chore: oidc first

docs: openapi
perf: ssh支持ppk格式私钥
2026-04-25 13:17:25 +08:00 · 2025-11-26 07:34:42 +08:00 · 2025-11-25 09:12:35 +08:00 · 2025-11-25 00:48:21 +08:00 · 2025-11-24 23:43:14 +08:00 · 2025-11-24 23:33:25 +08:00
87 changed files with 2896 additions and 2018 deletions
@@ -4,5 +4,9 @@
    "typescript.tsc.autoDetect": "watch",
    "git.scanRepositories": [
        "./packages/pro"
-    ]
+    ],
+    "editor.defaultFormatter": "dbaeumer.vscode-eslint",
+    "[typescript]": {
+        "editor.defaultFormatter": "vscode.typescript-language-features"
+    }
 }
@@ -3,6 +3,46 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 ### Bug Fixes
@@ -16,6 +16,13 @@ Certd® 是一个免费的全自动证书管理系统，让你的网站证书永

 > 流水线数量现已调整为无限制，欢迎大家使用

+
+**************************************************************************************************
+                   🔥🔥🔥永久专业版上线，双11活动火热进行中🔥🔥🔥
+       赶快升级到最新版点击右上角金色VIP按钮，点击立即赞助，看看你的优惠券金额是多少？
+**************************************************************************************************
+
+
 ## 一、特性
 本项目不仅支持证书申请过程自动化，还可以自动化部署更新证书，让你的证书永不过期。     

@@ -152,13 +159,15 @@ https://certd.handfree.work/

 ## 八、捐赠
 ************************
-支持开源，为爱发电，我已入驻爱发电
-https://afdian.com/a/greper
+开源为什么要做专业版收费？
+1. 纯靠为爱发电不可持续（比如：我的dev-sidecar项目即便是拥有20K+star,也差点凉凉，幸亏有另外大佬接手用爱发电）    
+2. 没有赞助的项目，作者会比较任性，不会用心倾听用户的心声，不顾用户体验（比如：下意识拒绝需求、频繁破坏性变更升级、全盘推倒重来之类的） 
+3. 没有赞助的项目，交流群的戾气有时候比较重，容易起冲突     

 发电权益：
-1. 可加入发电专属群，可以获得作者一对一技术支持
-2. 您的需求我们将优先实现，并且将作为专业版功能提供
-3. 一年期专业版激活码
+1. 可加入发电专属VIP群，可以获得作者一对一技术支持，必要时可以远程协助
+2. 您的需求我们将优先实现，并且可能将作为专业版功能提供
+3. 获得专业版功能

 专业版特权对比

@@ -170,10 +179,9 @@ https://afdian.com/a/greper
 | 站点证书监控  | 限制1条                                  | 无限制                            |
 | 自动部署插件  | 阿里云CDN、腾讯云、七牛CDN、主机部署、宝塔、1Panel等大部分插件 | 群晖                             |
 | 通知      | 邮件通知、自定义webhook                       | 邮件免配置、企微、钉钉、飞书、anpush、server酱等 |
-
+| VIP群      | 无                                       | 可加，一对一技术支持，必要时远程协助       |
 ************************

-************************

 ## 九、贡献代码

@@ -9,8 +9,7 @@ services:
    restart: unless-stopped # 自动重启
    volumes:
      #   ↓↓↓↓↓ -------------------------------------------------------- 数据库以及证书存储路径,默认存在宿主机的/data/certd/目录下，【您需要定时备份此目录，以保障数据容灾】
-      #                                                                  只要修改冒号前面的，冒号后面的/app/data不要动
-      - /data/certd:/app/data
+      - /data/certd:/app/data # 只要修改冒号前面的，冒号后面的/app/data切记切记不要动
      #- /volume1/docker/certd:/app/data:delegated  #群晖使用这个配置
      #   ↓↓↓↓↓ -------------------------------------------------------- 如果走时不准，考虑挂载localtime文件
      #- /etc/localtime:/etc/localtime
@@ -3,6 +3,58 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
+## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)
+
+### Bug Fixes
+
+* 修复创建流水线报id不能为空的bug ([aac569a](https://github.com/certd/certd/commit/aac569a9259ede43399e0ed5d668e936b984d6dd))
+
+### Performance Improvements
+
+* 增加vip时间同步按钮 ([32e4e91](https://github.com/certd/certd/commit/32e4e91ab81008dda422fb53fd6f4d1711c5d80c))
+* 支持letencrypt测试环境，支持IP证书？ ([1462cdd](https://github.com/certd/certd/commit/1462cddd1eb347b7ff238286b5c977b29a0591ec))
+* server 增加 "@peculiar/x509" 依赖 ([acdf091](https://github.com/certd/certd/commit/acdf0912d452029f158279fb78155086e4fbac17))
+
 ## [1.37.5](https://github.com/certd/certd/compare/v1.37.4...v1.37.5) (2025-11-08)

 ### Bug Fixes
@@ -57,6 +57,10 @@ https://your_server_ip:7002

 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   # 请务必确保 /app/data 这个路径没有改动，固定写死
+```
 :::


@@ -10,6 +10,12 @@

 ::: warning   
 如果您是第一次升级certd版本，切记切记先备份一下数据    
+很多人docker不太会配置，数据目录没有映射出来，升级导致数据丢失
+```
+# docker-compose.yaml配置
+- /data/certd:/app/data   #  请务必确保 /app/data 这个路径没有改动，固定写死
+```
+具体备份方法可以参考上面每种部署方式升级方法后面的备份章节
 :::

 ## 升级日志
@@ -19,9 +19,15 @@ header中传入x-certd-token即可调用开放接口
 4、然后将content和sign分别base64后用.号连接： x-certd-token = base64(content) +"."+base64(sign)   


-## 补充说明
-1.证书申请接口支持证书id和域名两种方式获取证书。
-2.autoApply=true将在没有证书时自动触发申请，申请过程中会提示`正在申请中`，可轮循获取状态，直到证书申请成功。
+## 参数
+支持证书id和域名两种方式获取证书。
+
+## 创建新的证书申请
+参数autoApply=true，将在没有证书时自动触发申请证书，检查逻辑如下：
+1. 如果证书仓库里面有，且没有过期，就直接返回证书
+2. 如果没有或者已过期，就会去找流水线，有就触发流水线执行
+3. 如果没有流水线，就创建一个流水线，触发运行（`注意：需要提前在域名管理中配置好域名校验方式，否则会申请失败`）
+4. 再次采用相同参数请求接口，如果在申请过程中，就会提示`正在申请中`，可轮循获取状态，直到证书申请成功。


 ## SDK
@@ -1,5 +1,5 @@
 # 任务插件
-共 `102` 款任务插件    
+共 `103` 款任务插件    
 ## 1. 证书申请

 | 序号 | 名称 | 说明 |
@@ -29,18 +29,19 @@
 | 6.| **白山云-更新证书** |  | 
 | 7.| **天翼云-部署证书到CDN** | 部署证书到天翼云CDN和全站加速 | 
 | 8.| **括彩云-部署到括彩云CDN** | 括彩云CDN，每月免费30G，[注册即领](https://kuocaicdn.com/register?code=8mn536rrzfbf8) | 
-| 9.| **多吉云-部署到多吉云CDN** |  | 
-| 10.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
-| 11.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
-| 12.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
-| 13.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
-| 14.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
-| 15.| **FlexCDN-更新证书** |  | 
-| 16.| **farcdn-更新证书** | www.farcdn.net | 
-| 17.| **雨云-更新证书** | app.rainyun.com | 
-| 18.| **网宿-更新证书** | 网宿证书自动更新 | 
-| 19.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
-| 20.| **APISIX-更新证书** | 自动更新APISIX证书 | 
+| 9.| **西数-部署到虚拟主机** | 西部数码部署证书到虚拟主机 | 
+| 10.| **多吉云-部署到多吉云CDN** |  | 
+| 11.| **我爱云-部署证书到我爱云CDN** | 部署证书到我爱云CDN | 
+| 12.| **CacheFly-部署证书到CacheFly** | 部署证书到 CacheFly | 
+| 13.| **Gcore-部署证书到Gcore** | 仅上传 并不会部署到cdn | 
+| 14.| **Gcore-刷新Gcore证书** | 刷新现有的证书 | 
+| 15.| **又拍云-部署证书到CDN/USS** | 支持又拍云CDN，又拍云云存储USS | 
+| 16.| **FlexCDN-更新证书** |  | 
+| 17.| **farcdn-更新证书** | www.farcdn.net | 
+| 18.| **雨云-更新证书** | app.rainyun.com | 
+| 19.| **网宿-更新证书** | 网宿证书自动更新 | 
+| 20.| **金山云-更新CDN证书** | 金山云自动更新CDN证书 | 
+| 21.| **APISIX-更新证书** | 自动更新APISIX证书 | 
 ## 4. 面板

 | 序号 | 名称 | 说明 |
@@ -61,7 +62,7 @@
 | 14.| **威联通-部署证书到威联通** | 部署证书到qnap | 
 | 15.| **飞牛NAS-部署证书** |  | 
 | 16.| **Proxmox-上传证书到Proxmox** |  | 
-| 17.| **Dokploy-更新证书** | 自动更新Dokploy证书 | 
+| 17.| **Dokploy-部署server证书** | 自动更新Dokploy server证书 | 
 ## 5. 阿里云

 | 序号 | 名称 | 说明 |
@@ -9,15 +9,16 @@
 | 5.| **新网** | 新网域名解析 | 
 | 6.| **新网(代理方式)** | 新网域名解析(代理方式) | 
 | 7.| **腾讯云** | 腾讯云域名DNS解析提供者 | 
-| 8.| **华为云** | 华为云DNS解析提供商 | 
-| 9.| **西部数码** | west dns provider | 
-| 10.| **dns.la** | dns.la | 
-| 11.| **雨云** | 雨云DNS解析提供商 | 
-| 12.| **cloudflare** | cloudflare dns provider | 
-| 13.| **namesilo** | namesilo dns provider | 
-| 14.| **godaddy** | GoDaddy | 
-| 15.| **51dns** | 51DNS | 
-| 16.| **新网互联** | 新网互联 | 
+| 8.| **腾讯云EO DNS** | 腾讯云EO DNS解析提供者 | 
+| 9.| **华为云** | 华为云DNS解析提供商 | 
+| 10.| **西部数码** | west dns provider | 
+| 11.| **dns.la** | dns.la | 
+| 12.| **雨云** | 雨云DNS解析提供商 | 
+| 13.| **cloudflare** | cloudflare dns provider | 
+| 14.| **namesilo** | namesilo dns provider | 
+| 15.| **godaddy** | GoDaddy | 
+| 16.| **51dns** | 51DNS | 
+| 17.| **新网互联** | 新网互联 | 

 <style module>
 table th:first-of-type {
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.37.6"
+  "version": "1.37.10"
 }
@@ -3,6 +3,25 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/publishlab/node-acme-client/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.9](https://github.com/publishlab/node-acme-client/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.8](https://github.com/publishlab/node-acme-client/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/acme-client
+
+## [1.37.7](https://github.com/publishlab/node-acme-client/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/publishlab/node-acme-client/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/publishlab/node-acme-client/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
 ## [1.37.6](https://github.com/publishlab/node-acme-client/compare/v1.37.5...v1.37.6) (2025-11-10)

 ### Performance Improvements
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.37.6",
+    "version": "1.37.10",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.37.6",
+        "@certd/basic": "^1.37.10",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.7.2",
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+    "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -4,6 +4,9 @@
 import { readCsrDomains } from "./crypto/index.js";
 import { wait } from "./wait.js";
 import { CancelError } from "./error.js";
+import { domainUtils } from '@certd/basic';
+
+


 const defaultOpts = {
@@ -65,7 +68,7 @@ export default async (client, userOpts) => {
     * Parse domains from CSR
     */

-    log("[auto] Parsing domains from Certificate Signing Request ");
+    log("[auto] Parsing domains from Certificate Signing Request");
    const { commonName, altNames } = readCsrDomains(opts.csr);
    const uniqueDomains = Array.from(new Set([commonName].concat(altNames).filter((d) => d)));

@@ -76,9 +79,21 @@ export default async (client, userOpts) => {
     */

    log("[auto] Placing new certificate order with ACME provider");
-    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
-    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+
+    let hasIp = false
+    const orderPayload = { identifiers: uniqueDomains.map((d) =>{
+        // 判断是否为IP（v4或v6），否则按域名处理
+        const type = domainUtils.isIp(d) ? 'ip' : 'dns';
+        if(type === 'ip'){
+            hasIp = true
+        }
+        return { type, value: d }
+    }) };
+    if (opts.profile && client.sslProvider.startsWith("letsencrypt") ){
        orderPayload.profile = opts.profile;
+        if(hasIp){
+            orderPayload.profile = "shortlived"
+        }
    }
    const order = await client.createOrder(orderPayload);
    const authorizations = await client.getAuthorizations(order);
@@ -7,7 +7,7 @@ import { createHash } from 'crypto';
 import  { getPemBodyAsB64u } from './crypto/index.js';
 import HttpClient from './http.js';
 import AcmeApi from './api.js';
-import verify from './verify.js';
+import {createChallengeFn} from './verify.js';
 import * as util from './util.js';
 import auto from './auto.js';
 import { CancelError } from './error.js';
@@ -492,6 +492,9 @@ class AcmeClient {
            throw new Error('Unable to verify ACME challenge, URL not found');
        }

+        const {challenges} = createChallengeFn({logger:this.logger});
+ 
+        const verify = challenges
        if (typeof verify[challenge.type] === 'undefined') {
            throw new Error(`Unable to verify ACME challenge, unknown type: ${challenge.type}`);
        }
@@ -507,7 +510,12 @@ class AcmeClient {
        };

        this.log('Waiting for ACME challenge verification（等待ACME检查验证）');
-        return util.retry(verifyFn, this.backoffOpts);
+
+
+        const log = (...args)=>{
+            this.logger.info(...args)
+        }
+        return util.retry(verifyFn, this.backoffOpts,log);
    }

    /**
@@ -31,9 +31,28 @@ export const directory = {
    sslcom:{
      staging: 'https://acme.ssl.com/sslcom-dv-rsa',
      production: 'https://acme.ssl.com/sslcom-dv-rsa',
+      ec: 'https://acme.ssl.com/sslcom-dv-ecc',
    }
 };

+export function getDirectoryUrl(opts) {
+  const {sslProvider, pkType} = opts
+  const list= directory[sslProvider]
+  if (!list) {
+    throw new Error(`sslProvider ${sslProvider} not found`)
+  }
+  let pkTypePrefix = pkType || 'rsa'
+  if (pkType) {
+   pkTypePrefix = pkType.toLowerCase().split("_")[0]
+  }
+
+  if (pkTypePrefix && list[pkTypePrefix]) {
+    return list[pkTypePrefix]
+  }
+
+  return list.production
+}
+
 /**
 * Crypto
 */
@@ -48,7 +48,7 @@ class Backoff {
 * @returns {Promise}
 */

-async function retryPromise(fn, attempts, backoff) {
+async function retryPromise(fn, attempts, backoff, logger = log) {
    let aborted = false;

    try {
@@ -60,12 +60,12 @@ async function retryPromise(fn, attempts, backoff) {
            throw e;
        }

-        log(`Promise rejected: ${e.message}`);
+        logger(`Promise rejected: ${e.message}`);
        const duration = backoff.duration();
-        log(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);
+        logger(`Promise rejected attempt #${backoff.attempts}, ${duration}ms 后重试: ${e.message}`);

        await new Promise((resolve) => { setTimeout(resolve, duration); });
-        return retryPromise(fn, attempts, backoff);
+        return retryPromise(fn, attempts, backoff, logger);
    }
 }

@@ -80,9 +80,9 @@ async function retryPromise(fn, attempts, backoff) {
 * @returns {Promise}
 */

-function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}) {
+function retry(fn, { attempts = 5, min = 5000, max = 30000 } = {}, logger = log) {
    const backoff = new Backoff({ min, max });
-    return retryPromise(fn, attempts, backoff);
+    return retryPromise(fn, attempts, backoff, logger);
 }

 /**
@@ -216,21 +216,21 @@ function formatResponseError(resp) {
 * @returns {Promise<string>} Root domain name
 */

-async function resolveDomainBySoaRecord(recordName) {
+async function resolveDomainBySoaRecord(recordName, logger = log) {
    try {
        await dns.resolveSoa(recordName);
-        log(`找到${recordName}的SOA记录`);
+        logger(`找到${recordName}的SOA记录`);
        return recordName;
    }
    catch (e) {
-        log(`找不到${recordName}的SOA记录,继续往主域名查找`);
+        logger(`找不到${recordName}的SOA记录,继续往主域名查找`);
        const parentRecordName = recordName.split('.').slice(1).join('.');

        if (!parentRecordName.includes('.')) {
            throw new Error('SOA record查找失败');
        }

-        return resolveDomainBySoaRecord(parentRecordName);
+        return resolveDomainBySoaRecord(parentRecordName,logger);
    }
 }

@@ -241,18 +241,18 @@ async function resolveDomainBySoaRecord(recordName) {
 * @returns {Promise<dns.Resolver>} DNS resolver
 */

-async function getAuthoritativeDnsResolver(recordName) {
-    log(`获取域名${recordName}的权威NS服务器: `);
+async function getAuthoritativeDnsResolver(recordName, logger = log) {
+    logger(`获取域名${recordName}的权威NS服务器: `);
    const resolver = new dns.Resolver();

    try {
        /* Resolve root domain by SOA */
-        const domain = await resolveDomainBySoaRecord(recordName);
+        const domain = await resolveDomainBySoaRecord(recordNam,logger);

        /* Resolve authoritative NS addresses */
-        log(`获取到权威NS服务器name: ${domain}`);
+        logger(`获取到权威NS服务器name: ${domain}`);
        const nsRecords = await dns.resolveNs(domain);
-        log(`域名权威NS服务器：${nsRecords}`);
+        logger(`域名权威NS服务器：${nsRecords}`);
        const nsAddrArray = await Promise.all(nsRecords.map(async (r) => dns.resolve4(r)));
        const nsAddresses = [].concat(...nsAddrArray).filter((a) => a);

@@ -261,16 +261,16 @@ async function getAuthoritativeDnsResolver(recordName) {
        }

        /* Authoritative NS success */
-        log(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
+        logger(`Found ${nsAddresses.length} authoritative NS addresses for domain: ${domain}`);
        resolver.setServers(nsAddresses);
    }
    catch (e) {
-        log(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
+        logger(`Authoritative NS lookup error（获取权威NS服务器地址失败）: ${e.message}`);
    }

    /* Return resolver */
    const addresses = resolver.getServers();
-    log(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);
+    logger(`DNS resolver addresses（域名的权威NS服务器地址）: ${addresses.join(', ')}`);

    return resolver;
 }
@@ -4,14 +4,22 @@

 import dnsSdk from "dns"
 import https from 'https'
-import {log} from './logger.js'
+import {log as defaultLog} from './logger.js'
 import axios from './axios.js'
 import * as util from './util.js'
 import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'


 const dns = dnsSdk.promises
-/**
+
+
+export function createChallengeFn(opts = {}){
+    const logger = opts?.logger || {info:defaultLog,error:defaultLog,warn:defaultLog,debug:defaultLog}
+    
+    const log = function(...args){
+        logger.info(...args)
+    }
+    /**
 * Verify ACME HTTP challenge
 *
 * https://datatracker.ietf.org/doc/html/rfc8555#section-8.3
@@ -112,7 +120,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
    return records
 }

-export async function walkTxtRecord(recordName,deep = 0) {
+ async function walkTxtRecord(recordName,deep = 0) {
    if(deep >5){
        log(`walkTxtRecord too deep (#${deep}) , skip walk`)
        return []
@@ -136,7 +144,7 @@ export async function walkTxtRecord(recordName,deep = 0) {
    try{
        /* Authoritative DNS resolver */
        log(`从域名权威服务器获取TXT解析记录`);
-        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName);
+        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
        const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
        if (res && res.length > 0) {
            for (const item of res) {
@@ -173,7 +181,8 @@ async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '
    recordValues = [...new Set(recordValues)];
    log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
    if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
-        throw new Error(`没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`);
+        const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
+        throw new Error(err);
    }

    log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
@@ -207,12 +216,13 @@ async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
    return true;
 }

-/**
- * Export API
- */
+    return {
+        challenges:{
+            'http-01': verifyHttpChallenge,
+            'dns-01': verifyDnsChallenge,
+            'tls-alpn-01': verifyTlsAlpnChallenge,
+        },
+        walkTxtRecord,
+    }

-export default {
-    'http-01': verifyHttpChallenge,
-    'dns-01': verifyDnsChallenge,
-    'tls-alpn-01': verifyTlsAlpnChallenge,
-};
+}
@@ -117,6 +117,8 @@ export const directory: {
    }
 };

+export function getDirectoryUrl(opts:{sslProvider:string, pkType: string}): string;
+
 /**
 * Crypto
 */
@@ -207,7 +209,8 @@ export const agents: any;

 export function setLogger(fn: (message: any, ...args: any[]) => void): void;

-export function walkTxtRecord(record: any): Promise<string[]>;
+export function createChallengeFn(opts?: {logger?:any}): any;
+// export function walkTxtRecord(record: any): Promise<string[]>;
 export function getAuthoritativeDnsResolver(record:string): Promise<any>;

 export const CancelError: typeof CancelError;
@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/basic
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-00:42
+23:49
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,6 +17,7 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
+    "async-lock": "^1.4.1",
    "axios": "^1.7.2",
    "dayjs": "^1.11.7",
    "http-proxy-agent": "^7.0.2",
@@ -46,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -7,29 +7,29 @@ function match(targetDomains: string | string[], inDomains: string[]) {
    return false;
  }

-  if (typeof targetDomains === 'string') {
+  if (typeof targetDomains === "string") {
    targetDomains = [targetDomains];
  }
  for (let targetDomain of targetDomains) {
    let matched = false;
-    if (targetDomain.startsWith('.')) {
-      targetDomain = '*' + targetDomain;
+    if (targetDomain.startsWith(".")) {
+      targetDomain = "*" + targetDomain;
    }
    for (let inDomain of inDomains) {
-      if (inDomain.startsWith('.')) {
-        inDomain = '*' + inDomain;
+      if (inDomain.startsWith(".")) {
+        inDomain = "*" + inDomain;
      }
      if (targetDomain === inDomain) {
        matched = true;
        break;
      }

-      if (!inDomain.startsWith('*.')) {
+      if (!inDomain.startsWith("*.")) {
        //不可能匹配
        continue;
      }
      //子域名匹配通配符即可
-      const firstDotIndex = targetDomain.indexOf('.');
+      const firstDotIndex = targetDomain.indexOf(".");
      const targetDomainSuffix = targetDomain.substring(firstDotIndex + 1);
      if (targetDomainSuffix === inDomain.substring(2)) {
        matched = true;
@@ -46,6 +46,32 @@ function match(targetDomains: string | string[], inDomains: string[]) {
  return true;
 }

+function isIpv4(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv4Regex = /^(\d{1,3}\.){3}\d{1,3}$/;
+  return isIPv4Regex.test(d);
+}
+
+function isIpv6(d: string) {
+  if (!d) {
+    return false;
+  }
+  const isIPv6Regex = /^([\da-f]{1,4}:){2,7}[\da-f]{1,4}$/i;
+  return isIPv6Regex.test(d);
+}
+
+function isIp(d: string) {
+  if (!d) {
+    return false;
+  }
+  return isIpv4(d) || isIpv6(d);
+}
+
 export const domainUtils = {
  match,
+  isIpv4,
+  isIpv6,
+  isIp,
 };
@@ -1,46 +1,16 @@
-import { logger, utils } from './index.js';
+// @ts-ignore
+import AsyncLock from "async-lock";

 export class Locker {
-  locked: Record<string, any> = {};
+  private asyncLocker: AsyncLock;

-  async execute(lockStr: string, callback: any) {
-    await this.lock(lockStr);
-    const timeoutId = setTimeout(() => {
-      logger.warn('Lock timeout,自动解锁', lockStr);
-      this.unlock(lockStr);
-    }, 20000);
-    try {
-      return await callback();
-    } finally {
-      clearTimeout(timeoutId);
-      this.unlock(lockStr);
-    }
+  constructor() {
+    this.asyncLocker = new AsyncLock();
  }

-  async lock(str: string) {
-    const isLocked = this.isLocked(str);
-    if (isLocked) {
-      let count = 0;
-      while (true) {
-        await utils.sleep(100);
-        if (!this.isLocked(str)) {
-          break;
-        }
-        count++;
-        if (count > 20) {
-          throw new Error('Lock timeout');
-        }
-      }
-    }
-    this.locked[str] = true;
-  }
-
-  unlock(str: string) {
-    delete this.locked[str];
-  }
-
-  isLocked(str: string) {
-    return this.locked[str] ?? false;
+  async execute(lockStr: string, callback: any, options?: { timeout?: number }) {
+    const timeout = options?.timeout ?? 20000;
+    return this.asyncLocker.acquire(lockStr, callback, { timeout });
  }
 }

@@ -0,0 +1,14 @@
+import { random } from "lodash-es";
+import { locker } from "./dist/utils/util.lock.js";
+
+async function testLocker() {
+  for (let i = 0; i < 10; i++) {
+    await locker.execute("test", async () => {
+      console.log("test", i);
+      await new Promise(resolve => setTimeout(resolve, Math.random() * 1000));
+      throw new Error("test error");
+    });
+  }
+}
+
+await testLocker();
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/pipeline
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/pipeline
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/pipeline
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,8 +18,8 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.6",
-    "@certd/plus-core": "^1.37.6",
+    "@certd/basic": "^1.37.10",
+    "@certd/plus-core": "^1.37.10",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-huawei
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-iframe
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/jdcloud
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/jdcloud
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/jdcloud
@@ -1,13 +1,11 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.37.6",
+  "version": "1.37.10",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
  "scripts": {
-    "test": "cross-env NODE_CONFIG_DIR=./test/config  mocha --recursive --require babel-register",
-    "dev": "babel src --out-dir babel -w",
    "build": "rollup -c ",
    "dev-build": "npm run build",
    "pub": "npm publish"
@@ -15,7 +13,6 @@
  "author": "",
  "license": "Apache",
  "dependencies": {
-    "babel-register": "^6.26.0",
    "buffer": "^5.0.8",
    "create-hash": "^1.1.3",
    "create-hmac": "^1.1.6",
@@ -30,8 +27,6 @@
    "@rollup/plugin-typescript": "^11.0.0",
    "@typescript-eslint/eslint-plugin": "^8.26.1",
    "@typescript-eslint/parser": "^8.26.1",
-    "babel-cli": "^6.26.0",
-    "babel-preset-env": "^1.6.1",
    "chai": "^4.1.2",
    "config": "^1.30.0",
    "cross-env": "^5.1.4",
@@ -61,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-k8s
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -17,7 +17,7 @@
    "pub": "npm publish"
  },
  "dependencies": {
-    "@certd/basic": "^1.37.6",
+    "@certd/basic": "^1.37.10",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/lib-server
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/lib-server
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/lib-server
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.37.6",
+  "version": "1.37.10",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -28,11 +28,11 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.37.6",
-    "@certd/basic": "^1.37.6",
-    "@certd/pipeline": "^1.37.6",
-    "@certd/plugin-lib": "^1.37.6",
-    "@certd/plus-core": "^1.37.6",
+    "@certd/acme-client": "^1.37.10",
+    "@certd/basic": "^1.37.10",
+    "@certd/pipeline": "^1.37.10",
+    "@certd/plugin-lib": "^1.37.10",
+    "@certd/plus-core": "^1.37.10",
    "@midwayjs/cache": "3.14.0",
    "@midwayjs/core": "3.20.11",
    "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,22 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+**Note:** Version bump only for package @certd/midway-flyway-js
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.37.6",
+  "version": "1.37.10",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -3,6 +3,27 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/plugin-cert
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持使用letencrypt测试环境申请ip证书 ([86ce00a](https://github.com/certd/certd/commit/86ce00adf92ff98fead87a3eaaa6631036708f47))
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 ### Performance Improvements
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.37.6",
-    "@certd/basic": "^1.37.6",
-    "@certd/pipeline": "^1.37.6",
-    "@certd/plugin-lib": "^1.37.6",
+    "@certd/acme-client": "^1.37.10",
+    "@certd/basic": "^1.37.10",
+    "@certd/pipeline": "^1.37.10",
+    "@certd/plugin-lib": "^1.37.10",
    "@google-cloud/publicca": "^1.3.0",
    "dayjs": "^1.11.7",
    "jszip": "^3.10.1",
@@ -43,5 +43,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -128,7 +128,7 @@ export class AcmeService {
      await this.saveAccountConfig(email, conf);
      this.logger.info(`创建新的Accountkey:${email}`);
    }
-    const directoryUrl = acme.directory[this.sslProvider].production;
+    const directoryUrl = acme.getDirectoryUrl({ sslProvider: this.sslProvider, pkType: this.options.privateKeyType });
    if (this.options.useMappingProxy) {
      urlMapping.enabled = true;
    } else {
@@ -337,7 +337,7 @@ export class AcmeService {
    domains = encodingDomains;

    /* Create CSR */
-    const { commonName, altNames } = this.buildCommonNameByDomains(domains);
+    const { altNames } = this.buildCommonNameByDomains(domains);
    let privateKey = null;
    const privateKeyType = options.privateKeyType || "rsa_2048";
    const privateKeyArr = privateKeyType.split("_");
@@ -364,15 +364,13 @@ export class AcmeService {
      //兼容老版本
      createCsr = acme.forge.createCsr;
    }
-    const [key, csr] = await createCsr(
-      {
-        commonName,
-        ...csrInfo,
-        altNames,
-        // emailAddress: email,
-      },
-      privateKey
-    );
+    const csrData: any = {
+      // commonName,
+      ...csrInfo,
+      altNames,
+      // emailAddress: email,
+    };
+    const [key, csr] = await createCsr(csrData, privateKey);

    if (dnsProvider == null && domainsVerifyPlan == null) {
      throw new Error("dnsProvider 、 domainsVerifyPlan不能都为空");
@@ -417,7 +415,7 @@ export class AcmeService {
  }

  buildCommonNameByDomains(domains: string | string[]): {
-    commonName: string;
+    commonName?: string;
    altNames: string[] | undefined;
  } {
    if (typeof domains === "string") {
@@ -426,14 +424,14 @@ export class AcmeService {
    if (domains.length === 0) {
      throw new Error("domain can not be empty");
    }
-    const commonName = domains[0];
-    let altNames: undefined | string[] = undefined;
-    if (domains.length > 1) {
-      altNames = _.slice(domains, 1);
-    }
+    // const commonName = domains[0];
+    // let altNames: undefined | string[] = undefined;
+    // if (domains.length > 1) {
+    //   altNames = _.slice(domains, 1);
+    // }
    return {
-      commonName,
-      altNames,
+      // commonName,
+      altNames: domains,
    };
  }

@@ -36,6 +36,7 @@ export class CertReader {
  detail: CertificateInfo;
  //毫秒时间戳
  effective: number;
+  //毫秒时间戳
  expires: number;
  constructor(certInfo: CertInfo) {
    this.cert = certInfo;
@@ -3,6 +3,24 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+**Note:** Version bump only for package @certd/plugin-lib
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 **Note:** Version bump only for package @certd/plugin-lib
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.37.6",
+  "version": "1.37.10",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -22,8 +22,8 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.10",
    "@aws-sdk/client-s3": "^3.787.0",
-    "@certd/basic": "^1.37.6",
-    "@certd/pipeline": "^1.37.6",
+    "@certd/basic": "^1.37.10",
+    "@certd/pipeline": "^1.37.10",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -35,7 +35,7 @@
    "rimraf": "^5.0.5",
    "socks": "^2.8.3",
    "socks-proxy-agent": "^8.0.4",
-    "ssh2": "^1.15.0",
+    "ssh2": "1.17.0",
    "strip-ansi": "^7.1.0",
    "tencentcloud-sdk-nodejs": "^4.0.1005"
  },
@@ -53,5 +53,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "9d5daf00152188369bf29e8be5795dbf04737f18"
+  "gitHead": "eb41a3655fe91af94f1c42a51aaa9122edfcf40e"
 }
@@ -64,4 +64,8 @@ export class TencentAccess extends BaseAccess {
  intlDomain() {
    return this.isIntl() ? "intl." : "";
  }
+
+  buildEndpoint(endpoint: string) {
+    return `${this.intlDomain()}${endpoint}`;
+  }
 }
@@ -19,6 +19,8 @@ RUN apk add --no-cache openjdk8
 WORKDIR /app/
 COPY --from=builder /workspace/certd-server/ /app/

+COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
+
 ENV LEGO_VERSION=4.22.2
 ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
 RUN mkdir -p $LEGO_DOWNLOAD_DIR
@@ -3,6 +3,31 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 站点证书监控备注输入框改成textarea ([70b603d](https://github.com/certd/certd/commit/70b603d601c34f39148c2ab70c655c51babf563d))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Bug Fixes
+
+* 商用证书上传保存失败的bug ([075b1dc](https://github.com/certd/certd/commit/075b1dc0eb8c39acc277277b1b334d66b6717ab2))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Performance Improvements
+
+* 支持回车键触发登录 ([eb5c88f](https://github.com/certd/certd/commit/eb5c88fbb2901f1a9669429a7cd8dc76f6806d01))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Bug Fixes
+
+* 修复点击立即触发运行报错的bug ([e1eef01](https://github.com/certd/certd/commit/e1eef013a856d26fe80a05d9ec6e505e2e31e5f9))
+* 账号绑定页面某些情况下打不开的bug ([44973eb](https://github.com/certd/certd/commit/44973ebd00e89c0fee8f3b91174157757ce0160f))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.37.6",
+  "version": "1.37.10",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -106,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.37.6",
-    "@certd/pipeline": "^1.37.6",
+    "@certd/lib-iframe": "^1.37.10",
+    "@certd/pipeline": "^1.37.10",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -6,7 +6,12 @@
        <div>1. 解析记录应该添加在{{ record.domain }}域名下</div>
        <div>2. 要添加的是CNAME类型的记录，不是TXT</div>
        <div>3. 核对记录值是否是:{{ record.recordValue }}</div>
-        <div>4. 运行下面的命令,查看解析是否正确 <fs-copyable :style="{ color: '#52c41a' }" :model-value="nslookupCmd"></fs-copyable></div>
+        <div>
+          4. 在验证中状态下，运行下面的命令,查看cname和txt解析是否正确
+          <fs-copyable :style="{ color: '#52c41a' }" :model-value="nslookupCmd"></fs-copyable>
+          或者
+          <fs-copyable :style="{ color: '#52c41a' }" :model-value="digCmd"></fs-copyable>
+        </div>
        <div>5. 如果以上检查都没有问题，则可能是DNS解析生效时间比较慢，某些提供商延迟可能高达几个小时</div>
      </div>
    </template>
@@ -23,4 +28,8 @@ const props = defineProps<{
 const nslookupCmd = computed(() => {
  return `nslookup -q=txt _acme-challenge.${props.record.domain}`;
 });
+
+const digCmd = computed(() => {
+  return `dig _acme-challenge.${props.record.domain}`;
+});
 </script>
@@ -97,6 +97,6 @@ export default {
  already_comm: "已经是商业版了，不能降级为专业版",
  already_perpetual_plus: "您已经是永久专业版了，无法继续升级",
  confirm: "确认",
-  not_effective: "没有生效?",
+  not_effective: "VIP没有生效?",
  learn_more: "更多特权(加VIP群等)",
 };
@@ -117,7 +117,6 @@ onUnmounted(() => {
    :confirm-text="$t('common.refresh')"
    :fullscreen-button="false"
    :title="$t('ui.widgets.checkUpdatesTitle')"
-    centered
    content-class="px-8 min-h-10"
    footer-class="border-none mb-3 mr-3"
    header-class="border-none"
@@ -156,7 +156,6 @@ if (enableShortcutKey.value) {
    :confirm-text="$t('common.confirm')"
    :fullscreen-button="false"
    :title="$t('common.prompt')"
-    centered
    content-class="px-8 min-h-10"
    footer-class="border-none mb-3 mr-3"
    header-class="border-none"
@@ -1,7 +1,8 @@
 import { request } from "/src/api/service";
 import { RequestHandleReq } from "/@/components/plugins/lib";
+import { AddonTypeDefines } from "./types";

-export function createAddonApi(opts: { from: any; addonType: string }) {
+export function createAddonApi(opts: { from: any; addonType: string } = { from: "user", addonType: "" }) {
  let apiPrefix = "/addon";
  if (opts.from === "sys") {
    apiPrefix = "/sys/addon";
@@ -128,15 +129,6 @@ export function createAddonApi(opts: { from: any; addonType: string }) {
  };
 }

-export const AddonTypeDefines = {
-  captcha: {
-    name: "captcha",
-    title: "验证码",
-    showDefault: false,
-    showTest: false,
-  },
-};
-
 export function getAddonTypeDefine(addonType: string) {
  return AddonTypeDefines[addonType];
 }
@@ -20,7 +20,7 @@ import { addonProvide } from "/@/views/certd/addon/common";
 export default defineComponent({
  name: "AddonManager",
  setup() {
-    const api = createAddonApi();
+    const api = createAddonApi({ from: "user", addonType: "" });
    addonProvide(api);
    const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: { api } });

@@ -0,0 +1,15 @@
+export interface AddonTypeDefine {
+  name: string;
+  title: string;
+  showDefault: boolean;
+  showTest: boolean;
+}
+
+export const AddonTypeDefines: Record<string, AddonTypeDefine> = {
+  captcha: {
+    name: "captcha",
+    title: "验证码",
+    showDefault: false,
+    showTest: false,
+  },
+};
@@ -555,7 +555,7 @@ export default function ({ crudExpose, context }: CreateCrudOptionsProps): Creat
          search: {
            show: false,
          },
-          type: "text",
+          type: "textarea",
          column: {
            width: 200,
            sorter: true,
@@ -204,7 +204,7 @@ export function useCertUpload() {
                notifications,
              };

-              const id = await api.Save({
+              const { id } = await api.Save({
                title: pipeline.title,
                content: JSON.stringify(pipeline),
                keepHistoryCount: 30,
@@ -20,8 +20,8 @@ defineOptions({
  name: "PipelineDetail",
 });
 const route = useRoute();
-const pipelineId: Ref = ref(route.query.id);
-const historyId = ref(route.query.historyId as string);
+const pipelineId: Ref = ref(parseInt((route.query.id as string) || "0"));
+const historyId: Ref = ref(parseInt((route.query.historyId as string) || "0"));
 const pluginStore = usePluginStore();
 const pipelineOptions: PipelineOptions = {
  async getPipelineDetail({ pipelineId }) {
@@ -327,11 +327,11 @@ export default defineComponent({
  },
  props: {
    pipelineId: {
-      type: [Number, String],
+      type: Number,
      default: 0,
    },
    historyId: {
-      type: [Number, String],
+      type: Number,
      default: 0,
    },
    editMode: {
@@ -348,6 +348,7 @@ export default defineComponent({
  emits: ["update:modelValue", "update:editMode"],
  setup(props, ctx) {
    const { t } = useI18n();
+    //右侧选中的pipeline
    const currentPipeline: Ref<any> = ref({});
    const pipeline: Ref<any> = ref({});
    const pipelineEntity: Ref<any> = ref({});
@@ -399,7 +400,7 @@ export default defineComponent({
      currentPipeline.value = currentHistory.value.pipeline;
    };

-    async function loadHistoryList(reload = false) {
+    async function loadHistoryList(reload = false, historyId: number) {
      if (props.editMode) {
        return;
      }
@@ -416,11 +417,11 @@ export default defineComponent({
      histories.value = historyList;

      if (historyList.length > 0) {
-        //@ts-ignore
-        if (props.historyId > 0) {
-          const found = historyList.find(item => {
+        if (historyId > 0) {
+          //如果传递了history，优先显示历史记录作为当前
+          const found = histories.value.find(item => {
            //字符串==int
-            return item.id == props.historyId;
+            return item.id == historyId;
          });
          if (found) {
            await changeCurrentHistory(found);
@@ -428,7 +429,8 @@ export default defineComponent({
          }
        }
        //@ts-ignore
-        if (historyList[0]?.version === pipeline.value.version) {
+        if (historyList[0]?.version === pipeline.value?.version) {
+          //如果当前的流水线版本与历史记录最后一条一致，则将该记录设置为current
          await changeCurrentHistory(historyList[0]);
        }
      }
@@ -482,7 +484,7 @@ export default defineComponent({
        if (editMode) {
          changeCurrentHistory();
        } else if (histories.value.length > 0) {
-          if (histories.value[0].pipeline.version === pipeline.value.version) {
+          if (histories.value[0].pipeline?.version === pipeline.value?.version) {
            changeCurrentHistory(histories.value[0]);
          }
        }
@@ -508,7 +510,7 @@ export default defineComponent({
          detail.pipeline
        );
        pipeline.value = currentPipeline.value;
-        await loadHistoryList(true);
+        await loadHistoryList(true, props.historyId);
      },
      {
        immediate: true,
@@ -740,7 +742,11 @@ export default defineComponent({
            //@ts-ignore
            await changeCurrentHistory(null);
            if (histories.value.length > 0) {
-              pipeline.value = histories.value[0].pipeline;
+              //看是不是最新的pipeline版本
+              if (pipeline.value?.version !== histories.value[0].pipeline?.version) {
+                const detail: PipelineDetail = await props.options.getPipelineDetail({ pipelineId: pipeline.value.id });
+                pipeline.value = detail.pipeline;
+              }
            }

            await props.options.doTrigger({ pipelineId: pipeline.value.id, stepId: stepId });
@@ -7,14 +7,14 @@
          <template v-if="formState.loginType === 'password'">
            <!--      <div class="login-title">登录</div>-->
            <a-form-item required has-feedback name="username" :rules="rules.username">
-              <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off">
+              <a-input v-model:value="formState.username" :placeholder="t('authentication.usernamePlaceholder')" autocomplete="off" @keydown.enter="handleFinish">
                <template #prefix>
                  <fs-icon icon="ion:phone-portrait-outline"></fs-icon>
                </template>
              </a-input>
            </a-form-item>
            <a-form-item has-feedback name="password" :rules="rules.password">
-              <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off">
+              <a-input-password v-model:value="formState.password" :placeholder="t('authentication.passwordPlaceholder')" autocomplete="off" @keyup.enter="handleFinish">
                <template #prefix>
                  <fs-icon icon="ion:lock-closed-outline"></fs-icon>
                </template>
@@ -22,7 +22,7 @@
            </a-form-item>

            <a-form-item v-if="settingStore.sysPublic.captchaEnabled" has-feedback required name="captcha" :rules="rules.captcha">
-              <CaptchaInput v-model:model-value="formState.captcha"></CaptchaInput>
+              <CaptchaInput v-model:model-value="formState.captcha" @keydown.enter="handleFinish"></CaptchaInput>
            </a-form-item>
          </template>
        </a-tab-pane>
@@ -37,7 +37,7 @@
            </a-form-item>

            <a-form-item has-feedback name="smsCaptcha">
-              <CaptchaInput v-model:model-value="formState.smsCaptcha"></CaptchaInput>
+              <CaptchaInput v-model:model-value="formState.smsCaptcha" @keydown.enter="handleFinish"></CaptchaInput>
            </a-form-item>

            <a-form-item name="smsCode" :rules="rules.smsCode">
@@ -169,7 +169,7 @@ export default defineComponent({
      await userStore.loginByTwoFactor(twoFactor);
    };

-    const handleFinish = async (values: any) => {
+    const handleFinish = async () => {
      loading.value = true;
      try {
        // formState.captcha = await doCaptchaValidate();
@@ -31,7 +31,8 @@ const iframeSrcRef = computed(() => {
  if (!settingStore.installInfo.accountServerBaseUrl) {
    return "#/app/certd/home";
  }
-  return `${settingStore.installInfo.accountServerBaseUrl}/#/app/certd/home`;
+  const timestamp = Date.now();
+  return `${settingStore.installInfo.accountServerBaseUrl}/#/app/certd/home?t=${timestamp}`;
 });

 type SubjectInfo = {
@@ -3,6 +3,34 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.37.10](https://github.com/certd/certd/compare/v1.37.9...v1.37.10) (2025-11-19)
+
+### Performance Improvements
+
+* 优化dokploy 部署插件，配置选择serverId ([c9709f2](https://github.com/certd/certd/commit/c9709f26981c1cc9f71c14babb204329fcae0db5))
+
+## [1.37.9](https://github.com/certd/certd/compare/v1.37.8...v1.37.9) (2025-11-19)
+
+### Performance Improvements
+
+* 优化阿里云clb 过期证书清理报错的问题 ([d465367](https://github.com/certd/certd/commit/d4653678b2e3643460f918992eeae4044d3a1cc7))
+
+## [1.37.8](https://github.com/certd/certd/compare/v1.37.7...v1.37.8) (2025-11-17)
+
+### Bug Fixes
+
+* **plugins/woai-cdn:** 修正默认接口域名与帮助链接中的路径 ([#576](https://github.com/certd/certd/issues/576)) @LjyLab ([d20046c](https://github.com/certd/certd/commit/d20046c86681ea177ece434423b7c81a76b437fb))
+
+### Performance Improvements
+
+* 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机 ([1102952](https://github.com/certd/certd/commit/1102952b4703e8c0bbc17b0700c0ed3ef6f866d3))
+
+## [1.37.7](https://github.com/certd/certd/compare/v1.37.6...v1.37.7) (2025-11-12)
+
+### Performance Improvements
+
+* 支持腾讯云teo dns解析 ([1d23dd2](https://github.com/certd/certd/commit/1d23dd2426bd1e4c4dfea0a9e561d665e045ba9d))
+
 ## [1.37.6](https://github.com/certd/certd/compare/v1.37.5...v1.37.6) (2025-11-10)

 ### Performance Improvements
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.37.6",
+  "version": "1.37.10",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -45,20 +45,20 @@
    "@aws-sdk/client-cloudfront": "^3.699.0",
    "@aws-sdk/client-iam": "^3.699.0",
    "@aws-sdk/client-s3": "^3.705.0",
-    "@certd/acme-client": "^1.37.6",
-    "@certd/basic": "^1.37.6",
-    "@certd/commercial-core": "^1.37.6",
+    "@certd/acme-client": "^1.37.10",
+    "@certd/basic": "^1.37.10",
+    "@certd/commercial-core": "^1.37.10",
    "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.37.6",
-    "@certd/lib-huawei": "^1.37.6",
-    "@certd/lib-k8s": "^1.37.6",
-    "@certd/lib-server": "^1.37.6",
-    "@certd/midway-flyway-js": "^1.37.6",
-    "@certd/pipeline": "^1.37.6",
-    "@certd/plugin-cert": "^1.37.6",
-    "@certd/plugin-lib": "^1.37.6",
-    "@certd/plugin-plus": "^1.37.6",
-    "@certd/plus-core": "^1.37.6",
+    "@certd/jdcloud": "^1.37.10",
+    "@certd/lib-huawei": "^1.37.10",
+    "@certd/lib-k8s": "^1.37.10",
+    "@certd/lib-server": "^1.37.10",
+    "@certd/midway-flyway-js": "^1.37.10",
+    "@certd/pipeline": "^1.37.10",
+    "@certd/plugin-cert": "^1.37.10",
+    "@certd/plugin-lib": "^1.37.10",
+    "@certd/plugin-plus": "^1.37.10",
+    "@certd/plus-core": "^1.37.10",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.120",
    "@huaweicloud/huaweicloud-sdk-core": "^3.1.120",
    "@koa/cors": "^5.0.0",
@@ -106,6 +106,7 @@
    "nanoid": "^5.0.7",
    "node-forge": "^1.3.1",
    "nodemailer": "^6.9.16",
+    "openid-client": "^6.8.1",
    "otplib": "^12.0.1",
    "pg": "^8.12.0",
    "psl": "^1.9.0",
@@ -0,0 +1,30 @@
+import { BaseController, Constants } from "@certd/lib-server";
+import { ALL, Body, Controller, Get, Post, Provide, Query } from "@midwayjs/core";
+
+/**
+ */
+@Provide()
+@Controller('/api/connect')
+export class LoginController extends BaseController {
+
+
+  @Get('/login', { summary: Constants.per.guest })
+  public async login(@Query(ALL) body: any) {
+    //构造登录url
+    return this.ok(1);
+  }
+  @Get('/callback', { summary: Constants.per.guest })
+  public async callback(@Query(ALL) body: any) {
+    //处理登录回调
+    return this.ok(1);
+  }
+
+  @Post('/bind', { summary: Constants.per.guest })
+  public async bind(@Body(ALL) body: any) {
+    const autoRegister = body.autoRegister || false;
+    const bindInfo = body.bind || {};
+    //处理登录回调
+    return this.ok(1);
+  }
+  
+}
@@ -13,7 +13,7 @@ import { CnameRecordEntity, CnameRecordStatusType } from "../entity/cname-record
 import { createDnsProvider, IDnsProvider } from "@certd/plugin-cert";
 import { CnameProvider, CnameRecord } from "@certd/pipeline";
 import { cache, http, isDev, logger, utils } from "@certd/basic";
-import { getAuthoritativeDnsResolver, walkTxtRecord } from "@certd/acme-client";
+import { getAuthoritativeDnsResolver, createChallengeFn } from "@certd/acme-client";
 import { CnameProviderService } from "./cname-provider-service.js";
 import { CnameProviderEntity } from "../entity/cname-provider.js";
 import { CommonDnsProvider } from "./common-provider.js";
@@ -241,6 +241,8 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
   * @param id
   */
  async verify(id: number) {
+
+    const {walkTxtRecord} = createChallengeFn({logger});
    const bean = await this.info(id);
    if (!bean) {
      throw new ValidateException(`CnameRecord:${id} 不存在`);
@@ -416,6 +418,7 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {

  async checkRepeatAcmeChallengeRecords(acmeRecordDomain: string, targetCnameDomain: string) {

+    
    let dnsResolver = null;
    try {
      dnsResolver = await getAuthoritativeDnsResolver(acmeRecordDomain);
@@ -460,6 +463,9 @@ export class CnameRecordService extends BaseService<CnameRecordEntity> {
      //如果权威服务器中查不到txt，无需继续检查
      return;
    }
+
+    const {walkTxtRecord} = createChallengeFn({logger});
+
    if (cnameRecords.length > 0) {
      // 从cname记录中获取txt记录
      // 对比是否存在，如果不存在于cname中获取的txt中，说明本体有创建多余的txt记录
@@ -155,10 +155,14 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
      const client = await this.getLBClient(access, this.regionId);
      await this.deployDefaultCert(certId, client);
    }
-
-    await this.ctx.utils.sleep(10000)
+    this.logger.info(`准备开始清理过期证书`);
+    await this.ctx.utils.sleep(30000)
    for (const listener of this.listeners) {
-      await this.clearInvalidCert(albClientV2, listener);
+      try{
+        await this.clearInvalidCert(albClientV2, listener);
+      }catch(e){
+        this.logger.error(`清理监听器${listener}的过期证书失败`, e);
+      }
    }


@@ -236,6 +240,7 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {

    const certIds = [];
    for (const item of list) {
+      this.logger.info(`监听器${listener}绑定的证书${item.CertificateId},status:${item.Status},IsDefault:${item.IsDefault}`);
      if (item.Status !== "Associated") {
        continue;
      }
@@ -244,10 +249,12 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
      }
      certIds.push( parseInt(item.CertificateId));
    }
+    this.logger.info(`监听器${listener}绑定的证书${certIds}`);
    //检查是否过期，过期则删除
    const invalidCertIds = [];
    for (const certId of certIds) {
      const res = await sslClient.getCertInfo(certId);
+      this.logger.info(`证书${certId}过期时间:${res.notAfter}`);
      if (res.notAfter < new Date().getTime()) {
        invalidCertIds.push(certId);
      }
@@ -256,7 +263,7 @@ export class AliyunDeployCertToALB extends AbstractTaskPlugin {
      this.logger.info(`监听器${listener}没有过期的证书`);
      return
    }
-    this.logger.info(`开始解绑过期的证书:${invalidCertIds}`);
+    this.logger.info(`开始解绑过期的证书:${invalidCertIds}，listener:${listener}`);
    await client.doRequest({
      // 接口名称
      action: "DissociateAdditionalCertificatesFromListener",
@@ -152,9 +152,14 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
      await this.deployDefaultCert(certId, client);
    }

-    await this.ctx.utils.sleep(10000)
+    this.logger.info(`准备开始清理过期证书`);
+    await this.ctx.utils.sleep(30000)
    for (const listener of this.listeners) {
-      await this.clearInvalidCert(nlbClientV2, listener);
+      try{
+        await this.clearInvalidCert(nlbClientV2, listener);
+      }catch(e){
+        this.logger.error(`清理监听器${listener}的过期证书失败`, e);
+      }
    }

    this.logger.info('执行完成');
@@ -232,6 +237,7 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {

    const certIds = [];
    for (const item of list) {
+      this.logger.info(`监听器${listener}绑定的证书${item.CertificateId},status:${item.Status},IsDefault:${item.IsDefault}`);
      if (item.Status !== "Associated") {
        continue;
      }
@@ -240,10 +246,12 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
      }
      certIds.push( parseInt(item.CertificateId));
    }
+    this.logger.info(`监听器${listener}绑定的证书${certIds}`);
    //检查是否过期，过期则删除
    const invalidCertIds = [];
    for (const certId of certIds) {
      const res = await sslClient.getCertInfo(certId);
+      this.logger.info(`证书${certId}过期时间:${res.notAfter}`);
      if (res.notAfter < new Date().getTime()) {
        invalidCertIds.push(certId);
      }
@@ -252,7 +260,7 @@ export class AliyunDeployCertToNLB extends AbstractTaskPlugin {
      this.logger.info(`监听器${listener}没有过期的证书`);
      return
    }
-    this.logger.info(`开始解绑过期的证书:${invalidCertIds}`);
+    this.logger.info(`开始解绑过期的证书:${invalidCertIds},listener:${listener}`);

    const ids:any = {}
    let i = 0
@@ -50,6 +50,14 @@ export class DokployAccess extends BaseAccess {
    return "ok"
  }

+  async getServerList(){
+    const req = {
+      url :"/api/server.all",
+      method: "get",
+    }
+    return await this.doRequest(req);
+  }
+
  async getCertList(){
    const req = {
      url :"/api/certificates.all",
@@ -96,7 +104,7 @@ export class DokployAccess extends BaseAccess {
      headers,
      baseURL: this.endpoint,
      ...req,
-      logRes: true,
+      logRes: false,
    });
  }

@@ -1,13 +1,13 @@
 import { AbstractTaskPlugin, IsTaskPlugin, PageSearch, pluginGroups, RunStrategy, TaskInput } from "@certd/pipeline";
-import {CertApplyPluginNames, CertInfo} from "@certd/plugin-cert";
+import {CertApplyPluginNames, CertInfo, CertReader} from "@certd/plugin-cert";
 import {createCertDomainGetterInputDefine, createRemoteSelectInputDefine} from "@certd/plugin-lib";
 import {DokployAccess} from "../access.js";

@IsTaskPlugin({
  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
  name: "DokployRefreshCert",
-  title: "Dokploy-更新证书",
-  desc: "自动更新Dokploy证书",
+  title: "Dokploy-部署server证书",
+  desc: "自动更新Dokploy server证书",
  icon: "svg:icon-lucky",
  //插件分组
  group: pluginGroups.panel.key,
@@ -52,12 +52,12 @@ export class DokployRefreshCert extends AbstractTaskPlugin {
    createRemoteSelectInputDefine({
      title: "证书名称",
      helper: "要更新的证书名称，如果这里没有，请先给手动绑定一次证书",
-      action: DokployRefreshCert.prototype.onGetCertList.name,
+      action: DokployRefreshCert.prototype.onGetServerList.name,
      pager: false,
      search: false
    })
  )
-  certList!: string[];
+  serverList!: string[];

  //插件实例化时执行的方法
  async onInstance() {
@@ -67,46 +67,61 @@ export class DokployRefreshCert extends AbstractTaskPlugin {
  async execute(): Promise<void> {
    const access = await this.getAccess<DokployAccess>(this.accessId);

+    if (!this.serverList || this.serverList.length === 0) {
+      throw new Error("请先选择要部署证书的server");
+    }
+
    // await access.createCert({cert:this.cert})

-    const certList = await access.getCertList();
+    const oldCertList = await access.getCertList();


-    for (const certId of this.certList) {
-      this.logger.info(`----------- 开始更新证书：${certId}`);
-      const [serverId,name] = certId.split("#");
-      const founds = certList.filter((item: any) => item.name === name);
-      if (founds){
-        for (const found of founds) {
-          await access.removeCert({id:found.certificateId})
-        }
+    const certReader = new CertReader(this.cert);
+    for (const serverId of this.serverList) {
+      this.logger.info(`----------- 开始部署server证书：${serverId}`);
+      if(!serverId){
+        this.logger.error(`----------- serverId不能为空，跳过更新`);
+        continue;
      }
-
      await access.createCert({
-        name,
+        name: certReader.buildCertName(),
        cert: this.cert,
        serverId: serverId,
      });
-      this.logger.info(`----------- 更新证书${certId}成功`);
+      this.logger.info(`----------- 部署server${serverId}证书成功`);
+    }
+
+    this.logger.info(`----------- 等待10秒后开始清理过期证书`);
+    await this.ctx.utils.sleep(10000);
+    //清理过期证书
+    for (const certItem of oldCertList) {
+      
+      const certDetail = CertReader.readCertDetail(certItem.certificateData);
+      if (certDetail.expires.getTime() < new Date().getTime()){
+          this.logger.info(`----------- 证书${certItem.certificateId}已过期`);
+          await access.removeCert({id:certItem.certificateId});
+          this.logger.info(`----------- 清理过期证书${certItem.certificateId}成功`);  
+      }else{
+        this.logger.info(`----------- 证书${certItem.certificateId}还未过期`);  
+      }
    }

    this.logger.info("部署完成");
  }

-  async onGetCertList(data: PageSearch = {}) {
+  async onGetServerList(data: PageSearch = {}) {
    const access = await this.getAccess<DokployAccess>(this.accessId);

-    const res = await access.getCertList()
+    const res = await access.getServerList()
    const list = res
    if (!list || list.length === 0) {
-      throw new Error("没有找到证书，你可以直接手动输入id，如果id不存在将自动创建");
+      throw new Error("没有找到Server，你可以直接手动输入serverId");
    }

    const options = list.map((item: any) => {
      return {
        label: `${item.name}<${item.serverId}>`,
-        value: `${item.serverId}#${item.name}`,
-        domain: item.name
+        value: `${item.serverId}`,
      };
    });
    return options;
@@ -0,0 +1,24 @@
+export interface OauthProvider {
+  buildLoginUrl: (params: { redirectUri: string }) => string;
+  handleCallback: (params: { code: string; redirectUri: string }) => Promise<{
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+    idToken: string;
+    scope: string;
+    tokenType: string;
+  }>;
+  bind: (params: {
+    accessToken: string;
+    refreshToken: string;
+    expiresIn: number;
+    idToken: string;
+    scope: string;
+    tokenType: string;
+    bindInfo: any;
+  }) => Promise<{
+    success: boolean;
+    message: string;
+  }>;
+  
+}
@@ -1,2 +1,3 @@
 import './dnspod-dns-provider.js';
 import './tencent-dns-provider.js';
+import './teo-dns-provider.js';
@@ -0,0 +1,145 @@
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
+import { TencentAccess } from '@certd/plugin-lib';
+
+@IsDnsProvider({
+    name: 'tencent-eo',
+    title: '腾讯云EO DNS',
+    desc: '腾讯云EO DNS解析提供者',
+    accessType: 'tencent',
+    icon: 'svg:icon-tencentcloud',
+})
+export class TencentEoDnsProvider extends AbstractDnsProvider {
+    access!: TencentAccess;
+
+    client!: any;
+
+
+    async onInstance() {
+        this.access = this.ctx.access as TencentAccess
+        const clientConfig = {
+            credential: this.access,
+            region: '',
+            profile: {
+                httpProfile: {
+                    endpoint: this.access.buildEndpoint("teo.tencentcloudapi.com"),
+                },
+            },
+        };
+        const teosdk = await import('tencentcloud-sdk-nodejs/tencentcloud/services/teo/v20220901/index.js');
+        const TeoClient = teosdk.v20220901.Client;
+        // 实例化要请求产品的client对象,clientProfile是可选的
+        this.client = new TeoClient(clientConfig);
+    }
+
+
+    async getZoneId(domain: string) {
+
+        const params = {
+            "Filters": [
+                {
+                    "Name": "zone-name",
+                    "Values": [
+                        domain
+                    ]
+                }
+            ]
+        };
+        const res = await this.client.DescribeZones(params);
+        if (res.Zones && res.Zones.length > 0) {
+            return res.Zones[0].ZoneId;
+        }
+        throw new Error('未找到对应的ZoneId');
+    }
+
+    async createRecord(options: CreateRecordOptions): Promise<any> {
+        const { fullRecord, value, type, domain } = options;
+        this.logger.info('添加域名解析：', fullRecord, value);
+
+        const zoneId = await this.getZoneId(domain);
+        const params = {
+            "ZoneId": zoneId,
+            "Name": fullRecord,
+            "Type": type,
+            "Content": value,
+            "TTL": 60,
+        };
+
+        try {
+            const ret = await this.client.CreateDnsRecord(params);
+            this.logger.info('添加域名解析成功:', fullRecord, value, JSON.stringify(ret));
+            /*
+              {
+              "RecordId": 162,
+              "RequestId": "ab4f1426-ea15-42ea-8183-dc1b44151166"
+            }
+         */
+            return {
+                RecordId: ret.RecordId,
+                ZoneId: zoneId,
+            };
+        } catch (e: any) {
+            if (e?.code === 'ResourceInUse.DuplicateName') {
+                this.logger.info('域名解析已存在,无需重复添加:', fullRecord, value);
+                return await this.findRecord({
+                    ...options,
+                    zoneId,
+                });
+            }
+            throw e;
+        }
+    }
+
+    async findRecord(options: CreateRecordOptions & { zoneId: string }): Promise<any> {
+
+        const { zoneId } = options;
+        const params = {
+            "ZoneId": zoneId,
+            "Filters": [
+                {
+                    "Name": "name",
+                    "Values": [
+                        options.fullRecord
+                    ]
+                },
+                {
+                    "Name": "content",
+                    "Values": [
+                        options.value
+                    ]
+                },
+                {
+                    "Name": "type",
+                    "Values": [
+                        options.type
+                    ]
+                }
+            ]
+        };
+        const ret = await this.client.DescribeRecordFilterList(params);
+        if (ret.DnsRecords && ret.DnsRecords.length > 0) {
+            this.logger.info('已存在解析记录:', ret.DnsRecords);
+            return ret.DnsRecords[0];
+        }
+        return {};
+    }
+
+    async removeRecord(options: RemoveRecordOptions<any>) {
+        const { fullRecord, value } = options.recordReq;
+        const record = options.recordRes;
+        if (!record) {
+            this.logger.info('解析记录recordId为空，不执行删除', fullRecord, value);
+        }
+
+        const params = {
+            "ZoneId": record.ZoneId,
+            "RecordIds": [
+                record.RecordId
+            ]
+        };
+
+        const ret = await this.client.DeleteDnsRecords(params);
+        this.logger.info('删除域名解析成功:', fullRecord, value);
+        return ret;
+    }
+}
+new TencentEoDnsProvider();
@@ -1,5 +1,6 @@
+import { HttpRequestConfig } from '@certd/basic';
 import { IsAccess, AccessInput, BaseAccess } from '@certd/pipeline';
-
+import qs from 'qs';
 /**
 * 这个注解将注册一个授权配置
 * 在certd的后台管理系统中，用户可以选择添加此类型的授权
@@ -55,7 +56,7 @@ export class WestAccess extends BaseAccess {
    component: {
      placeholder: '账户级别的key，对整个账户都有管理权限',
    },
-    helper: '账户级别的key，对整个账户都有管理权限\n前往https://www.west.cn/manager/API/APIconfig.asp，手动设置“api连接密码”',
+    helper: '账户级别的key，对整个账户都有管理权限\n前往[API接口配置](https://www.west.cn/manager/API/APIconfig.asp)，手动设置“api连接密码”',
    encrypt: true,
    required: false,
    mergeScript: `
@@ -88,6 +89,100 @@ export class WestAccess extends BaseAccess {
    `,
  })
  apidomainkey = '';
+
+
+  @AccessInput({
+    title: "测试",
+    component: {
+      name: "api-test",
+      action: "TestRequest"
+    },
+    helper: "点击测试接口是否正常"
+  })
+  testRequest = true;
+
+  async onTestRequest() {
+    await this.getDomainList();
+    return "ok";
+  }
+
+
+  async getDomainList() {
+    const res = await this.doRequest({
+      url: '/v2/domain',
+      method: 'GET',
+      data:{
+        act:'getdomains',
+        limit:1,
+        page:1
+      }
+    });
+    return res;
+  }
+
+
+
+  public async doRequest(req: HttpRequestConfig) {
+    let { url, method, data } = req;
+    if (data == null) {
+      data = {};
+    }
+    if (!method) {
+      method = 'POST';
+    }
+
+    if (this.scope === 'account') {
+      /**
+ * token	text	身份验证字符串，取值为：md5(username+api_password+timestamp),其中：
+username：您在我司注册的用户名。
+api_password：您设置的API密码。您可登录官网管理中心，在“代理商管理”-<API接口配置>""页面查看您的api密码。
+timestamp：当前时间的毫秒时间戳。
+将字符串username与字符串api_password连接，再与timestamp连接，然后将生成的字符串进行md5求值，md5算法要求为：
+32位16进制字符串，小写格式。
+身份验证串有效期10分钟。
+
+比如，您的用户名为：zhangsan，您的API密码为：5dh232kfg!* ,当前毫秒时间戳为：1554691950854，则：
+token=md5(zhangsan + 5dh232kfg!* + 1554691950854)=cfcd208495d565ef66e7dff9f98764da
+ */
+      // data.apikey = this.ctx.utils.hash.md5(this.apikey);
+      data.username = this.username;
+      const timestamp = new Date().getTime();
+      const token = this.ctx.utils.hash.md5(`${this.username}${this.apikey}${timestamp}`).toLowerCase();
+      data.token = token;
+      data.time = timestamp;
+    } else {
+      data.apidomainkey = this.apidomainkey;
+    }
+
+
+    const headers = {}
+    const body: any = {}
+    if (method.toUpperCase() === 'POST') {
+      headers['Content-Type'] = 'application/x-www-form-urlencoded';
+      body.data = data
+    } else if (method.toUpperCase() === 'GET') {
+      let queryString = '';
+      if (method.toUpperCase() === 'GET') {
+        queryString = qs.stringify(data);
+      }
+      url = `${url}?${queryString}`
+    }
+
+
+    const res = await this.ctx.http.request<any, any>({
+      baseURL: 'https://api.west.cn/api',
+      url,
+      method,
+      ...body,
+      headers,
+    });
+    this.ctx.logger.info(`request ${url} ${method} res:${JSON.stringify(res)}`);
+    if (res.msg !== 'success' && res.result!= 200) {
+      throw new Error(`${JSON.stringify(res.msg)}`);
+    }
+    return res;
+  }
+
 }

 new WestAccess();
@@ -4,10 +4,10 @@ import { WestAccess } from './access.js';

 type westRecord = {
  // 这里定义Record记录的数据结构，跟对应云平台接口返回值一样即可，一般是拿到id就行，用于删除txt解析记录，清理申请痕迹
-  code: number;
+  result: number;
  msg: string;
-  body: {
-    record_id: number;
+  data: {
+    id: number;
  };
 };

@@ -31,27 +31,6 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {
    //...
  }

-  private async doRequestApi(url: string, data: any = null, method = 'post') {
-    if (this.access.scope === 'account') {
-      data.apikey = this.ctx.utils.hash.md5(this.access.apikey);
-      data.username = this.access.username;
-    } else {
-      data.apidomainkey = this.access.apidomainkey;
-    }
-    const res = await this.ctx.http.request<any, any>({
-      url,
-      method,
-      data,
-      headers: {
-        'Content-Type': 'application/x-www-form-urlencoded',
-      },
-    });
-    if (res.msg !== 'success') {
-      throw new Error(`${JSON.stringify(res.msg)}`);
-    }
-    return res;
-  }
-
  /**
   * 创建dns解析记录，用于验证域名所有权
   */
@@ -63,22 +42,26 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {
     * type: 'TXT',
     * domain: 'example.com'
     */
-    const { fullRecord, value, type, domain } = options;
+    const { fullRecord, value, type, domain,hostRecord } = options;
    this.logger.info('添加域名解析：', fullRecord, value, type, domain);

    // 准备要发送到API的请求体
    const requestBody = {
-      act: 'dnsrec.add', // API动作类型
+      act: 'adddnsrecord', // API动作类型
      domain: domain, // 域名
-      record_type: 'TXT', // DNS记录类型
-      hostname: fullRecord, // 完整的记录名
-      record_value: value, // 记录的值
-      record_line: '', // 记录线路
-      record_ttl: 60, // TTL (生存时间)，设置为60秒
+      type: 'TXT', // DNS记录类型
+      host: hostRecord, // 完整的记录名
+      value: value, // 记录的值
+      line: '', // 记录线路
+      ttl: 60, // TTL (生存时间)，设置为60秒
    };

-    const url = 'https://api.west.cn/API/v2/domain/dns/';
-    const res = await this.doRequestApi(url, requestBody);
+    const url = '/v2/domain/';
+    const res = await this.access.doRequest({
+      url,
+      method:'POST',
+      data: requestBody,
+    });
    const record = res as westRecord;
    this.logger.info(`添加域名解析成功:fullRecord=${fullRecord},value=${value}`);
    this.logger.info(`dns解析记录:${JSON.stringify(record)}`);
@@ -90,6 +73,7 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {

  /**
   *  删除dns解析记录,清理申请痕迹
+   * https://console-docs.apipost.cn/preview/ab2c3103b22855ba/fac91d1e43fafb69?target_id=c4564349-6687-413d-a3d4-b0e8db5b34b2
   * @param options
   */
  async removeRecord(options: RemoveRecordOptions<westRecord>): Promise<void> {
@@ -104,16 +88,17 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {

    // 准备要发送到API的请求体
    const requestBody = {
-      act: 'dnsrec.remove', // API动作类型
+      act: 'deldnsrecord', // API动作类型
      domain: domain, // 域名
-      record_id: record.body.record_id,
-      hostname: fullRecord, // 完整的记录名
-      record_type: 'TXT', // DNS记录类型
-      record_line: '', // 记录线路
+      id: record.data?.id,
    };

-    const url = 'https://api.west.cn/API/v2/domain/dns/';
-    const res = await this.doRequestApi(url, requestBody);
+    const url = '/v2/domain/';
+    const res = await this.access.doRequest({
+      url,
+      method:'POST',
+      data: requestBody,
+    });
    const result = res.result;
    this.logger.info('删除域名解析成功:', fullRecord, value, JSON.stringify(result));
  }
@@ -1,2 +1,3 @@
 export * from './dns-provider.js';
 export * from './access.js';
+export * from './plugins/deploy-to-vhost.js';
@@ -0,0 +1,227 @@
+import {
+  AbstractTaskPlugin,
+  IsTaskPlugin,
+  PageSearch,
+  pluginGroups,
+  RunStrategy,
+  TaskInput
+} from "@certd/pipeline";
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
+import { createCertDomainGetterInputDefine, createRemoteSelectInputDefine } from "@certd/plugin-lib";
+import { WestAccess } from "../access.js";
+
+@IsTaskPlugin({
+  //命名规范，插件类型+功能（就是目录plugin-demo中的demo），大写字母开头，驼峰命名
+  name: "WestDeployToVhost",
+  title: "西数-部署到虚拟主机",
+  desc: "西部数码部署证书到虚拟主机",
+  icon: "svg:icon-lucky",
+  //插件分组
+  group: pluginGroups.cdn.key,
+  needPlus: false,
+  default: {
+    //默认值配置照抄即可
+    strategy: {
+      runStrategy: RunStrategy.SkipWhenSucceed
+    }
+  }
+})
+//类名规范，跟上面插件名称（name）一致
+export class WestDeployToVhost extends AbstractTaskPlugin {
+  //证书选择，此项必须要有
+  @TaskInput({
+    title: "域名证书",
+    helper: "请选择前置任务输出的域名证书",
+    component: {
+      name: "output-selector",
+      from: [...CertApplyPluginNames]
+    }
+    // required: true, // 必填
+  })
+  cert!: CertInfo;
+
+  @TaskInput(createCertDomainGetterInputDefine({ props: { required: false } }))
+  certDomains!: string[];
+
+
+  //授权选择框
+  @TaskInput({
+    title: "西数授权",
+    component: {
+      name: "access-selector",
+      type: "west" //固定授权类型
+    },
+    required: true //必填
+  })
+  accessId!: string;
+  //
+
+
+  @TaskInput(
+    createRemoteSelectInputDefine({
+      title: "虚拟主机列表",
+      helper: "虚拟主机列表",
+      action: WestDeployToVhost.prototype.onGetVhostList.name,
+      pager: false,
+      search: false
+    })
+  )
+  vhostList!: string[];
+
+  // @TaskInput(
+  //   createRemoteSelectInputDefine({
+  //     title: "证书Id",
+  //     helper: "要部署的西数证书id",
+  //     action: WestDeployToVhost.prototype.onGetCertList.name,
+  //     pager: false,
+  //     search: false
+  //   })
+  // )
+  // certList!: string[];
+
+  //插件实例化时执行的方法
+  async onInstance() {
+  }
+
+  //插件执行方法
+  async execute(): Promise<void> {
+    const access = await this.getAccess<WestAccess>(this.accessId);
+
+    for (const item of this.vhostList) {
+      this.logger.info(`----------- 开始更新证书到虚拟主机：${item}`);
+      const arr = item.split("_");
+      const sitename = arr[1];
+      await this.uploadCert({access,sitename});
+      await this.ctx.utils.sleep(2000);
+      const res = await this.getVhostSslInfo({access,sitename});
+      this.logger.info(`----------- 虚拟主机${sitename}证书信息：${JSON.stringify(res)}`);
+      this.logger.info(`----------- 更新证书${item}成功`);
+    }
+
+    this.logger.info("部署完成");
+  }
+
+  // async onGetCertList(data: PageSearch = {}) {
+  //   const access = await this.getAccess<WestAccess>(this.accessId);
+
+  //   const list = await access.getCertList({});
+  //   if (!list || list.length === 0) {
+  //     throw new Error("没有找到证书，请先在控制台上传一次证书且关联域名");
+  //   }
+
+  //   /**
+  //    * certificate-id
+  //    * name
+  //    * dns-names
+  //    */
+  //   const options = list.map((item: any) => {
+  //     const domains = item["dns-names"]
+  //     const certId = item["certificate-id"];
+  //     return {
+  //       label: `${item.name}<${certId}-${domains[0]}>`,
+  //       value: certId,
+  //       domain: item["dns-names"]
+  //     };
+  //   });
+  //   return {
+  //     list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
+  //     total: list.length,
+  //     pageNo: 1,
+  //     pageSize: list.length
+  //   };
+  // }
+
+  async uploadCert(req:{access:any,sitename:string}){
+    const {access,sitename} = req;
+      const data = {
+        /**
+         * act
+vhostssl
+是
+String
+sitename
+westly
+是
+String
+cmd
+import
+是
+String
+openssl/closessl 部署/关闭
+keycontent
+是
+String
+私匙
+certcontent
+         */
+        act:"vhostssl",
+        sitename:sitename,
+        westly:"1",
+        cmd:"import",
+        opensslclosessl:"openssl",
+        keycontent:this.cert.key,
+        certcontent:this.cert.crt,
+      }
+
+      const res = await access.doRequest({
+        url: `/v2/vhost/`,
+        method:"POST",
+        data:data
+      });
+      return res;
+  }
+
+  async getVhostSslInfo(req:{access:any,sitename:string}){
+    const {access,sitename} = req;
+    const data = {
+      act:"vhostssl",
+      sitename:sitename,
+      cmd:"info",
+    }
+    const res = await access.doRequest({
+      url: `/v2/vhost/`,
+      method:"POST",
+      data:data
+    });
+    return res;
+  }
+
+   async onGetVhostList(data: PageSearch = {}) {
+    const access = await this.getAccess<WestAccess>(this.accessId);
+
+    const res = await access.doRequest({
+      url: `/v2/vhost/`,
+      method:"POST",
+      data:{
+        act:"sync",
+        westid: 1,
+      }
+    });
+    const list = res.data
+    if (!list || list.length === 0) {
+      throw new Error("没有找到虚拟主机");
+    }
+
+    /**
+     * certificate-id
+     * name
+     * dns-names
+     */
+    const options = list.map((item: any) => {
+      return {
+        label: `${item.sitename}<${item.westid}-${item.bindings}>`,
+        value: `${item.westid}_${item.sitename}`,
+        domain: item.bindings.split(",")
+      };
+    });
+    return {
+      list: this.ctx.utils.options.buildGroupOptions(options, this.certDomains),
+      total: list.length,
+      pageNo: 1,
+      pageSize: list.length
+    };
+  }
+}
+
+//实例化一下，注册插件
+new WestDeployToVhost();
@@ -1,7 +1,7 @@
 import { AbstractTaskPlugin, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput } from '@certd/pipeline';
-import { CertInfo } from '@certd/plugin-cert';
+import { CertApplyPluginNames, CertInfo } from "@certd/plugin-cert";
 import { WoaiAccess } from '../access.js';
-import { CertApplyPluginNames} from '@certd/plugin-cert';
+
@IsTaskPlugin({
  name: 'WoaiCDN',
  title: '我爱云-部署证书到我爱云CDN',
@@ -17,7 +17,7 @@ import { CertApplyPluginNames} from '@certd/plugin-cert';
 export class WoaiCdnPlugin extends AbstractTaskPlugin {
  @TaskInput({
    title: '接口地址(可留空)',
-    helper: '请填写我爱云的地址, 默认为 [API](https://console.edge.ttzi.cn) 末尾请不要携带`/`',
+    helper: '请填写我爱云的地址, 默认为 [API](https://console.edeg.ttzi.cn) 末尾请不要携带`/`',
    component: { name: 'a-input' },
    required: false,
  })
@@ -73,9 +73,9 @@ export class WoaiCdnPlugin extends AbstractTaskPlugin {
    const { baseApi, certId, cert, accessId } = this;
    const access = (await this.getAccess(accessId)) as WoaiAccess;
    // 使用默认值或用户输入的值
-    const apiBase = baseApi || 'https://console.edge.ttzi.cn';
+    const apiBase = baseApi || 'https://console.edeg.ttzi.cn';
    // 登录获取token
-    const loginResponse = await this.doRequestApi(`${apiBase}/login`, {
+    const loginResponse = await this.doRequestApi(`${apiBase}/account/login`, {
      username: access.username,
      password: access.password,
    });
@@ -1 +1 @@
-05:07
+23:54
@@ -1 +1 @@
-05:19
+23:57
Author	SHA1	Message	Date
xiaojunnuo	5a148aa3b9	chore: oidc first	2025-11-26 07:34:42 +08:00
xiaojunnuo	b4c362da37	docs: openapi	2025-11-25 09:12:35 +08:00
xiaojunnuo	575ae164c8	perf: ssh支持ppk格式私钥	2025-11-25 00:48:21 +08:00
xiaojunnuo	a9606bfb4e	chore: 1	2025-11-24 23:43:14 +08:00
xiaojunnuo	b5ec04723d	perf: ssl.com支持ecc	2025-11-24 23:33:25 +08:00
xiaojunnuo	51cc08411f	perf: 优化宝塔网站证书在并发部署时导致nginx配置文件错乱的问题	2025-11-24 23:18:56 +08:00
xiaojunnuo	d75034deae	build: release	2025-11-19 23:57:16 +08:00
xiaojunnuo	4ce23debb6	build: publish	2025-11-19 23:55:03 +08:00
xiaojunnuo	063706a7bf	build: trigger build image	2025-11-19 23:54:03 +08:00
xiaojunnuo	eb41a3655f	v1.37.10	2025-11-19 23:52:19 +08:00
xiaojunnuo	a84476187f	build: prepare to build	2025-11-19 23:49:47 +08:00
xiaojunnuo	70b603d601	perf: 站点证书监控备注输入框改成textarea	2025-11-19 23:49:09 +08:00
xiaojunnuo	c9709f2698	perf: 优化dokploy 部署插件，配置选择serverId	2025-11-19 23:47:26 +08:00
xiaojunnuo	be4f479afd	build: release	2025-11-19 15:41:19 +08:00
xiaojunnuo	a251465dbc	build: publish	2025-11-19 15:30:56 +08:00
xiaojunnuo	9b7051f2be	build: trigger build image	2025-11-19 15:30:33 +08:00
xiaojunnuo	8bfdef79c4	v1.37.9	2025-11-19 15:28:27 +08:00
xiaojunnuo	f2c2bf81b3	build: prepare to build	2025-11-19 15:24:37 +08:00
xiaojunnuo	8b5247b9bb	build: prepare to build	2025-11-19 15:23:57 +08:00
xiaojunnuo	075b1dc0eb	fix: 商用证书上传保存失败的bug	2025-11-19 15:13:08 +08:00
xiaojunnuo	42e1f0478d	chore: docs	2025-11-19 13:24:40 +08:00
xiaojunnuo	d4653678b2	perf: 优化阿里云clb 过期证书清理报错的问题	2025-11-18 18:09:59 +08:00
xiaojunnuo	a4ce752e58	chore: 阿里云nlb证书清理增加日志打印	2025-11-18 18:02:55 +08:00
xiaojunnuo	f6649398ef	chore: 清理过期证书增加日志打印	2025-11-18 18:01:23 +08:00
xiaojunnuo	02859cc270	build: release	2025-11-18 01:28:48 +08:00
xiaojunnuo	4ed30e082f	build: publish	2025-11-18 01:18:48 +08:00
xiaojunnuo	d3985dd129	build: trigger build image	2025-11-18 01:18:32 +08:00
xiaojunnuo	ac70821fea	v1.37.8	2025-11-18 01:16:57 +08:00
xiaojunnuo	38b273a1c9	build: prepare to build	2025-11-18 01:14:14 +08:00
xiaojunnuo	eb5c88fbb2	perf: 支持回车键触发登录	2025-11-18 01:13:31 +08:00
xiaojunnuo	1102952b47	perf: 修复西数解析记录添加失败的bug，支持部署证书到西数虚拟主机	2025-11-18 01:04:47 +08:00
xiaojunnuo	5ad6cadcee	chore: 1	2025-11-15 16:56:04 +08:00
xiaojunnuo	5d236808d6	Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev	2025-11-15 16:46:06 +08:00
xiaojunnuo	ada9243e84	chore: 1	2025-11-15 16:32:41 +08:00
xiaojunnuo	ad4e1c1b5b	Merge branch 'v2' into v2-dev	2025-11-13 13:54:44 +08:00
xiaojunnuo	c5105c29b0	build: release	2025-11-13 01:31:28 +08:00
xiaojunnuo	f689b0f3b2	Merge branch 'v2-dev' into v2	2025-11-13 01:17:55 +08:00
xiaojunnuo	730f614024	build: publish	2025-11-13 01:17:09 +08:00
xiaojunnuo	2e4eb17a48	build: trigger build image	2025-11-13 01:16:45 +08:00
xiaojunnuo	55d2a1f09b	v1.37.7	2025-11-13 01:15:01 +08:00
xiaojunnuo	e3a5bcb907	build: prepare to build	2025-11-13 01:12:01 +08:00
xiaojunnuo	d56567c9de	chore: teo dns 测试成功	2025-11-13 01:11:04 +08:00
xiaojunnuo	d7c381e05d	chore: 1	2025-11-13 00:50:40 +08:00
xiaojunnuo	1d23dd2426	perf: 支持腾讯云teo dns解析	2025-11-13 00:45:05 +08:00
xiaojunnuo	86ce00adf9	perf: 支持使用letencrypt测试环境申请ip证书	2025-11-12 23:56:02 +08:00
xiaojunnuo	e1eef013a8	fix: 修复点击立即触发运行报错的bug	2025-11-12 22:15:17 +08:00
Rab	d20046c866	fix(plugins/woai-cdn): 修正默认接口域名与帮助链接中的路径 (#576 ) @LjyLab	2025-11-12 15:30:32 +08:00
xiaojunnuo	2df452fe5b	Merge branch 'v2' of https://github.com/certd/certd into v2	2025-11-12 09:10:43 +08:00
xiaojunnuo	c31bfd8b94	docs: 1	2025-11-11 16:03:40 +08:00
xiaojunnuo	f443675f4f	docs: 1	2025-11-11 16:03:19 +08:00
xiaojunnuo	a44bd8849d	chore: 1	2025-11-11 13:29:38 +08:00
xiaojunnuo	274c887140	chore: nslookup 改成dig命令	2025-11-11 11:41:36 +08:00
xiaojunnuo	44973ebd00	fix: 账号绑定页面某些情况下打不开的bug	2025-11-11 11:05:34 +08:00
xiaojunnuo	88f74163ff	build: release	2025-11-11 01:16:32 +08:00
xiaojunnuo	6cd57dd426	Merge branch 'v2-dev' into v2	2025-11-11 00:57:37 +08:00
xiaojunnuo	481e866011	build: publish	2025-11-11 00:50:16 +08:00
xiaojunnuo	a78450ba79	build: trigger build image	2025-11-11 00:49:58 +08:00
greper	d19ac1fd15	Update promotional content in README.md	2025-11-10 10:56:54 +08:00
greper	410a23751b	Update README.md	2025-11-10 10:56:23 +08:00
greper	8190507e8c	Revise README for permanent version promotion Updated promotional text for the permanent professional version and adjusted the display format.	2025-11-10 10:54:47 +08:00
greper	645f74f39d	Update README with promotional content Added promotional message for permanent professional version and Double Eleven event.	2025-11-10 10:53:38 +08:00
@@ -1 +1 @@
 :42
 :49
@@ -1 +1 @@
 :07
 :54
@@ -1 +1 @@
 :19
 :57