValidTimeEnabled?:boolean = false;
  passwordLoginEnabled = true;
  usernameRegisterEnabled = true;
  mobileRegisterEnabled = false;
  smsLoginEnabled = false;
  emailRegisterEnabled = false;
+  selfServicePasswordRetrievalEnabled = false;

  limitUserPipelineCount = 0;
  managerOtherUserPipeline = false;
@@ -204,3 +206,5 @@ export class SysSafeSetting extends BaseSettings {
    autoHiddenTimes: 5,
  };
 }
+
+
--- a/packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts
+++ b/packages/libs/lib-server/src/system/settings/service/sys-settings-service.ts
@@ -3,11 +3,12 @@ import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
 import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
-import * as _ from 'lodash-es';
+
 import { BaseService } from '../../../basic/index.js';
 import { cache, logger, setGlobalProxy } from '@certd/basic';
 import * as dns from 'node:dns';
-
+import {mergeUtils} from "@certd/basic";
+const {merge} = mergeUtils;
 /**
 * 设置
 */
@@ -75,7 +76,7 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    }
    let newSetting: T = new type();
    const savedSettings = await this.getSettingByKey(key);
-    newSetting = _.merge(newSetting, savedSettings);
+    newSetting = merge(newSetting, savedSettings);
    await this.saveSetting(newSetting);
    cache.set(cacheKey, newSetting);
    return newSetting;
--- a/packages/libs/lib-server/src/user/access/service/access-service.ts
+++ b/packages/libs/lib-server/src/user/access/service/access-service.ts
@@ -1,16 +1,16 @@
-import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
-import { InjectEntityModel } from '@midwayjs/typeorm';
-import { Repository } from 'typeorm';
-import { BaseService, PageReq, PermissionException, ValidateException } from '../../../index.js';
-import { AccessEntity } from '../entity/access.js';
-import { AccessDefine, accessRegistry, newAccess } from '@certd/pipeline';
-import { EncryptService } from './encrypt-service.js';
+import {Inject, Provide, Scope, ScopeEnum} from '@midwayjs/core';
+import {InjectEntityModel} from '@midwayjs/typeorm';
+import { In, Repository } from "typeorm";
+import {AccessGetter, BaseService, PageReq, PermissionException, ValidateException} from '../../../index.js';
+import {AccessEntity} from '../entity/access.js';
+import {AccessDefine, accessRegistry, newAccess} from '@certd/pipeline';
+import {EncryptService} from './encrypt-service.js';

 /**
 * 授权
 */
@Provide()
-@Scope(ScopeEnum.Request, { allowDowngrade: true })
+@Scope(ScopeEnum.Request, {allowDowngrade: true})
 export class AccessService extends BaseService<AccessEntity> {
  @InjectEntityModel(AccessEntity)
  repository: Repository<AccessEntity>;
@@ -34,7 +34,18 @@ export class AccessService extends BaseService<AccessEntity> {
  }

  async add(param) {
-    this.encryptSetting(param, null);
+    let oldEntity = null;
+    if (param._copyFrom){
+      oldEntity = await this.info(param._copyFrom);
+      if (oldEntity == null) {
+        throw new ValidateException('该授权配置不存在,请确认是否已被删除');
+      }
+      if (oldEntity.userId  !== param.userId) {
+        throw new ValidateException('您无权查看该授权配置');
+      }
+    }
+    delete param._copyFrom
+    this.encryptSetting(param, oldEntity);
    return await super.add(param);
  }

@@ -95,6 +106,7 @@ export class AccessService extends BaseService<AccessEntity> {
    param.encryptSetting = JSON.stringify(encryptSetting);
    param.setting = JSON.stringify(json);
  }
+
  /**
   * 修改
   * @param param 数据
@@ -140,7 +152,8 @@ export class AccessService extends BaseService<AccessEntity> {
      id: entity.id,
      ...setting,
    };
-    return await newAccess(entity.type, input);
+    const accessGetter = new AccessGetter(userId, this.getById.bind(this));
+    return await newAccess(entity.type, input,accessGetter);
  }

  async getById(id: any, userId: number): Promise<any> {
@@ -173,4 +186,27 @@ export class AccessService extends BaseService<AccessEntity> {
  getDefineByType(type: string) {
    return accessRegistry.getDefine(type);
  }
+
+
+  async getSimpleByIds(ids: number[], userId: any) {
+    if (ids.length === 0) {
+      return [];
+    }
+    if (!userId) {
+      return [];
+    }
+    return await this.repository.find({
+      where: {
+        id: In(ids),
+        userId,
+      },
+      select: {
+        id: true,
+        name: true,
+        type: true,
+        userId:true
+      },
+    });
+
+  }
 }
--- a/packages/libs/midway-flyway-js/CHANGELOG.md
+++ b/packages/libs/midway-flyway-js/CHANGELOG.md
@@ -3,6 +3,130 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/midway-flyway-js
--- a/packages/libs/midway-flyway-js/package.json
+++ b/packages/libs/midway-flyway-js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.34.4",
+  "version": "1.36.18",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/plugins/plugin-cert/CHANGELOG.md
+++ b/packages/plugins/plugin-cert/CHANGELOG.md
@@ -3,6 +3,172 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Performance Improvements
+
+* 支持p7b证书格式 ([d9f4a57](https://github.com/certd/certd/commit/d9f4a5793d68a017a5d80ad5385cbda603c4e165))
+* openapi返回证书时挑选匹配范围最小的那一个；增加format参数，增加返回值p7b格式，增加detail返回 ([2085bcc](https://github.com/certd/certd/commit/2085bcceb61c3723c9bdfec4c4cc0917631ff5e5))
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+### Performance Improvements
+
+* 证书申请任务默认不发送申请成功通知 ([0283bd2](https://github.com/certd/certd/commit/0283bd2f978dbcd13d361129135e439dd9fbc180))
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+### Performance Improvements
+
+* 百度云支持上传到证书托管，支持部署到负载均衡 ([798a48a](https://github.com/certd/certd/commit/798a48aa9686fd5d11cfffb6cd93eadfc40aacb3))
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Bug Fixes
+
+* 修复商用证书上传第二次运行无法使用pfx格式证书的bug ([251dd1f](https://github.com/certd/certd/commit/251dd1fe457a7b152f43eb6de18f7beb9f0b194e))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+### Performance Improvements
+
+* 支持邮箱发送证书 ([95332d5](https://github.com/certd/certd/commit/95332d5db96cd54ddab6ab737332417a09169b39))
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+### Performance Improvements
+
+* 支持自动选择校验方式申请证书 ([3f99432](https://github.com/certd/certd/commit/3f9943270cfb12946e38e6272bc5e8d95ad6ab9e))
+* OpenAPI支持autoApply参数 ([42f4d14](https://github.com/certd/certd/commit/42f4d1477dc791520a874aed56035abcbc8c433b))
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+### Performance Improvements
+
+* 优化证书进度条颜色 ([2af91db](https://github.com/certd/certd/commit/2af91dbf2ae36a4ed17c6788bc2a2a79a3bb29f8))
+* 支持部署到阿里云vod ([98da4e1](https://github.com/certd/certd/commit/98da4e1791ed8bb21daf2a9914fda875d14633c9))
+* output-selector from参数支持更丰富的过滤规则 ([87853a2](https://github.com/certd/certd/commit/87853a201535f3bfe8505c40f8f5229d82ffcc73))
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+### Performance Improvements
+
+* 模版导入流水线 ([dcc8c56](https://github.com/certd/certd/commit/dcc8c569693432579709ce63656665a76bcf9a44))
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Bug Fixes
+
+* 某些证书提供商的证书确实commonName导致无法转换证书的问题 ([ac87bc5](https://github.com/certd/certd/commit/ac87bc57e957ea4679707bfd38d6840e26319bed))
+
+### Performance Improvements
+
+* 证书申请支持letencrypt profile选项 ([2eb0e54](https://github.com/certd/certd/commit/2eb0e54909d8ad36708e07c12fd598998159bc43))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+### Features
+
+* **lego:** support for command options ([b84159f](https://github.com/certd/certd/commit/b84159f2f11531f058837c2e82d66499f3740f20))
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+### Bug Fixes
+
+* 修复中文域名使用cname方式校验无法通过的问题 ([f7d5baa](https://github.com/certd/certd/commit/f7d5baa6d04cb83c572b06e62f885890cfa0143a))
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+### Performance Improvements
+
+* 邮箱支持保存和选择 ([f7b0b44](https://github.com/certd/certd/commit/f7b0b44ef6044bec36510a6f0b06d8dca5bfce49))
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 修复证书申请任务无法修改dns提供商类型的bug ([8802274](https://github.com/certd/certd/commit/88022747bebe2054223e0241d68d410771405e68))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Bug Fixes
+
+* 修复公共插件配置修改不生效的bug，优化系统设置参数注入时机 ([e1e510c](https://github.com/certd/certd/commit/e1e510ce1e37a5ae82478226b6987a83f22d1ecb))
+* 修复lego模式下每次都重新申请证书的bug ([f807b8c](https://github.com/certd/certd/commit/f807b8cb465cc329fa034ecbef94e18ef394f870))
+* **cert:** 修正证书过期时间计算逻辑 ([a3086e6](https://github.com/certd/certd/commit/a3086e6a5bec8b07f5e1d21a2ca8bd969c75bd5c))
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/plugin-cert
--- a/packages/plugins/plugin-cert/package.json
+++ b/packages/plugins/plugin-cert/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -16,16 +16,16 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.34.4",
-    "@certd/basic": "^1.34.4",
-    "@certd/pipeline": "^1.34.4",
-    "@certd/plugin-lib": "^1.34.4",
+    "@certd/acme-client": "^1.36.18",
+    "@certd/basic": "^1.36.18",
+    "@certd/pipeline": "^1.36.18",
+    "@certd/plugin-lib": "^1.36.18",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
    "lodash-es": "^4.17.21",
    "psl": "^1.9.0",
-    "punycode": "^2.3.1",
+    "punycode.js": "^2.3.1",
    "rimraf": "^5.0.5"
  },
  "devDependencies": {
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/plugins/plugin-cert/src/dns-provider/api.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/api.ts
@@ -29,9 +29,25 @@ export type DnsProviderContext = {

 export interface IDnsProvider<T = any> {
  onInstance(): Promise<void>;
+
+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string): string;
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string): string;
+
  createRecord(options: CreateRecordOptions): Promise<T>;
+
  removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
+
  setCtx(ctx: DnsProviderContext): void;
+
  //中文域名是否需要punycode转码，如果返回True，则使用punycode来添加解析记录，否则使用中文域名添加解析记录
  usePunyCode(): boolean;
 }
@@ -43,3 +59,38 @@ export interface ISubDomainsGetter {
 export interface IDomainParser {
  parse(fullDomain: string): Promise<string>;
 }
+
+export type DnsVerifier = {
+  // dns直接校验
+  dnsProviderType?: string;
+  dnsProviderAccessId?: number;
+};
+
+export type CnameVerifier = {
+  hostRecord: string;
+  domain: string;
+  recordValue: string;
+};
+
+export type HttpVerifier = {
+  // http校验
+  httpUploaderType: string;
+  httpUploaderAccess: number;
+  httpUploadRootDir: string;
+};
+export type DomainVerifier = {
+  domain: string;
+  mainDomain: string;
+  type: string;
+  dns?: DnsVerifier;
+  cname?: CnameVerifier;
+  http?: HttpVerifier;
+};
+
+export type DomainVerifiers = {
+  [key: string]: DomainVerifier;
+};
+
+export interface IDomainVerifierGetter {
+  getVerifiers(domains: string[]): Promise<DomainVerifiers>;
+}
--- a/packages/plugins/plugin-cert/src/dns-provider/base.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/base.ts
@@ -1,7 +1,7 @@
 import { CreateRecordOptions, DnsProviderContext, DnsProviderDefine, IDnsProvider, RemoveRecordOptions } from "./api.js";
 import { dnsProviderRegistry } from "./registry.js";
 import { HttpClient, ILogger } from "@certd/basic";
-
+import punycode from "punycode.js";
 export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
  ctx!: DnsProviderContext;
  http!: HttpClient;
@@ -13,6 +13,22 @@ export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
    return false;
  }

+  /**
+   * 中文转英文
+   * @param domain
+   */
+  punyCodeEncode(domain: string) {
+    return punycode.toASCII(domain);
+  }
+
+  /**
+   * 转中文域名
+   * @param domain
+   */
+  punyCodeDecode(domain: string) {
+    return punycode.toUnicode(domain);
+  }
+
  setCtx(ctx: DnsProviderContext) {
    this.ctx = ctx;
    this.logger = ctx.logger;
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -6,7 +6,7 @@ import { Challenge } from "@certd/acme-client/types/rfc8555";
 import { IContext } from "@certd/pipeline";
 import { ILogger, utils } from "@certd/basic";
 import { IDnsProvider, IDomainParser } from "../../dns-provider/index.js";
-import punycode from "node:punycode";
+import punycode from "punycode.js";
 import { IOssClient } from "@certd/plugin-lib";
 export type CnameVerifyPlan = {
  type?: string;
@@ -23,10 +23,11 @@ export type HttpVerifyPlan = {

 export type DomainVerifyPlan = {
  domain: string;
+  mainDomain: string;
  type: "cname" | "dns" | "http";
  dnsProvider?: IDnsProvider;
-  cnameVerifyPlan?: Record<string, CnameVerifyPlan>;
-  httpVerifyPlan?: Record<string, HttpVerifyPlan>;
+  cnameVerifyPlan?: CnameVerifyPlan;
+  httpVerifyPlan?: HttpVerifyPlan;
 };
 export type DomainsVerifyPlan = {
  [key: string]: DomainVerifyPlan;
@@ -47,6 +48,7 @@ export type CertInfo = {
  der?: string;
  jks?: string;
  one?: string;
+  p7b?: string;
 };
 export type SSLProvider = "letsencrypt" | "google" | "zerossl";
 export type PrivateKeyType = "rsa_1024" | "rsa_2048" | "rsa_3072" | "rsa_4096" | "ec_256" | "ec_384" | "ec_521";
@@ -233,21 +235,20 @@ export class AcmeService {
    let dnsProvider = providers.dnsProvider;
    let fullRecord = `_acme-challenge.${fullDomain}`;

+    // const origDomain = punycode.toUnicode(domain);
+    const origFullDomain = punycode.toUnicode(fullDomain);
    if (providers.domainsVerifyPlan) {
      //按照计划执行
-      const domainVerifyPlan = providers.domainsVerifyPlan[domain];
+      const domainVerifyPlan = providers.domainsVerifyPlan[origFullDomain];
      if (domainVerifyPlan) {
        if (domainVerifyPlan.type === "dns") {
          dnsProvider = domainVerifyPlan.dnsProvider;
        } else if (domainVerifyPlan.type === "cname") {
-          const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
-          if (cnameVerifyPlan) {
-            const cname = cnameVerifyPlan[fullDomain];
-            if (cname) {
-              dnsProvider = cname.dnsProvider;
-              domain = await this.options.domainParser.parse(cname.domain);
-              fullRecord = cname.fullRecord;
-            }
+          const cname: CnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
+          if (cname) {
+            dnsProvider = cname.dnsProvider;
+            domain = await this.options.domainParser.parse(cname.domain);
+            fullRecord = cname.fullRecord;
          } else {
            this.logger.error(`未找到域名${fullDomain}的CNAME校验计划，请修改证书申请配置`);
          }
@@ -255,13 +256,12 @@ export class AcmeService {
            throw new Error(`未找到域名${fullDomain}CNAME校验计划的DnsProvider，请修改证书申请配置`);
          }
        } else if (domainVerifyPlan.type === "http") {
-          const httpVerifyPlan = domainVerifyPlan.httpVerifyPlan;
-          if (httpVerifyPlan) {
+          const plan: HttpVerifyPlan = domainVerifyPlan.httpVerifyPlan;
+          if (plan) {
            const httpChallenge = getChallenge("http-01");
            if (httpChallenge == null) {
              throw new Error("该域名不支持http-01方式校验");
            }
-            const plan = httpVerifyPlan[fullDomain];
            return await doHttpVerify(httpChallenge, plan.httpUploader);
          } else {
            throw new Error("未找到域名【" + fullDomain + "】的http校验配置");
@@ -270,9 +270,12 @@ export class AcmeService {
          throw new Error("不支持的校验类型", domainVerifyPlan.type);
        }
      } else {
-        this.logger.info("未找到域名校验计划，使用默认的dnsProvider");
+        this.logger.warn(`未找到域名${fullDomain}的校验计划，使用默认的dnsProvider`);
      }
    }
+    if (!dnsProvider) {
+      throw new Error(`域名${fullDomain}没有匹配到任何校验方式，证书申请失败`);
+    }

    const dnsChallenge = getChallenge("dns-01");
    return await doDnsVerify(dnsChallenge, fullRecord, dnsProvider);
@@ -325,8 +328,9 @@ export class AcmeService {
    csrInfo: any;
    isTest?: boolean;
    privateKeyType?: string;
+    profile?: string;
  }): Promise<CertInfo> {
-    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options;
+    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options;
    const client: acme.Client = await this.getAcmeClient(email, isTest);

    let domains = options.domains;
@@ -398,6 +402,7 @@ export class AcmeService {
        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
      },
      signal: this.options.signal,
+      profile,
    });

    const crtString = crt.toString();
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
@@ -1,4 +1,4 @@
-import { AbstractTaskPlugin, IContext, Step, TaskInput, TaskOutput } from "@certd/pipeline";
+import { AbstractTaskPlugin, FileItem, IContext, Step, TaskInput, TaskOutput } from "@certd/pipeline";
 import dayjs from "dayjs";
 import type { CertInfo } from "./acme.js";
 import { CertReader } from "./cert-reader.js";
@@ -8,7 +8,7 @@ export const EVENT_CERT_APPLY_SUCCESS = "CertApply.success";

 export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
  @TaskInput({
-    title: "域名",
+    title: "证书域名",
    component: {
      name: "a-select",
      vModel: "value",
@@ -67,9 +67,16 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {

  @TaskOutput({
    title: "域名证书",
+    type: "cert",
  })
  cert?: CertInfo;

+  @TaskOutput({
+    title: "域名证书压缩文件",
+    type: "certZip",
+  })
+  certZip?: FileItem;
+
  async onInstance() {
    this.userContext = this.ctx.userContext;
    this.lastStatus = this.ctx.lastStatus as Step;
@@ -118,6 +125,10 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
          cert.jks = res.jks;
        }

+        if (cert.p7b == null && res.p7b) {
+          cert.p7b = res.p7b;
+        }
+
        this.logger.info("转换证书格式成功");
      } catch (e) {
        this.logger.error("转换证书格式失败", e);
@@ -130,6 +141,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
    } else {
      this.extendsFiles();
    }
+    this.certZip = this._result.files[0];
  }

  async zipCert(cert: CertInfo, filename: string) {
@@ -142,6 +154,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
    zip.file("intermediate.crt", cert.ic);
    zip.file("origin.crt", cert.oc);
    zip.file("one.pem", cert.one);
+    zip.file("cert.p7b", cert.p7b);
    if (cert.pfx) {
      zip.file("cert.pfx", Buffer.from(cert.pfx, "base64"));
    }
@@ -186,4 +199,13 @@ cert.jks：jks格式证书文件，java服务器使用
    };
    return newCert;
  }
+
+  async readLastCert(): Promise<CertReader | undefined> {
+    const cert = this.lastStatus?.status?.output?.cert;
+    if (cert == null) {
+      this.logger.info("没有找到上次的证书");
+      return undefined;
+    }
+    return new CertReader(cert);
+  }
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
@@ -8,7 +8,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
  @TaskInput({
    title: "邮箱",
    component: {
-      name: "a-input",
+      name: "email-selector",
      vModel: "value",
    },
    rules: [{ type: "email", message: "请输入正确的邮箱" }],
@@ -33,7 +33,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {

  @TaskInput({
    title: "证书申请成功通知",
-    value: true,
+    value: false,
    component: {
      name: "a-switch",
      vModel: "checked",
@@ -41,7 +41,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
    order: 100,
    helper: "证书申请成功后是否发送通知，优先使用默认通知渠道",
  })
-  successNotify = true;
+  successNotify = false;

  // @TaskInput({
  //   title: "CsrInfo",
@@ -81,6 +81,10 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
    }
  }

+  getCheckChangeInputKeys() {
+    //插件哪些字段参与校验是否需要更新
+    return ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
+  }
  /**
   * 是否更新证书
   */
@@ -91,7 +95,7 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
    //   return null;
    // }

-    const checkInputChanges = ["domains", "sslProvider", "privateKeyType", "dnsProviderType", "pfxPassword"];
+    const checkInputChanges = this.getCheckChangeInputKeys();
    const oldInput = JSON.stringify(pick(this.lastStatus?.input, checkInputChanges));
    const thisInput = JSON.stringify(pick(this, checkInputChanges));
    const inputChanged = oldInput !== thisInput;
@@ -126,15 +130,6 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
    return null;
  }

-  async readLastCert(): Promise<CertReader | undefined> {
-    const cert = this.lastStatus?.status?.output?.cert;
-    if (cert == null) {
-      this.logger.info("没有找到上次的证书");
-      return undefined;
-    }
-    return new CertReader(cert);
-  }
-
  /**
   * 检查是否过期，默认提前35天
   * @param expires
@@ -145,7 +140,8 @@ export abstract class CertApplyBasePlugin extends CertApplyBaseConvertPlugin {
      throw new Error("过期时间不能为空");
    }
    // 检查有效期
-    const leftDays = dayjs(expires).diff(dayjs(), "day");
+    const leftDays = Math.floor((expires - dayjs().valueOf()) / (1000 * 60 * 60 * 24));
+    this.logger.info(`证书剩余天数：${leftDays}`);
    return {
      isWillExpire: leftDays <= maxDays,
      leftDays,
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/cert-reader.ts
@@ -5,6 +5,7 @@ import path from "path";
 import { CertificateInfo, crypto } from "@certd/acme-client";
 import { ILogger } from "@certd/basic";
 import dayjs from "dayjs";
+import { uniq } from "lodash-es";

 export type CertReaderHandleContext = {
  reader: CertReader;
@@ -16,9 +17,19 @@ export type CertReaderHandleContext = {
  tmpIcPath?: string;
  tmpJksPath?: string;
  tmpOnePath?: string;
+  tmpP7bPath?: string;
 };
 export type CertReaderHandle = (ctx: CertReaderHandleContext) => Promise<void>;
 export type HandleOpts = { logger: ILogger; handle: CertReaderHandle };
+
+const formats = {
+  pem: ["crt", "key", "ic"],
+  one: ["one"],
+  pfx: ["pfx"],
+  der: ["der"],
+  jks: ["jks"],
+  p7b: ["p7b", "key"],
+};
 export class CertReader {
  cert: CertInfo;

@@ -72,8 +83,17 @@ export class CertReader {
    return arr[0] + endStr;
  }

-  toCertInfo(): CertInfo {
-    return this.cert;
+  toCertInfo(format?: string): CertInfo {
+    if (!format) {
+      return this.cert;
+    }
+
+    const formatArr = formats[format];
+    const res: any = {};
+    formatArr.forEach((key: string) => {
+      res[key] = this.cert[key];
+    });
+    return res;
  }

  getCrtDetail(crt: string = this.cert.crt) {
@@ -88,12 +108,42 @@ export class CertReader {

  getAllDomains() {
    const { detail } = this.getCrtDetail();
-    const domains = [detail.domains.commonName];
+    const domains = [];
+    if (detail.domains?.commonName) {
+      domains.push(detail.domains.commonName);
+    }
    domains.push(...detail.domains.altNames);
-    return domains;
+    //去重
+    return uniq(domains);
  }

-  saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "one" | "ic" | "jks", filepath?: string) {
+  getAltNames() {
+    const { detail } = this.getCrtDetail();
+    return detail.domains.altNames;
+  }
+
+  static getMainDomain(crt: string) {
+    const { detail } = CertReader.readCertDetail(crt);
+    return CertReader.getMainDomainFromDetail(detail);
+  }
+
+  getMainDomain() {
+    const { detail } = this.getCrtDetail();
+    return CertReader.getMainDomainFromDetail(detail);
+  }
+
+  static getMainDomainFromDetail(detail: CertificateInfo) {
+    let domain = detail?.domains?.commonName;
+    if (domain == null) {
+      domain = detail?.domains?.altNames?.[0];
+    }
+    if (domain == null) {
+      domain = "unknown";
+    }
+    return domain;
+  }
+
+  saveToFile(type: "crt" | "key" | "pfx" | "der" | "oc" | "one" | "ic" | "jks" | "p7b", filepath?: string) {
    if (!this.cert[type]) {
      return;
    }
@@ -107,7 +157,7 @@ export class CertReader {
    if (!fs.existsSync(dir)) {
      fs.mkdirSync(dir, { recursive: true });
    }
-    if (type === "crt" || type === "key" || type === "ic" || type === "oc" || type === "one") {
+    if (type === "crt" || type === "key" || type === "ic" || type === "oc" || type === "one" || type === "p7b") {
      fs.writeFileSync(filepath, this.cert[type]);
    } else {
      fs.writeFileSync(filepath, Buffer.from(this.cert[type], "base64"));
@@ -126,17 +176,19 @@ export class CertReader {
    const tmpDerPath = this.saveToFile("der");
    const tmpJksPath = this.saveToFile("jks");
    const tmpOnePath = this.saveToFile("one");
+    const tmpP7bPath = this.saveToFile("p7b");
    logger.info("本地文件写入成功");
    try {
      return await opts.handle({
        reader: this,
-        tmpCrtPath: tmpCrtPath,
-        tmpKeyPath: tmpKeyPath,
-        tmpPfxPath: tmpPfxPath,
-        tmpDerPath: tmpDerPath,
-        tmpIcPath: tmpIcPath,
-        tmpJksPath: tmpJksPath,
-        tmpOcPath: tmpOcPath,
+        tmpCrtPath,
+        tmpKeyPath,
+        tmpPfxPath,
+        tmpDerPath,
+        tmpIcPath,
+        tmpJksPath,
+        tmpOcPath,
+        tmpP7bPath,
        tmpOnePath,
      });
    } catch (err) {
@@ -158,14 +210,31 @@ export class CertReader {
      removeFile(tmpIcPath);
      removeFile(tmpJksPath);
      removeFile(tmpOnePath);
+      removeFile(tmpP7bPath);
    }
  }

  buildCertFileName(suffix: string, applyTime: any, prefix = "cert") {
-    const detail = this.getCrtDetail();
-    let domain = detail.detail.domains.commonName;
-    domain = domain.replace(".", "_").replace("*", "_");
+    let domain = this.getMainDomain();
+    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
    const timeStr = dayjs(applyTime).format("YYYYMMDDHHmmss");
    return `${prefix}_${domain}_${timeStr}.${suffix}`;
  }
+
+  buildCertName() {
+    let domain = this.getMainDomain();
+    domain = domain.replaceAll(".", "_").replaceAll("*", "_");
+    return `${domain}_${dayjs().format("YYYYMMDDHHmmssSSS")}`;
+  }
+
+  static appendTimeSuffix(name?: string) {
+    if (name == null) {
+      name = "certd";
+    }
+    return name + "_" + dayjs().format("YYYYMMDDHHmmssSSS");
+  }
+
+  static buildCertName(cert: any) {
+    return new CertReader(cert).buildCertName();
+  }
 }
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/convert.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/convert.ts
@@ -18,11 +18,13 @@ export class CertConverter {
    pfx: string;
    der: string;
    jks: string;
+    p7b: string;
  }> {
    const certReader = new CertReader(opts.cert);
    let pfx: string;
    let der: string;
    let jks: string;
+    let p7b: string;
    const handle = async (ctx: CertReaderHandleContext) => {
      // 调用openssl 转pfx
      pfx = await this.convertPfx(ctx, opts.pfxPassword, opts.pfxArgs);
@@ -31,6 +33,8 @@ export class CertConverter {
      der = await this.convertDer(ctx);

      jks = await this.convertJks(ctx, opts.pfxPassword);
+
+      p7b = await this.convertP7b(ctx);
    };

    await certReader.readCertFile({ logger: this.logger, handle });
@@ -39,6 +43,7 @@ export class CertConverter {
      pfx,
      der,
      jks,
+      p7b,
    };
  }

@@ -95,6 +100,23 @@ export class CertConverter {
    return derCert;
  }

+  async convertP7b(opts: CertReaderHandleContext) {
+    const { tmpCrtPath } = opts;
+    const p7bPath = path.join(os.tmpdir(), "/certd/tmp/", Math.floor(Math.random() * 1000000) + `_cert.p7b`);
+    const dir = path.dirname(p7bPath);
+    if (!fs.existsSync(dir)) {
+      fs.mkdirSync(dir, { recursive: true });
+    }
+    //openssl crl2pkcs7 -nocrl \
+    //     -certfile your_domain.crt \
+    //     -certfile intermediate.crt \
+    //     -out chain.p7b
+    await this.exec(`openssl crl2pkcs7 -nocrl -certfile ${tmpCrtPath} -out ${p7bPath}`);
+    const fileBuffer = fs.readFileSync(p7bPath);
+    const p7bCert = fileBuffer.toString();
+    fs.unlinkSync(p7bPath);
+    return p7bCert;
+  }
  async convertJks(opts: CertReaderHandleContext, pfxPassword = "") {
    const jksPassword = pfxPassword || "123456";
    try {
@@ -113,9 +135,7 @@ export class CertConverter {
      if (!fs.existsSync(dir)) {
        fs.mkdirSync(dir, { recursive: true });
      }
-      await this.exec(
-        `keytool -importkeystore -srckeystore ${p12Path} -srcstoretype PKCS12 -srcstorepass "${jksPassword}" -destkeystore ${jksPath} -deststoretype PKCS12 -deststorepass "${jksPassword}" `
-      );
+      await this.exec(`keytool -importkeystore -srckeystore ${p12Path} -srcstoretype PKCS12 -srcstorepass "${jksPassword}" -destkeystore ${jksPath} -deststoretype PKCS12 -deststorepass "${jksPassword}" `);
      fs.unlinkSync(p12Path);

      const fileBuffer = fs.readFileSync(jksPath);
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/custom/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/custom/index.ts
@@ -87,6 +87,7 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {

  @TaskOutput({
    title: "证书MD5",
+    type: "certMd5",
  })
  certMd5?: string;

@@ -99,8 +100,17 @@ export class CertApplyUploadPlugin extends CertApplyBaseConvertPlugin {
  async onInit(): Promise<void> {}

  async getCertFromStore() {
-    const certReader = new CertReader(this.uploadCert);
-    if (!certReader.expires && certReader.expires < new Date().getTime()) {
+    let certReader = null;
+    try {
+      this.logger.info("读取上次证书");
+      certReader = await this.readLastCert();
+    } catch (e) {
+      this.logger.warn("读取cert失败：", e);
+    }
+    if (certReader == null) {
+      certReader = new CertReader(this.uploadCert);
+    }
+    if (!certReader.expires || certReader.expires < new Date().getTime()) {
      throw new Error("证书已过期，停止部署，请重新上传证书");
    }

--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -1,16 +1,16 @@
 import { CancelError, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
 import { utils } from "@certd/basic";

-import type { CertInfo, CnameVerifyPlan, DomainsVerifyPlan, HttpVerifyPlan, PrivateKeyType, SSLProvider } from "./acme.js";
-import { AcmeService } from "./acme.js";
+import { AcmeService, CertInfo, DomainsVerifyPlan, DomainVerifyPlan, PrivateKeyType, SSLProvider } from "./acme.js";
 import * as _ from "lodash-es";
-import { createDnsProvider, DnsProviderContext, IDnsProvider, ISubDomainsGetter } from "../../dns-provider/index.js";
+import { createDnsProvider, DnsProviderContext, DnsVerifier, DomainVerifiers, HttpVerifier, IDnsProvider, IDomainVerifierGetter, ISubDomainsGetter } from "../../dns-provider/index.js";
 import { CertReader } from "./cert-reader.js";
 import { CertApplyBasePlugin } from "./base.js";
 import { GoogleClient } from "../../libs/google.js";
 import { EabAccess } from "../../access";
 import { DomainParser } from "../../dns-provider/domain-parser.js";
 import { ossClientFactory } from "@certd/plugin-lib";
+
 export * from "./base.js";
 export type { CertInfo };
 export * from "./cert-reader.js";
@@ -65,12 +65,17 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        { value: "dns", label: "DNS直接验证" },
        { value: "cname", label: "CNAME代理验证" },
        { value: "http", label: "HTTP文件验证" },
+        { value: "dnses", label: "多DNS提供商" },
+        { value: "auto", label: "自动匹配" },
      ],
    },
    required: true,
    helper: `1. <b>DNS直接验证</b>：域名dns解析是在阿里云/腾讯云/华为云/CF/NameSilo/西数/火山/dns.la/京东云/51dns的，选它
-2.  <b>CNAME代理验证</b>：支持任何注册商的域名，第一次需要手动添加CNAME记录（建议将DNS服务器修改为阿里云/腾讯云的，然后使用DNS直接验证）
-3.  <b>HTTP文件验证</b>：不支持泛域名，需要配置网站文件上传`,
+2.  <b>CNAME代理验证</b>：支持任何注册商的域名，第一次需要手动添加[CNAME记录](#/certd/cname/record)（建议将DNS服务器修改为阿里云/腾讯云的，然后使用DNS直接验证）
+3.  <b>HTTP文件验证</b>：不支持泛域名，需要配置网站文件上传
+4.  <b>多DNS提供商</b>：每个域名可以选择独立的DNS提供商
+5.  <b>自动匹配</b>：需要在[域名管理](#/certd/cert/domain)中事先配置好校验方式
+`,
  })
  challengeType!: string;

@@ -102,11 +107,11 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
          return form.challengeType === 'dns' 
      }),
      component:{
-        on:{
-          selectedChange({form,$event}){
-            form.dnsProviderAccessType = $event.accessType
+        onSelectedChange: ctx.compute(({form})=>{
+          return ($event)=>{
+           form.dnsProviderAccessType = $event.accessType
          }
-        }
+        })
      }
    }
    `,
@@ -159,13 +164,15 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        })
      },
      show: ctx.compute(({form})=>{
-          return form.challengeType === 'cname' ||  form.challengeType === 'http'
+          return form.challengeType === 'cname' ||  form.challengeType === 'http' ||  form.challengeType === 'dnses'
      }),
      helper: ctx.compute(({form})=>{
          if(form.challengeType === 'cname' ){
              return '请按照上面的提示，给要申请证书的域名添加CNAME记录，添加后，点击验证，验证成功后不要删除记录，申请和续期证书会一直用它'
          }else if (form.challengeType === 'http'){
              return '请按照上面的提示，给每个域名设置文件上传配置，证书申请过程中会上传校验文件到网站根目录下'
+          }else if (form.challengeType === 'http'){
+              return '给每个域名单独配置dns提供商'
          }
      })
    }
@@ -248,6 +255,30 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
  })
  privateKeyType!: PrivateKeyType;

+  @TaskInput({
+    title: "证书配置",
+    value: "classic",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "classic", label: "经典（classic）" },
+        { value: "tlsserver", label: "TLS服务器（tlsserver）" },
+        { value: "shortlived", label: "短暂的（shortlived）" },
+      ],
+    },
+    helper: "如无特殊需求，默认即可",
+    required: false,
+    mergeScript: `
+    return {
+        show: ctx.compute(({form})=>{
+            return form.sslProvider === 'letsencrypt'
+        })
+    }
+    `,
+  })
+  certProfile!: string;
+
  @TaskInput({
    title: "使用代理",
    value: false,
@@ -297,13 +328,14 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
      name: "a-input-number",
      vModel: "value",
    },
-    helper: "等待解析生效时长（秒）",
+    helper: "等待解析生效时长（秒），如果使用CNAME方式校验，本地验证失败，可以尝试延长此时间（比如5-10分钟）",
  })
  waitDnsDiffuseTime = 30;

  acme!: AcmeService;

  eab!: EabAccess;
+
  async onInit() {
    let eab: EabAccess = null;

@@ -320,7 +352,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        this.logger.info("当前正在使用 google EAB授权");
        eab = await this.getAccess(this.eabAccessId);
      } else if (this.googleCommonEabAccessId) {
-        this.logger.info("当前正在使用 google公共EAB授权");
+        this.logger.info("当前正在使用 google 公共EAB授权");
        eab = await this.getAccess(this.googleCommonEabAccessId, true);
      } else {
        throw new Error("google需要配置EAB授权或服务账号授权");
@@ -378,8 +410,10 @@ export class CertApplyPlugin extends CertApplyBasePlugin {

    let dnsProvider: IDnsProvider = null;
    let domainsVerifyPlan: DomainsVerifyPlan = null;
-    if (this.challengeType === "cname" || this.challengeType === "http") {
-      domainsVerifyPlan = await this.createDomainsVerifyPlan();
+    if (this.challengeType === "cname" || this.challengeType === "http" || this.challengeType === "dnses") {
+      domainsVerifyPlan = await this.createDomainsVerifyPlan(domains, this.domainsVerifyPlan);
+    } else if (this.challengeType === "auto") {
+      domainsVerifyPlan = await this.createDomainsVerifyPlanByAuto(domains);
    } else {
      const dnsProviderType = this.dnsProviderType;
      const access = await this.getAccess(this.dnsProviderAccess);
@@ -395,6 +429,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        csrInfo,
        isTest: false,
        privateKeyType: this.privateKeyType,
+        profile: this.certProfile,
      });

      const certInfo = this.formatCerts(cert);
@@ -414,73 +449,132 @@ export class CertApplyPlugin extends CertApplyBasePlugin {

  async createDnsProvider(dnsProviderType: string, dnsProviderAccess: any): Promise<IDnsProvider> {
    const domainParser = this.acme.options.domainParser;
-    const context: DnsProviderContext = { access: dnsProviderAccess, logger: this.logger, http: this.ctx.http, utils, domainParser };
+    const context: DnsProviderContext = {
+      access: dnsProviderAccess,
+      logger: this.logger,
+      http: this.ctx.http,
+      utils,
+      domainParser,
+    };
    return await createDnsProvider({
      dnsProviderType,
      context,
    });
  }

-  async createDomainsVerifyPlan(): Promise<DomainsVerifyPlan> {
+  async createDomainsVerifyPlan(domains: string[], verifyPlanSetting: DomainsVerifyPlanInput): Promise<DomainsVerifyPlan> {
    const plan: DomainsVerifyPlan = {};
-    for (const domain in this.domainsVerifyPlan) {
-      const domainVerifyPlan = this.domainsVerifyPlan[domain];
-      let dnsProvider = null;
-      const cnameVerifyPlan: Record<string, CnameVerifyPlan> = {};
-      const httpVerifyPlan: Record<string, HttpVerifyPlan> = {};
-      if (domainVerifyPlan.type === "dns") {
-        const access = await this.getAccess(domainVerifyPlan.dnsProviderAccessId);
-        dnsProvider = await this.createDnsProvider(domainVerifyPlan.dnsProviderType, access);
-      } else if (domainVerifyPlan.type === "cname") {
-        for (const key in domainVerifyPlan.cnameVerifyPlan) {
-          const cnameRecord = await this.ctx.cnameProxyService.getByDomain(key);
-          let dnsProvider = cnameRecord.commonDnsProvider;
-          if (cnameRecord.cnameProvider.id > 0) {
-            dnsProvider = await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.access);
-          }
-          cnameVerifyPlan[key] = {
-            type: "cname",
-            domain: cnameRecord.cnameProvider.domain,
-            fullRecord: cnameRecord.recordValue,
-            dnsProvider,
-          };
-        }
-      } else if (domainVerifyPlan.type === "http") {
-        const httpUploaderContext = {
-          accessService: this.ctx.accessService,
-          logger: this.logger,
-          utils,
-        };
-        for (const key in domainVerifyPlan.httpVerifyPlan) {
-          const httpRecord = domainVerifyPlan.httpVerifyPlan[key];
-          const access = await this.getAccess(httpRecord.httpUploaderAccess);
-          let rootDir = httpRecord.httpUploadRootDir;
-          if (!rootDir.endsWith("/") && !rootDir.endsWith("\\")) {
-            rootDir = rootDir + "/";
-          }
-          this.logger.info("上传方式", httpRecord.httpUploaderType);
-          const httpUploader = await ossClientFactory.createOssClientByType(httpRecord.httpUploaderType, {
-            access,
-            rootDir: rootDir,
-            ctx: httpUploaderContext,
-          });
-          httpVerifyPlan[key] = {
-            type: "http",
-            domain: key,
-            httpUploader,
-          };
-        }
+
+    const domainParser = this.acme.options.domainParser;
+    for (const fullDomain of domains) {
+      const domain = fullDomain.replaceAll("*.", "");
+      const mainDomain = await domainParser.parse(domain);
+      const planSetting: DomainVerifyPlanInput = verifyPlanSetting[mainDomain];
+      if (planSetting == null) {
+        throw new Error(`没有找到域名（${domain}）的校验计划`);
+      }
+      if (planSetting.type === "dns") {
+        plan[domain] = await this.createDnsDomainVerifyPlan(planSetting, domain, mainDomain);
+      } else if (planSetting.type === "cname") {
+        plan[domain] = await this.createCnameDomainVerifyPlan(domain, mainDomain);
+      } else if (planSetting.type === "http") {
+        plan[domain] = await this.createHttpDomainVerifyPlan(planSetting.httpVerifyPlan[domain], domain, mainDomain);
      }
-      plan[domain] = {
-        domain,
-        type: domainVerifyPlan.type,
-        dnsProvider,
-        cnameVerifyPlan,
-        httpVerifyPlan,
-      };
    }
    return plan;
  }
+
+  private async createDomainsVerifyPlanByAuto(domains: string[]) {
+    //从数据库里面自动选择校验方式
+    // domain list
+    const domainList = new Set<string>();
+    //整理域名
+    for (let domain of domains) {
+      domain = domain.replaceAll("*.", "");
+      domainList.add(domain);
+    }
+    const domainVerifierGetter: IDomainVerifierGetter = await this.ctx.serviceGetter.get("domainVerifierGetter");
+
+    const verifiers: DomainVerifiers = await domainVerifierGetter.getVerifiers([...domainList]);
+
+    const plan: DomainsVerifyPlan = {};
+
+    for (const domain in verifiers) {
+      const verifier = verifiers[domain];
+      if (verifier == null) {
+        throw new Error(`没有找到与该域名（${domain}）匹配的校验方式，请先到‘域名管理’页面添加校验方式`);
+      }
+      if (verifier.type === "dns") {
+        plan[domain] = await this.createDnsDomainVerifyPlan(verifier.dns, domain, verifier.mainDomain);
+      } else if (verifier.type === "cname") {
+        plan[domain] = await this.createCnameDomainVerifyPlan(domain, verifier.mainDomain);
+      } else if (verifier.type === "http") {
+        plan[domain] = await this.createHttpDomainVerifyPlan(verifier.http, domain, verifier.mainDomain);
+      }
+    }
+    return plan;
+  }
+
+  private async createDnsDomainVerifyPlan(planSetting: DnsVerifier, domain: string, mainDomain: string): Promise<DomainVerifyPlan> {
+    const access = await this.getAccess(planSetting.dnsProviderAccessId);
+    return {
+      type: "dns",
+      mainDomain,
+      domain,
+      dnsProvider: await this.createDnsProvider(planSetting.dnsProviderType, access),
+    };
+  }
+
+  private async createHttpDomainVerifyPlan(httpSetting: HttpVerifier, domain: string, mainDomain: string): Promise<DomainVerifyPlan> {
+    const httpUploaderContext = {
+      accessService: this.ctx.accessService,
+      logger: this.logger,
+      utils,
+    };
+
+    const access = await this.getAccess(httpSetting.httpUploaderAccess);
+    let rootDir = httpSetting.httpUploadRootDir;
+    if (!rootDir.endsWith("/") && !rootDir.endsWith("\\")) {
+      rootDir = rootDir + "/";
+    }
+    this.logger.info("上传方式", httpSetting.httpUploaderType);
+    const httpUploader = await ossClientFactory.createOssClientByType(httpSetting.httpUploaderType, {
+      access,
+      rootDir: rootDir,
+      ctx: httpUploaderContext,
+    });
+    return {
+      type: "http",
+      domain,
+      mainDomain,
+      httpVerifyPlan: {
+        type: "http",
+        domain,
+        httpUploader,
+      },
+    };
+  }
+
+  private async createCnameDomainVerifyPlan(domain: string, mainDomain: string): Promise<DomainVerifyPlan> {
+    const cnameRecord = await this.ctx.cnameProxyService.getByDomain(domain);
+    if (cnameRecord == null) {
+      throw new Error(`请先配置${domain}的CNAME记录，并通过校验`);
+    }
+    let dnsProvider = cnameRecord.commonDnsProvider;
+    if (cnameRecord.cnameProvider.id > 0) {
+      dnsProvider = await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.access);
+    }
+    return {
+      type: "cname",
+      domain,
+      mainDomain,
+      cnameVerifyPlan: {
+        domain: cnameRecord.cnameProvider.domain,
+        fullRecord: cnameRecord.recordValue,
+        dnsProvider,
+      },
+    };
+  }
 }

 new CertApplyPlugin();
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
@@ -80,17 +80,29 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
  legoEabAccessId!: number;

  @TaskInput({
-    title: "自定义LEGO参数",
+    title: "自定义LEGO全局参数",
    component: {
      name: "a-input",
      vModel: "value",
      placeholder: "--dns-timeout 30",
    },
-    helper: "额外的lego命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    helper: "额外的lego全局命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
    maybeNeed: true,
  })
  customArgs = "";

+  @TaskInput({
+    title: "自定义LEGO签名参数",
+    component: {
+      name: "a-input",
+      vModel: "value",
+      placeholder: "--no-bundle",
+    },
+    helper: "额外的lego签名命令行参数，参考文档：https://go-acme.github.io/lego/usage/cli/options/",
+    maybeNeed: true,
+  })
+  customCommandOptions = "";
+
  @TaskInput({
    title: "加密算法",
    value: "ec256",
@@ -112,9 +124,12 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
  })
  privateKeyType!: PrivateKeyType;

-
  eab?: EabAccess;

+  getCheckChangeInputKeys() {
+    return ["domains", "privateKeyType", "dnsType"];
+  }
+
  async onInstance() {
    this.accessService = this.ctx.accessService;
    this.logger = this.ctx.logger;
@@ -202,7 +217,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
    if (this.acmeServer) {
      serverArgs = ` --server ${this.acmeServer}`;
    }
-    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs}  ${this.customArgs || ""} run`];
+    const cmds = [`${legoPath} -a --email "${this.email}" --dns ${this.dnsType} ${keyType} ${domainArgs} ${serverArgs} ${eabArgs} ${savePathArgs} ${this.customArgs || ""} run ${this.customCommandOptions || ""}`];

    await this.ctx.utils.sp.spawn({
      cmd: cmds,
--- a/packages/plugins/plugin-cert/src/plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/index.ts
@@ -3,4 +3,4 @@ export { EVENT_CERT_APPLY_SUCCESS } from "./cert-plugin/base-convert.js";
 export * from "./cert-plugin/index.js";
 export * from "./cert-plugin/lego/index.js";
 export * from "./cert-plugin/custom/index.js";
-export const CertApplyPluginNames = ["CertApply", "CertApplyLego", "CertApplyUpload"];
+export const CertApplyPluginNames = [":cert:"];
--- a/packages/plugins/plugin-cert/test/cert-plugin.test.mjs
+++ b/packages/plugins/plugin-cert/test/cert-plugin.test.mjs
@@ -0,0 +1,27 @@
+import { expect } from "chai";
+import { CertApplyPlugin } from "../dist/index.js";
+import dayjs from "dayjs";
+import { logger } from "@certd/basic";
+
+describe("test/cert-plugin.ts", () => {
+  const certApplyPlugin = new CertApplyPlugin();
+  certApplyPlugin.logger = logger;
+  it("should throw error when expires is null or undefined", () => {
+    expect(() => {
+      // @ts-ignore
+      certApplyPlugin.isWillExpire(undefined);
+    }).throw("过期时间不能为空");
+
+    expect(() => {
+      // @ts-ignore
+      certApplyPlugin.isWillExpire(null);
+    }).throw("过期时间不能为空");
+  });
+
+  it("isWillExpire", () => {
+    const now = dayjs().add(36, "day") - 10000;
+    const res = certApplyPlugin.isWillExpire(now.valueOf(), 35);
+    console.log(res);
+    expect(res.isWillExpire).eq(true);
+  });
+});
--- a/packages/plugins/plugin-lib/CHANGELOG.md
+++ b/packages/plugins/plugin-lib/CHANGELOG.md
@@ -3,6 +3,177 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.36.18](https://github.com/certd/certd/compare/v1.36.17...v1.36.18) (2025-08-28)
+
+### Performance Improvements
+
+* 腾讯云插件支持国际版 ([58e82d5](https://github.com/certd/certd/commit/58e82d5dbd4ebf089ef239578ef9b68454d17b30))
+* 支持部署到阿里云云原生API网关、AI网关 ([2ca20be](https://github.com/certd/certd/commit/2ca20be197720201fceabcce9d927f4dbc1cc872))
+* ssh 配置sudo免密提示 ([e1e7011](https://github.com/certd/certd/commit/e1e7011853ad0c5bd7b09c3690861d5aa34b2db4))
+
+## [1.36.17](https://github.com/certd/certd/compare/v1.36.16...v1.36.17) (2025-08-17)
+
+### Performance Improvements
+
+* 腾讯云关闭证书通知增加开关选项，在腾讯云授权里面 ([a77c777](https://github.com/certd/certd/commit/a77c777980dd38d97d983124eeed1596879bba95))
+
+## [1.36.16](https://github.com/certd/certd/compare/v1.36.15...v1.36.16) (2025-08-16)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.15](https://github.com/certd/certd/compare/v1.36.14...v1.36.15) (2025-08-07)
+
+### Performance Improvements
+
+* 支持webhook部署证书 ([cbe0b1c](https://github.com/certd/certd/commit/cbe0b1c5a6538f232e9a63f1693d20d5acf0a306))
+
+## [1.36.14](https://github.com/certd/certd/compare/v1.36.13...v1.36.14) (2025-07-28)
+
+### Performance Improvements
+
+* 1panel支持 currenNode ([acc8907](https://github.com/certd/certd/commit/acc890730f43d492c9b1bd3668814cf10efdf7b8))
+
+## [1.36.13](https://github.com/certd/certd/compare/v1.36.12...v1.36.13) (2025-07-23)
+
+### Bug Fixes
+
+* 修复阿里云发送短信验证码失败的bug ([2e6d03f](https://github.com/certd/certd/commit/2e6d03ff001f521f57368e7a62b97ed7b122e8d0))
+
+## [1.36.12](https://github.com/certd/certd/compare/v1.36.11...v1.36.12) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.11](https://github.com/certd/certd/compare/v1.36.10...v1.36.11) (2025-07-22)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.10](https://github.com/certd/certd/compare/v1.36.9...v1.36.10) (2025-07-18)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.9](https://github.com/certd/certd/compare/v1.36.7...v1.36.9) (2025-07-15)
+
+### Bug Fixes
+
+* 修复ssh无法执行命令的bug ([9763cb0](https://github.com/certd/certd/commit/9763cb00e5d95b2fa5d1c2d3d4a8eecac71600e6))
+
+## [1.36.7](https://github.com/certd/certd/compare/v1.36.6...v1.36.7) (2025-07-15)
+
+### Bug Fixes
+
+* 修复流水线页面状态没有刷新的bug ([93e9498](https://github.com/certd/certd/commit/93e9498b410353f504e11e264db62468895d7290))
+
+## [1.36.6](https://github.com/certd/certd/compare/v1.36.5...v1.36.6) (2025-07-14)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.5](https://github.com/certd/certd/compare/v1.36.4...v1.36.5) (2025-07-11)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.4](https://github.com/certd/certd/compare/v1.36.3...v1.36.4) (2025-07-10)
+
+### Bug Fixes
+
+* 执行windows nginx命令时，改为return code判断是否执行成功 ([b37cffd](https://github.com/certd/certd/commit/b37cffd704cd08b8bdd68a6e284706eabe59e78d))
+
+### Performance Improvements
+
+* 支持部署到阿里云vod ([98da4e1](https://github.com/certd/certd/commit/98da4e1791ed8bb21daf2a9914fda875d14633c9))
+
+## [1.36.3](https://github.com/certd/certd/compare/v1.36.2...v1.36.3) (2025-07-07)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.2](https://github.com/certd/certd/compare/v1.36.1...v1.36.2) (2025-07-06)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.36.1](https://github.com/certd/certd/compare/v1.36.0...v1.36.1) (2025-07-02)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+# [1.36.0](https://github.com/certd/certd/compare/v1.35.5...v1.36.0) (2025-07-01)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.35.5](https://github.com/certd/certd/compare/v1.35.4...v1.35.5) (2025-06-20)
+
+### Bug Fixes
+
+* 腾讯云授权支持设置是否国际站，部署到EO插件支持国际站 ([5cd3968](https://github.com/certd/certd/commit/5cd3968929acef333cf30d3b20cf21cea6c82c5f))
+
+## [1.35.4](https://github.com/certd/certd/compare/v1.35.3...v1.35.4) (2025-06-13)
+
+### Performance Improvements
+
+* 支持s3 access做测试 ([f00aeac](https://github.com/certd/certd/commit/f00aeacb8b5c81f0bafa4c1b76723dec2b6b7784))
+
+## [1.35.3](https://github.com/certd/certd/compare/v1.35.2...v1.35.3) (2025-06-12)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.35.2](https://github.com/certd/certd/compare/v1.35.1...v1.35.2) (2025-06-09)
+
+### Bug Fixes
+
+* 修复阿里云新加坡clb无法部署证书的bug ([3e84e11](https://github.com/certd/certd/commit/3e84e116e863b54c6b4d7db160af372dacc5857f))
+
+### Performance Improvements
+
+* 优化阿里云nlb支持部署扩展证书 ([9cbdfda](https://github.com/certd/certd/commit/9cbdfda829b231733d54c66c5024d46e6fc11af3))
+
+## [1.35.1](https://github.com/certd/certd/compare/v1.35.0...v1.35.1) (2025-06-07)
+
+### Performance Improvements
+
+* aliyun alb支持部署扩展证书 ([2a19b61](https://github.com/certd/certd/commit/2a19b61b7a78620c06396c2cc37cc77d738b6d12))
+
+# [1.35.0](https://github.com/certd/certd/compare/v1.34.11...v1.35.0) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.11](https://github.com/certd/certd/compare/v1.34.10...v1.34.11) (2025-06-05)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.10](https://github.com/certd/certd/compare/v1.34.9...v1.34.10) (2025-06-03)
+
+### Performance Improvements
+
+* 支持部署到飞牛OS ([ddfd0fb](https://github.com/certd/certd/commit/ddfd0fb81d6638352920261065f1ab8e27bdd564))
+
+## [1.34.9](https://github.com/certd/certd/compare/v1.34.8...v1.34.9) (2025-05-30)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.8](https://github.com/certd/certd/compare/v1.34.7...v1.34.8) (2025-05-28)
+
+### Bug Fixes
+
+* 修复阿里云 esa 证书获取站点列表错误的问题 ([0c2ea5d](https://github.com/certd/certd/commit/0c2ea5da4c836f8a0df132a3f22d399bd9ee1de9))
+
+### Performance Improvements
+
+* 关闭腾讯云证书通知提醒 ([231a875](https://github.com/certd/certd/commit/231a875bb481420c39bf76ec9ff4e50954ab9fe4))
+* 优化站点选择组件，切换选择时不刷新列表 ([3a14714](https://github.com/certd/certd/commit/3a147141b1a5d67c92a5ce88a5313eaa62859e03))
+
+## [1.34.7](https://github.com/certd/certd/compare/v1.34.6...v1.34.7) (2025-05-26)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.34.6](https://github.com/certd/certd/compare/v1.34.5...v1.34.6) (2025-05-25)
+
+### Performance Improvements
+
+* 添加阿里云 ESA证书部署插件 ([1db1ffd](https://github.com/certd/certd/commit/1db1ffde99ac7e4684fa606ebc4c327f829b3a26))
+
+## [1.34.5](https://github.com/certd/certd/compare/v1.34.4...v1.34.5) (2025-05-19)
+
+### Performance Improvements
+
+* aaWaf、cdnfly站点选择支持查询 ([8af3463](https://github.com/certd/certd/commit/8af3463668a40b9b99febb02e3b4e0d9d8d719b4))
+
 ## [1.34.4](https://github.com/certd/certd/compare/v1.34.3...v1.34.4) (2025-05-16)

 **Note:** Version bump only for package @certd/plugin-lib
--- a/packages/plugins/plugin-lib/package.json
+++ b/packages/plugins/plugin-lib/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.34.4",
+  "version": "1.36.18",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -16,10 +16,13 @@
    "pub": "npm publish"
  },
  "dependencies": {
+    "@alicloud/openapi-client": "^0.4.14",
+    "@alicloud/openapi-util": "^0.3.2",
    "@alicloud/pop-core": "^1.7.10",
+    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.34.4",
-    "@certd/pipeline": "^1.34.4",
+    "@certd/basic": "^1.36.18",
+    "@certd/pipeline": "^1.36.18",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -50,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "0b152a3cb8ef13113f9612c1bf555755e6f5b209"
+  "gitHead": "831c325c6383ba0a6f2dfa7496451ec714784e93"
 }
--- a/packages/plugins/plugin-lib/src/aliyun/access/aliyun-access.ts
+++ b/packages/plugins/plugin-lib/src/aliyun/access/aliyun-access.ts
@@ -1,4 +1,93 @@
-import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
+import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
+import { ILogger } from "@certd/basic";
+export type AliyunClientV2Req = {
+  action: string;
+  version: string;
+  protocol?: "HTTPS";
+  // 接口 HTTP 方法
+  method?: "GET" | "POST";
+  authType?: "AK";
+  style?: "RPC" | "ROA";
+  // 接口 PATH
+  pathname?: string;
+
+  data?: any;
+};
+export class AliyunClientV2 {
+  access: AliyunAccess;
+  logger: ILogger;
+  endpoint: string;
+
+  client: any;
+  constructor(opts: { access: AliyunAccess; logger: ILogger; endpoint: string }) {
+    this.access = opts.access;
+    this.logger = opts.logger;
+    this.endpoint = opts.endpoint;
+  }
+
+  async getClient() {
+    if (this.client) {
+      return this.client;
+    }
+    const $OpenApi = await import("@alicloud/openapi-client");
+    // const Credential = await import("@alicloud/credentials");
+    // //@ts-ignore
+    // const credential = new Credential.default.default({
+    //
+    //   type: "access_key",
+    // });
+    const config = new $OpenApi.Config({
+      accessKeyId: this.access.accessKeyId,
+      accessKeySecret: this.access.accessKeySecret,
+    });
+    // Endpoint 请参考 https://api.aliyun.com/product/FC
+    // config.endpoint = `esa.${this.regionId}.aliyuncs.com`;
+    config.endpoint = this.endpoint;
+    //@ts-ignore
+    this.client = new $OpenApi.default.default(config);
+    return this.client;
+  }
+
+  async doRequest(req: AliyunClientV2Req) {
+    const client = await this.getClient();
+
+    const $OpenApi = await import("@alicloud/openapi-client");
+    const $Util = await import("@alicloud/tea-util");
+    const OpenApiUtil = await import("@alicloud/openapi-util");
+    const params = new $OpenApi.Params({
+      // 接口名称
+      action: req.action,
+      // 接口版本
+      version: req.version,
+      // 接口协议
+      protocol: "HTTPS",
+      // 接口 HTTP 方法
+      method: req.method ?? "POST",
+      authType: req.authType ?? "AK",
+      style: req.style ?? "RPC",
+      // 接口 PATH
+      pathname: req.pathname ?? `/`,
+      // 接口请求体内容格式
+      reqBodyType: "json",
+      // 接口响应体内容格式
+      bodyType: "json",
+    });
+
+    if (req.data?.query) {
+      //@ts-ignore
+      req.data.query = OpenApiUtil.default.default.query(req.data.query);
+    }
+    const runtime = new $Util.RuntimeOptions({});
+    const request = new $OpenApi.OpenApiRequest(req.data);
+    // 复制代码运行请自行打印 API 的返回值
+    // 返回值实际为 Map 类型，可从 Map 中获得三类数据：响应体 body、响应头 headers、HTTP 返回的状态码 statusCode。
+    const res = await client.callApi(params, request, runtime);
+    /**
+     * res?.body?.
+     */
+    return res?.body;
+  }
+}

@IsAccess({
  name: "aliyun",
@@ -27,6 +116,14 @@ export class AliyunAccess extends BaseAccess {
    helper: "注意：证书申请需要dns解析权限；其他阿里云插件，需要对应的权限，比如证书上传需要证书管理权限；嫌麻烦就用主账号的全量权限的accessKey",
  })
  accessKeySecret = "";
+
+  getClient(endpoint: string) {
+    return new AliyunClientV2({
+      access: this,
+      logger: this.ctx.logger,
+      endpoint: endpoint,
+    });
+  }
 }

 new AliyunAccess();
--- a/packages/plugins/plugin-lib/src/aliyun/lib/base-client.ts
+++ b/packages/plugins/plugin-lib/src/aliyun/lib/base-client.ts
@@ -35,7 +35,7 @@ export class AliyunClient {
  }

  checkRet(ret: any) {
-    if (ret.Code != null) {
+    if (ret.Code != null && ret.Code !== "OK" && ret.Message !== "OK") {
      throw new Error("执行失败：" + ret.Message);
    }
  }
--- a/packages/plugins/plugin-lib/src/aliyun/lib/ssl-client.ts
+++ b/packages/plugins/plugin-lib/src/aliyun/lib/ssl-client.ts
@@ -9,7 +9,8 @@ export type AliyunCertInfo = {
 export type AliyunSslClientOpts = {
  access: AliyunAccess;
  logger: ILogger;
-  endpoint: string;
+  endpoint?: string;
+  region?: string;
 };

 export type AliyunSslGetResourceListReq = {
@@ -29,12 +30,14 @@ export type AliyunSslUploadCertReq = {
  cert: AliyunCertInfo;
 };

-export type CasCertInfo = { certId: number; certName: string; certIdentifier: string };
+export type CasCertInfo = { certId: number; certName: string; certIdentifier: string; notAfter: number; casRegion: string };

 export class AliyunSslClient {
  opts: AliyunSslClientOpts;
+  logger: ILogger;
  constructor(opts: AliyunSslClientOpts) {
    this.opts = opts;
+    this.logger = opts.logger;
  }

  checkRet(ret: any) {
@@ -46,10 +49,19 @@ export class AliyunSslClient {
  async getClient() {
    const access = this.opts.access;
    const client = new AliyunClient({ logger: this.opts.logger });
+
+    let endpoint = this.opts.endpoint || "cas.aliyuncs.com";
+    if (this.opts.endpoint == null && this.opts.region) {
+      if (this.opts.region === "cn-hangzhou") {
+        endpoint = "cas.aliyuncs.com";
+      } else {
+        endpoint = `cas.${this.opts.region}.aliyuncs.com`;
+      }
+    }
    await client.init({
      accessKeyId: access.accessKeyId,
      accessKeySecret: access.accessKeySecret,
-      endpoint: `https://${this.opts.endpoint || "cas.aliyuncs.com"}`,
+      endpoint: `https://${endpoint}`,
      apiVersion: "2020-04-07",
    });
    return client;
@@ -68,6 +80,8 @@ export class AliyunSslClient {
      certId: certId,
      certName: res.Name,
      certIdentifier: res.CertIdentifier,
+      notAfter: res.NotAfter,
+      casRegion: this.getCasRegionFromEndpoint(this.opts.endpoint),
    };
  }

@@ -83,7 +97,7 @@ export class AliyunSslClient {
      method: "POST",
    };

-    this.opts.logger.info("开始上传证书");
+    this.opts.logger.info(`开始上传证书：${req.name}`);
    const ret: any = await client.request("UploadUserCertificate", params, requestOption);
    this.checkRet(ret);
    this.opts.logger.info("证书上传成功：aliyunCertId=", ret.CertId);
@@ -148,4 +162,24 @@ export class AliyunSslClient {
    this.checkRet(res);
    return res;
  }
+
+  async deleteCert(certId: any) {
+    await this.doRequest("DeleteUserCertificate", { CertId: certId }, { method: "POST" });
+  }
+
+  getCasRegionFromEndpoint(endpoint: string) {
+    if (!endpoint) {
+      return "cn-hangzhou";
+    }
+    /**
+     * {value: 'cas.aliyuncs.com', label: '中国大陆'},
+     *         {value: 'cas.ap-southeast-1.aliyuncs.com', label: '新加坡'},
+     *         {value: 'cas.eu-central-1.aliyuncs.com', label: '德国（法兰克福）'},
+     */
+    const region = endpoint.replace(".aliyuncs.com", "").replace("cas.", "");
+    if (region === "cas") {
+      return "cn-hangzhou";
+    }
+    return region;
+  }
 }
--- a/packages/plugins/plugin-lib/src/common/util.ts
+++ b/packages/plugins/plugin-lib/src/common/util.ts
@@ -17,6 +17,7 @@ export function createCertDomainGetterInputDefine(opts?: { certInputKey?: string
          }
        }
        `,
+      template: false,
      required: true,
    },
    opts?.props
@@ -38,6 +39,10 @@ export function createRemoteSelectInputDefine(opts?: {
  required?: boolean;
  rules?: any;
  mergeScript?: string;
+  search?: boolean;
+  pager?: boolean;
+  component?: any;
+  value?: any;
 }) {
  const title = opts?.title || "请选择";
  const certDomainsInputKey = opts?.certDomainsInputKey || "certDomains";
@@ -47,6 +52,8 @@ export function createRemoteSelectInputDefine(opts?: {
  const type = opts?.type || "plugin";
  const watches = opts?.watches || [];
  const helper = opts?.helper || "请选择";
+  const search = opts?.search ?? false;
+  const pager = opts?.pager ?? false;
  let mode = "tags";
  if (opts.multi === false) {
    mode = undefined;
@@ -63,8 +70,12 @@ export function createRemoteSelectInputDefine(opts?: {
      type,
      typeName,
      action,
+      search,
+      pager,
      watches: [certDomainsInputKey, accessIdInputKey, ...watches],
+      ...opts.component,
    },
+    value: opts.value,
    rules: opts?.rules,
    required: opts.required ?? true,
    mergeScript:
--- a/packages/plugins/plugin-lib/src/ctyun/access/ctyun-access.ts
+++ b/packages/plugins/plugin-lib/src/ctyun/access/ctyun-access.ts
@@ -5,6 +5,7 @@ import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
  title: "天翼云授权",
  desc: "",
  icon: "ant-design:aliyun-outlined",
+  order: 2,
 })
 export class CtyunAccess extends BaseAccess {
  @AccessInput({
--- a/packages/plugins/plugin-lib/src/oss/impls/s3.ts
+++ b/packages/plugins/plugin-lib/src/oss/impls/s3.ts
@@ -54,6 +54,9 @@ export default class S3OssClientImpl extends BaseOssClient<S3Access> {
      Prefix: dirKey, // The name of the object. For example, 'sample_upload.txt'.
    };
    const res = await this.client.send(new ListObjectsCommand({ ...params }));
+    if (!res.Contents) {
+      return [];
+    }
    return res.Contents.map(item => {
      return {
        path: item.Key,
--- a/packages/plugins/plugin-lib/src/oss/impls/ssh.ts
+++ b/packages/plugins/plugin-lib/src/oss/impls/ssh.ts
@@ -16,6 +16,10 @@ export default class SshOssClientImpl extends BaseOssClient<SshAccess> {
    throw new Error("Method not implemented.");
  }
  async upload(filePath: string, fileContent: Buffer) {
+    if (!filePath) {
+      filePath = "";
+    }
+    filePath = filePath.trim();
    const tmpFilePath = path.join(os.tmpdir(), "cert", "http", filePath);

    // Write file to temp path
--- a/packages/plugins/plugin-lib/src/qiniu/access.ts
+++ b/packages/plugins/plugin-lib/src/qiniu/access.ts
@@ -6,6 +6,7 @@ import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
  desc: "",
  icon: "svg:icon-qiniuyun",
  input: {},
+  order: 2,
 })
 export class QiniuAccess extends BaseAccess {
  @AccessInput({
--- a/packages/plugins/plugin-lib/src/s3/access.ts
+++ b/packages/plugins/plugin-lib/src/s3/access.ts
@@ -1,4 +1,6 @@
 import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
+import { ossClientFactory } from "../oss/index.js";
+import S3OssClientImpl from "../oss/impls/s3.js";

 /**
 * 这个注解将注册一个授权配置
@@ -82,6 +84,32 @@ export class S3Access extends BaseAccess {
    required: true,
  })
  bucket!: string;
+
+  @AccessInput({
+    title: "测试",
+    component: {
+      name: "api-test",
+      action: "TestRequest",
+    },
+    helper: "点击测试接口是否正常",
+  })
+  testRequest = true;
+
+  async onTestRequest() {
+    const client: S3OssClientImpl = await ossClientFactory.createOssClientByType("s3", {
+      access: this,
+      rootDir: "",
+      ctx: {
+        accessService: this.ctx.accessService,
+        logger: this.ctx.logger,
+        utils: this.ctx.utils,
+      },
+    });
+
+    await client.listDir("/");
+
+    return "ok";
+  }
 }

 new S3Access();
--- a/packages/plugins/plugin-lib/src/ssh/ssh-access.ts
+++ b/packages/plugins/plugin-lib/src/ssh/ssh-access.ts
@@ -5,6 +5,7 @@ import { AccessInput, BaseAccess, IsAccess } from "@certd/pipeline";
  desc: "",
  icon: "clarity:host-line",
  input: {},
+  order: 0,
 })
 export class SshAccess extends BaseAccess {
  @AccessInput({
@@ -45,8 +46,8 @@ export class SshAccess extends BaseAccess {
    title: "私钥登录",
    helper: "私钥或密码必填一项",
    component: {
-      name: "a-textarea",
-      vModel: "value",
+      name: "pem-input",
+      vModel: "modelValue",
    },
    encrypt: true,
  })
--- a/packages/plugins/plugin-lib/src/ssh/ssh.ts
+++ b/packages/plugins/plugin-lib/src/ssh/ssh.ts
@@ -165,10 +165,16 @@ export class AsyncSsh2Client {
    });
  }

+  /**
+   *
+   * @param script
+   * @param opts {withStdErr 返回{stdOut,stdErr}}
+   */
  async exec(
    script: string,
    opts: {
      throwOnStdErr?: boolean;
+      withStdErr?: boolean;
      env?: any;
    } = {}
  ): Promise<string> {
@@ -193,19 +199,37 @@ export class AsyncSsh2Client {
          return;
        }
        let data = "";
+        let stdErr = "";
        let hasErrorLog = false;
        stream
          .on("close", (code: any, signal: any) => {
            this.logger.info(`[${this.connConf.host}][close]:code:${code}`);
-            if (opts.throwOnStdErr == null && this.windows) {
-              opts.throwOnStdErr = true;
-            }
+            /**
+             * ]pipeline 执行命令:[10.123.0.2][exec]:cd /d D:\nginx-1.27.5 && D:\nginx-1.27.5\nginx.exe -t && D:\nginx-1.27.5\nginx.exe -s reload
+             * [2025-07-09T10:24:11.219] [ERROR]pipeline - [10. 123.0. 2][error]: nginx: the configuration file D: \nginx-1.27. 5/conf/nginx. conf syntax is ok
+             * [2025-07-09T10:24:11.231] [ERROR][10. 123. 0. 2] [error]: nginx: configuration file D: \nginx-1.27.5/conf/nginx.conf test is successful
+             * pipeline-
+             * [2025-07-09T10:24:11.473] [INFO]pipeline -[10.123.0.2][close]:code:0
+             * [2025-07-09T10:24:11.473][ERRoR] pipeline- [step][主机一执行远程主机脚本命令]<id:53hyarN3yvmbijNuMiNAt>: [Eror: nginx: the configuration fileD:\nginx-1.27.5/conf/nginx.conf syntax is ok
+              //需要忽略windows的错误
+             */
+            // if (opts.throwOnStdErr == null && this.windows) {
+            //   opts.throwOnStdErr = true;
+            // }
            if (opts.throwOnStdErr && hasErrorLog) {
              reject(new Error(data));
            }

            if (code === 0) {
-              resolve(data);
+              if (opts.withStdErr === true) {
+                //@ts-ignore
+                resolve({
+                  stdErr,
+                  stdOut: data,
+                });
+              } else {
+                resolve(data);
+              }
            } else {
              reject(new Error(data));
            }
@@ -221,8 +245,11 @@ export class AsyncSsh2Client {
          })
          .stderr.on("data", (ret: Buffer) => {
            const err = this.convert(iconv, ret);
-            data += err;
+            stdErr += err;
            hasErrorLog = true;
+            if (err.includes("sudo: a password is required")) {
+              this.logger.warn("请配置sudo免密，否则命令无法执行");
+            }
            this.logger.error(`[${this.connConf.host}][error]: ` + err.trimEnd());
          });
      });
@@ -323,9 +350,6 @@ export class AsyncSsh2Client {

 export class SshClient {
  logger: ILogger;
-  constructor(logger: ILogger) {
-    this.logger = logger;
-  }
  /**
   *
   * @param connectConf
@@ -382,6 +406,9 @@ export class SshClient {
      },
    });
  }
+  constructor(logger: ILogger) {
+    this.logger = logger;
+  }

  async scpUpload(options: { conn: any; localPath: string; remotePath: string; opts?: { mode?: string } }) {
    const { conn, localPath, remotePath } = options;
@@ -467,9 +494,9 @@ export class SshClient {
   * Set-ItemProperty -Path "HKLM:\SOFTWARE\OpenSSH" -Name DefaultShell -Value "C:\Windows\System32\cmd.exe"
   * @param options
   */
-  async exec(options: { connectConf: SshAccess; script: string | Array<string>; env?: any }): Promise<string> {
+  async exec(options: { connectConf: SshAccess; script: string | Array<string>; env?: any; throwOnStdErr?: boolean; stopOnError?: boolean }): Promise<string> {
    let { script } = options;
-    const { connectConf } = options;
+    const { connectConf, throwOnStdErr } = options;

    // this.logger.info('命令：', script);
    return await this._call({
@@ -497,10 +524,10 @@ export class SshClient {
        }

        if (isWinCmd) {
-          //组合成&&的形式
          if (typeof script === "string") {
            script = script.split("\n");
          }
+          //组合成&&的形式
          script = envScripts.concat(script);
          script = script as Array<string>;
          script = script.join(" && ");
@@ -514,7 +541,12 @@ export class SshClient {
            script = envScripts.join(newLine) + newLine + script;
          }
        }
-        return await conn.exec(script as string, {});
+
+        if (isLinux && options.stopOnError !== false) {
+          script = "set -e\n" + script;
+        }
+
+        return await conn.exec(script as string, { throwOnStdErr });
      },
    });
  }
--- a/packages/plugins/plugin-lib/src/tencent/access.ts
+++ b/packages/plugins/plugin-lib/src/tencent/access.ts
@@ -4,12 +4,12 @@ import { IsAccess, AccessInput, BaseAccess } from "@certd/pipeline";
  name: "tencent",
  title: "腾讯云",
  icon: "svg:icon-tencentcloud",
+  order: 0,
 })
 export class TencentAccess extends BaseAccess {
  @AccessInput({
    title: "secretId",
-    helper:
-      "使用对应的插件需要有对应的权限，比如上传证书，需要证书管理权限;部署到clb需要clb相关权限\n前往[密钥管理](https://console.cloud.tencent.com/cam/capi)进行创建",
+    helper: "使用对应的插件需要有对应的权限，比如上传证书，需要证书管理权限;部署到clb需要clb相关权限\n前往[密钥管理](https://console.cloud.tencent.com/cam/capi)进行创建",
    component: {
      placeholder: "secretId",
    },
@@ -25,4 +25,43 @@ export class TencentAccess extends BaseAccess {
    rules: [{ required: true, message: "该项必填" }],
  })
  secretKey = "";
+
+  @AccessInput({
+    title: "站点类型",
+    value: "cn",
+    component: {
+      name: "a-select",
+      options: [
+        {
+          label: "国内站",
+          value: "cn",
+        },
+        {
+          label: "国际站",
+          value: "intl",
+        },
+      ],
+    },
+    encrypt: false,
+    rules: [{ required: true, message: "该项必填" }],
+  })
+  accountType: string;
+
+  @AccessInput({
+    title: "关闭证书过期通知",
+    value: true,
+    component: {
+      name: "a-switch",
+      vModel: "checked",
+    },
+  })
+  closeExpiresNotify: boolean = true;
+
+  isIntl() {
+    return this.accountType === "intl";
+  }
+
+  intlDomain() {
+    return this.isIntl() ? "intl." : "";
+  }
 }
--- a/packages/plugins/plugin-lib/src/tencent/lib/cos-client.js
+++ b/packages/plugins/plugin-lib/src/tencent/lib/cos-client.js
@@ -0,0 +1,183 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __generator = (this && this.__generator) || function (thisArg, body) {
+    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === "function" ? Iterator : Object).prototype);
+    return g.next = verb(0), g["throw"] = verb(1), g["return"] = verb(2), typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
+    function verb(n) { return function (v) { return step([n, v]); }; }
+    function step(op) {
+        if (f) throw new TypeError("Generator is already executing.");
+        while (g && (g = 0, op[0] && (_ = 0)), _) try {
+            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
+            if (y = 0, t) op = [op[0] & 2, t.value];
+            switch (op[0]) {
+                case 0: case 1: t = op; break;
+                case 4: _.label++; return { value: op[1], done: false };
+                case 5: _.label++; y = op[1]; op = [0]; continue;
+                case 7: op = _.ops.pop(); _.trys.pop(); continue;
+                default:
+                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
+                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
+                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
+                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
+                    if (t[2]) _.ops.pop();
+                    _.trys.pop(); continue;
+            }
+            op = body.call(thisArg, _);
+        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
+        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
+    }
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TencentCosClient = void 0;
+var basic_1 = require("@certd/basic");
+var fs_1 = require("fs");
+var TencentCosClient = /** @class */ (function () {
+    function TencentCosClient(opts) {
+        this.access = opts.access;
+        this.logger = opts.logger;
+        this.bucket = opts.bucket;
+        this.region = opts.region;
+    }
+    TencentCosClient.prototype.getCosClient = function () {
+        return __awaiter(this, void 0, void 0, function () {
+            var sdk, clientConfig;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, Promise.resolve().then(function () { return require("cos-nodejs-sdk-v5"); })];
+                    case 1:
+                        sdk = _a.sent();
+                        clientConfig = {
+                            SecretId: this.access.secretId,
+                            SecretKey: this.access.secretKey,
+                        };
+                        return [2 /*return*/, new sdk.default(clientConfig)];
+                }
+            });
+        });
+    };
+    TencentCosClient.prototype.uploadFile = function (key, file) {
+        return __awaiter(this, void 0, void 0, function () {
+            var cos;
+            var _this = this;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getCosClient()];
+                    case 1:
+                        cos = _a.sent();
+                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
+                                var readableStream = file;
+                                if (typeof file === "string") {
+                                    readableStream = fs_1.default.createReadStream(file);
+                                }
+                                cos.putObject({
+                                    Bucket: _this.bucket /* 必须 */,
+                                    Region: _this.region /* 必须 */,
+                                    Key: key /* 必须 */,
+                                    Body: readableStream, // 上传文件对象
+                                    onProgress: function (progressData) {
+                                        console.log(JSON.stringify(progressData));
+                                    },
+                                }, function (err, data) {
+                                    if (err) {
+                                        reject(err);
+                                        return;
+                                    }
+                                    resolve(data);
+                                });
+                            })];
+                }
+            });
+        });
+    };
+    TencentCosClient.prototype.removeFile = function (key) {
+        return __awaiter(this, void 0, void 0, function () {
+            var cos;
+            var _this = this;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getCosClient()];
+                    case 1:
+                        cos = _a.sent();
+                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
+                                cos.deleteObject({
+                                    Bucket: _this.bucket,
+                                    Region: _this.region,
+                                    Key: key,
+                                }, function (err, data) {
+                                    if (err) {
+                                        reject(err);
+                                        return;
+                                    }
+                                    resolve(data);
+                                });
+                            })];
+                }
+            });
+        });
+    };
+    TencentCosClient.prototype.downloadFile = function (key, savePath) {
+        return __awaiter(this, void 0, void 0, function () {
+            var cos, writeStream;
+            var _this = this;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getCosClient()];
+                    case 1:
+                        cos = _a.sent();
+                        writeStream = fs_1.default.createWriteStream(savePath);
+                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
+                                cos.getObject({
+                                    Bucket: _this.bucket,
+                                    Region: _this.region,
+                                    Key: key,
+                                    Output: writeStream,
+                                }, function (err, data) {
+                                    if (err) {
+                                        reject(err);
+                                        return;
+                                    }
+                                    resolve(data);
+                                });
+                            })];
+                }
+            });
+        });
+    };
+    TencentCosClient.prototype.listDir = function (dirKey) {
+        return __awaiter(this, void 0, void 0, function () {
+            var cos;
+            var _this = this;
+            return __generator(this, function (_a) {
+                switch (_a.label) {
+                    case 0: return [4 /*yield*/, this.getCosClient()];
+                    case 1:
+                        cos = _a.sent();
+                        return [2 /*return*/, (0, basic_1.safePromise)(function (resolve, reject) {
+                                cos.getBucket({
+                                    Bucket: _this.bucket,
+                                    Region: _this.region,
+                                    Prefix: dirKey,
+                                    MaxKeys: 1000,
+                                }, function (err, data) {
+                                    if (err) {
+                                        reject(err);
+                                        return;
+                                    }
+                                    resolve(data.Contents);
+                                });
+                            })];
+                }
+            });
+        });
+    };
+    return TencentCosClient;
+}());
+exports.TencentCosClient = TencentCosClient;
--- a/Show More
+++ b/Show More
@@ -1 +1 @@
 :14
 :58
@@ -1 +1 @@
 :58
 :39