fix: 修复新网找错域名的bug

chore: 1
docs: 1
2026-04-25 05:07:25 +08:00 · 2026-02-03 18:28:41 +08:00 · 2026-02-03 16:28:11 +08:00 · 2026-02-03 12:28:30 +08:00 · 2026-02-03 09:50:29 +08:00 · 2026-02-03 09:50:23 +08:00
24 changed files with 215 additions and 62 deletions
@@ -3,6 +3,21 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.

+## [1.38.5](https://github.com/certd/certd/compare/v1.38.4...v1.38.5) (2026-02-02)
+
+### Bug Fixes
+
+* 阿里云esa查询证书限制接口无效，改成配置证书数量上限检查方式进行清理 ([2302567](https://github.com/certd/certd/commit/230256793f8ad87ef8a0738c37108bf7b5ab9853))
+* 某些情况下登陆页面没有显示重置密码文档链接的问题 ([40801d0](https://github.com/certd/certd/commit/40801d0a0668c77adb57fae42b4b6615b198a88d))
+* 修复部署到火山引擎vod，获取域名列表为空的bug ([0719f4c](https://github.com/certd/certd/commit/0719f4c99e9198544d03431107b53652e076e881))
+* 修复litessl new-nonce报428的bug ([540ef96](https://github.com/certd/certd/commit/540ef967457a7871637cfdb5012ed1fa3261757b))
+* 修复oidc配置取消后获取登出地址失败后无法列出oauth列表的bug ([eb5de15](https://github.com/certd/certd/commit/eb5de150332fd914c56b812c3ba2c2445f902bb7))
+
+### Performance Improvements
+
+* 将重置密码的日志挪到启动成功之后，方便查看 ([0fa9b34](https://github.com/certd/certd/commit/0fa9b344e08cf355aee7a7566f061cc5d95dc374))
+* 支持绑定两个url地址 ([a2e9a41](https://github.com/certd/certd/commit/a2e9a41a7e712395c0e3ee6fe55b370aa1fc1f12))
+
 ## [1.38.4](https://github.com/certd/certd/compare/v1.38.3...v1.38.4) (2026-01-31)

 ### Bug Fixes
@@ -0,0 +1,24 @@
+{
+  "notice": "永久专业版上线，新用户立减50，升级到最新版点击下方“立即赞助”按钮前往获取",
+  "plus": {
+    "name": "专业版",
+    "price": "89.9",
+    "price3": "199",
+    "tooltip": "开源需要您的赞助支持",
+	"priceText":"¥89.9/年",
+	"discountText":"永久专业版50优惠券立即领取"
+  },
+  "comm": {
+    "name": "商业版",
+    "price": "399",
+    "price3": "899",
+    "tooltip": "3年优惠300",
+	"priceText":"¥399/年",
+	"discountText":"¥899/3年（3年优惠300）"
+  },
+  "app":{
+	  "minVersion":"1.36.0",
+	  "minVersionTip":"版本过低，为了您的数据安全，请尽快升级"
+  }
+  
+}
@@ -52,3 +52,11 @@ service:
 3. DNS 有其他平台申请过的_acme-challenge记录，删除即可


+## 7. DNS problem: NXDOMAIN looking up TXT for  _acme-challenge.xxx 
+`
+DNS problem: NXDOMAIN looking up TXT for  _acme-challenge.xxxxx - check that a DNS record exists for this domain
+`
+证书颁发机构向域名ns查询TXT验证记录失败，有以下几种可能
+1、域名的ns服务器修改成别的了，但申请证书时的DNS提供商选择错误（检查确认，配置正确的DNS提供商）
+2、证书颁发机构与ns域名服务器之间访问不通，无法查询到TXT记录（尝试更换证书颁发机构）
+3、ns服务商解析值生效慢（尝试修改证书申请任务里面的等待生效时长600-1000s）
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+    "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -47,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -56,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -32,5 +32,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -38,5 +38,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -57,5 +57,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "84291482732687cc8162c6505666ba2b29b02918"
+  "gitHead": "eeb1f27fa47ddc616451f3e5a8fb8d1de345d252"
 }
@@ -120,7 +120,7 @@ export default {
  },
  customPipeline: "自定义流水线",
  createCertdPipeline: "创建证书流水线",
-  commercialCertHosting: "商用证书托管",
+  commercialCertHosting: "已有证书托管",
  tooltip: {
    manualUploadOwnCert: "手动上传自有证书，执行自动部署",
    noAutoApplyCommercialCert: "并不能自动申请商业证书",
@@ -4,7 +4,7 @@ default:
    runStrategy: 0
 name: CertApplyUpload
 icon: ph:certificate
-title: 商用证书托管
+title: 已有证书托管
 group: cert
 desc: 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次）
 shortcut:
@@ -9,6 +9,7 @@ import { Application } from '@midwayjs/koa';
 import { httpsServer, HttpsServerOptions } from './https/server.js';
 import { UserService } from '../sys/authority/service/user-service.js';
 import { UserSettingsService } from '../mine/service/user-settings-service.js';
+import { startProxyServer } from './proxy/server.js';

@Autoload()
@Scope(ScopeEnum.Request, { allowDowngrade: true })
@@ -37,6 +38,7 @@ export class AutoZPrint {
  async init() {
    //监听https
    this.startHttpsServer();
+    // this.startProxyServer();
    logger.info("ENV:", process.env.NODE_ENV);
    if (isDev()) {
      this.startHeapLog();
@@ -97,4 +99,8 @@ export class AutoZPrint {
      hostname: this.httpsConfig.hostname || this.koaConfig.hostname,
    });
  }
+
+  startProxyServer() {
+    startProxyServer({port: 7003});
+  }
 }
@@ -0,0 +1,88 @@
+// proxy-server.js
+import http from 'http';
+import https from 'https';
+import url from 'url';
+import net from 'net';
+import { logger } from '@certd/basic';
+
+
+export function startProxyServer(opts:{port:number}) {
+  const {port} = opts;
+
+  // 创建 HTTP 代理服务器
+  const proxyServer = http.createServer((clientReq, clientRes) => {
+    logger.log(`[proxy] 收到请求: ${clientReq.method} ${clientReq.url}`);
+
+    // 解析请求的 URL
+    const parsedUrl = url.parse(clientReq.url);
+    const options = {
+      hostname: parsedUrl.hostname,
+      port: parsedUrl.port || (parsedUrl.protocol === 'https:' ? 443 : 80),
+      path: parsedUrl.path,
+      method: clientReq.method,
+      headers: clientReq.headers
+    };
+
+    // 根据协议选择不同的模块
+    const protocol = parsedUrl.protocol === 'https:' ? https : http;
+
+    // 移除可能会引起问题的 headers
+    delete options.headers['proxy-connection'];
+    delete options.headers['connection'];
+    delete options.headers['keep-alive'];
+
+    // 创建到目标服务器的请求
+    const proxyReq = protocol.request(options, (proxyRes) => {
+      // 将目标服务器的响应返回给客户端
+      clientRes.writeHead(proxyRes.statusCode, proxyRes.headers);
+      proxyRes.pipe(clientRes);
+    });
+
+    proxyReq.on('error', (err) => {
+      logger.error('[proxy] 代理请求错误:', err);
+      clientRes.writeHead(500);
+      clientRes.end('代理服务器错误');
+    });
+
+    // 将客户端请求体转发到目标服务器
+    clientReq.pipe(proxyReq);
+  });
+
+  // 处理 CONNECT 方法（HTTPS 代理）
+  proxyServer.on('connect', (req, clientSocket, head) => {
+    logger.log(`[proxy] HTTPS 连接请求: ${req.url}`);
+
+    const [hostname, port] = req.url.split(':');
+    const portNum = parseInt(port) || 443;
+
+    // 连接到目标服务器
+    const serverSocket = net.connect(portNum, hostname, () => {
+      // 告诉客户端连接已建立
+      clientSocket.write('HTTP/1.1 200 Connection Established\r\n' +
+        'Proxy-agent: Node.js-Proxy\r\n' +
+        '\r\n');
+
+      // 建立双向数据流
+      serverSocket.write(head);
+      serverSocket.pipe(clientSocket);
+      clientSocket.pipe(serverSocket);
+    });
+
+    serverSocket.on('error', (err) => {
+      logger.error('[proxy] HTTPS 代理错误:', err);
+      clientSocket.end();
+    });
+
+    clientSocket.on('error', (err) => {
+      logger.error('[proxy] 客户端 socket 错误:', err);
+      serverSocket.end();
+    });
+  });
+
+  // 监听端口
+  proxyServer.listen(port, () => {
+     logger.info(`[proxy] 正向代理服务器运行在 http://0.0.0.0:${port}`);
+  });
+
+  return proxyServer
+}
@@ -6,7 +6,7 @@ import dayjs from "dayjs";
@IsTaskPlugin({
  name: "CertApplyUpload",
  icon: "ph:certificate",
-  title: "商用证书托管",
+  title: "已有证书托管",
  group: pluginGroups.cert.key,
  desc: "手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次）",
  default: {
@@ -44,7 +44,7 @@ export class XinnetAccess extends BaseAccess {
      name: "api-test",
      action: "TestRequest"
    },
-    helper: "点击测试接口是否正常"
+    helper: "测试前请务必先在新网后台关闭异地登录保护、关闭动态口令验证\n如果提示需要短信验证码，请等几个小时后再试"
  })
  testRequest = true;

@@ -57,7 +57,19 @@ export class XinnetProvider extends AbstractDnsProvider<XinnetRecord> {
    if (!res.list || res.list.length == 0) {
      throw new Error("域名不存在");
    }
-    const serviceCode = res.list[0].serviceCode;
+
+    let list = res.list.map((item) => ({
+      domainName: item.domainName,
+      serviceCode: item.serviceCode
+    }));
+    this.logger.info("域名列表:", JSON.stringify(list));
+
+    const domainItem = list.find((item) => item.domainName === domain);
+    if (!domainItem) {
+      throw new Error("域名（" + domain + "）不存在");
+    }
+
+    const serviceCode = domainItem.serviceCode;

    const dcpCookie = await client.getDcpCookie({
      serviceCode
@@ -49,7 +49,7 @@ importers:
  packages/core/acme-client:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../basic
      '@peculiar/x509':
        specifier: ^1.11.0
@@ -213,10 +213,10 @@ importers:
  packages/core/pipeline:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../basic
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/plus-core
      dayjs:
        specifier: ^1.11.7
@@ -412,7 +412,7 @@ importers:
  packages/libs/lib-k8s:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@kubernetes/client-node':
        specifier: 0.21.0
@@ -452,19 +452,19 @@ importers:
  packages/libs/lib-server:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/plus-core
      '@midwayjs/cache':
        specifier: 3.14.0
@@ -610,16 +610,16 @@ importers:
  packages/plugins/plugin-cert:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../plugin-lib
      psl:
        specifier: ^1.9.0
@@ -683,16 +683,16 @@ importers:
        specifier: ^3.964.0
        version: 3.964.0(aws-crt@1.26.2)
      '@certd/acme-client':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/plus-core
      '@kubernetes/client-node':
        specifier: 0.21.0
@@ -783,16 +783,16 @@ importers:
  packages/pro/commercial-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/lib-server':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-server
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../plus-core
      '@midwayjs/core':
        specifier: 3.20.11
@@ -865,16 +865,16 @@ importers:
  packages/pro/plugin-plus:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../plus-core
      crypto-js:
        specifier: ^4.2.0
@@ -950,7 +950,7 @@ importers:
  packages/pro/plus-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      dayjs:
        specifier: ^1.11.7
@@ -1246,10 +1246,10 @@ importers:
        version: 0.1.3(zod@3.24.4)
    devDependencies:
      '@certd/lib-iframe':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-iframe
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@rollup/plugin-commonjs':
        specifier: ^25.0.7
@@ -1438,46 +1438,46 @@ importers:
        specifier: ^3.964.0
        version: 3.964.0(aws-crt@1.26.2)
      '@certd/acme-client':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/basic
      '@certd/commercial-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/commercial-core
      '@certd/cv4pve-api-javascript':
        specifier: ^8.4.2
        version: 8.4.2
      '@certd/jdcloud':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-jdcloud
      '@certd/lib-huawei':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-huawei
      '@certd/lib-k8s':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-k8s
      '@certd/lib-server':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/lib-server
      '@certd/midway-flyway-js':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../libs/midway-flyway-js
      '@certd/pipeline':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../core/pipeline
      '@certd/plugin-cert':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../plugins/plugin-cert
      '@certd/plugin-lib':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../plugins/plugin-lib
      '@certd/plugin-plus':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/plugin-plus
      '@certd/plus-core':
-        specifier: ^1.38.3
+        specifier: ^1.38.5
        version: link:../../pro/plus-core
      '@google-cloud/publicca':
        specifier: ^1.3.0
@@ -19971,13 +19971,13 @@ snapshots:
      resolve: 1.22.10
      semver: 6.3.1

-  eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8):
+  eslint-plugin-prettier@3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8):
    dependencies:
      eslint: 7.32.0
      prettier: 2.8.8
      prettier-linter-helpers: 1.0.0
    optionalDependencies:
-      eslint-config-prettier: 8.10.0(eslint@7.32.0)
+      eslint-config-prettier: 8.10.0(eslint@8.57.0)

  eslint-plugin-prettier@4.2.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@8.57.0)(prettier@2.8.8):
    dependencies:
@@ -22377,7 +22377,7 @@ snapshots:
      eslint: 7.32.0
      eslint-config-prettier: 8.10.0(eslint@7.32.0)
      eslint-plugin-node: 11.1.0(eslint@7.32.0)
-      eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@7.32.0))(eslint@7.32.0)(prettier@2.8.8)
+      eslint-plugin-prettier: 3.4.1(eslint-config-prettier@8.10.0(eslint@8.57.0))(eslint@7.32.0)(prettier@2.8.8)
      execa: 5.1.1
      inquirer: 7.3.3
      json5: 2.2.3
@@ -1 +1 @@
-02:12
+00:04
@@ -1 +1 @@
-02:25
+00:18
Author	SHA1	Message	Date
xiaojunnuo	bd511f97cb	fix: 修复新网找错域名的bug	2026-02-03 18:28:41 +08:00
xiaojunnuo	560bf40e4b	chore: 1	2026-02-03 16:28:11 +08:00
xiaojunnuo	4f4652c1cd	docs: 1	2026-02-03 12:28:30 +08:00
xiaojunnuo	60e13c2a1d	Merge branch 'v2-dev' of https://github.com/certd/certd into v2-dev	2026-02-03 09:50:29 +08:00
xiaojunnuo	1fe0dc4d16	chore: 1	2026-02-03 09:50:23 +08:00
xiaojunnuo	181a1e3c0a	build: release	2026-02-03 00:18:06 +08:00
xiaojunnuo	6bba771856	build: publish	2026-02-03 00:04:32 +08:00
xiaojunnuo	921f1f42fb	build: trigger build image	2026-02-03 00:04:20 +08:00
@@ -1 +1 @@
 :12
 :04
@@ -1 +1 @@
 :25
 :18