v1.39.12

build: prepare to build
chore: 1
2026-05-16 13:17:29 +08:00 · 2026-04-29 23:10:25 +08:00 · 2026-04-29 23:06:41 +08:00 · 2026-04-29 23:06:34 +08:00 · 2026-04-29 00:12:48 +08:00 · 2026-04-29 00:12:07 +08:00
69 changed files with 818 additions and 447 deletions
@@ -65,6 +65,16 @@
            "console": "integratedTerminal",
            "internalConsoleOptions": "neverOpen"
        },
        {
            "name": "server-new",
            "type": "node",
            "request": "launch",
            "cwd": "${workspaceFolder}/packages/ui/certd-server",
            "runtimeExecutable": "pnpm",
            "runtimeArgs": ["dev-new"],
            "console": "integratedTerminal",
            "internalConsoleOptions": "neverOpen"
        },
        {
            "name": "server-local-plus",
            "type": "node",
@@ -3,6 +3,21 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Bug Fixes
 * 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
 * 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
 ### Performance Improvements
 * 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
 * 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
 * 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
 * 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
 * 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Bug Fixes
@@ -3,6 +3,32 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Bug Fixes
 * 修复列表页面底部滚动条与表格之间有空白间隙的bug ([71cfcad](https://github.com/certd/certd/commit/71cfcad2a15aac0badd85a10c4012a1e713654d1))
 * 修复流水线未编辑模式下也提示未保存的bug ([64a3503](https://github.com/certd/certd/commit/64a350364d820725b5e69d22ac2416809092f97d))
 * 修复商业版设置了公共eab，创建流水线仍然会显示需要配置eab的bug ([24dff05](https://github.com/certd/certd/commit/24dff05f6427dadec1e40350214c0167e1d6a73d))
 * 修复站点监控某些情况下获取不到证书的bug ([a2bbc7e](https://github.com/certd/certd/commit/a2bbc7e27298821d75a36abac6ec05d86dcf51f4))
 ### Performance Improvements
 *  支持google dns插件 ([edc7bfc](https://github.com/certd/certd/commit/edc7bfc23043c2c6ef5f3564392f8aac6661c4bf))
 * 阿里云waf支持云产品接入方式应用的证书部署 ([2f7514a](https://github.com/certd/certd/commit/2f7514a2e7d89a34f833401a983149e667da911b))
 * 模版创建流水线支持随机时间 ([575415b](https://github.com/certd/certd/commit/575415b93a3e10e1c6e5644f71ddc711ea6f8adc))
 * 商业版支持配置证书申请插件参数 ([7ac789c](https://github.com/certd/certd/commit/7ac789c9c7e91cdf08dfdae1bb49186552e370e3))
 * 添加全新的未登录首页和路由配置 ([d1988dc](https://github.com/certd/certd/commit/d1988dc982440472ecf61847ccad76e4c96a80fb))
 * 添加Azure DNS插件支持及文档 ([1f1d687](https://github.com/certd/certd/commit/1f1d6873172d71fadaa5a0005e1d6f3f528096fc))
 * 添加HiPMDnsmgr DNS提供商的支持 @WUHINS ([296dcab](https://github.com/certd/certd/commit/296dcab4c7c26cb3f9da1ff748cc6a6b7d83edda))
 * 为DNS解析器添加超时配置,避免查询时间过长 ([cc5154e](https://github.com/certd/certd/commit/cc5154e04e87f648111119b4eeb4e3cb4dd6cc41))
 * 优化权威域名服务器查询超时时长 ([77db5ec](https://github.com/certd/certd/commit/77db5ecd12c51293e4de178e43ca0067bc70b46d))
 * 支持部署到nginx-proxy-manager ([2e6e9ed](https://github.com/certd/certd/commit/2e6e9ed9255bcf178edb0eb00d93a7f13c214430))
 * 支持一键安装脚本 ([dc969dd](https://github.com/certd/certd/commit/dc969dd7edb6934a29d6657afefe6f8af056741c))
 * 支持主动修改绑定url地址 ([11b7cfe](https://github.com/certd/certd/commit/11b7cfe5cb7e88e6ebd68d53acb4e5b556550ca9))
 * apisix支持v2 ([23b4658](https://github.com/certd/certd/commit/23b465867244b199bab9b61863a5ca43644834a9))
 * **technitium:** 添加Technitium DNS Server插件支持 ([edeb817](https://github.com/certd/certd/commit/edeb817c39597e4fa73a17ff4ca3f712f0320fec))
 ## [1.39.10](https://github.com/certd/certd/compare/v1.39.9...v1.39.10) (2026-04-11)
 ### Bug Fixes
@@ -6,7 +6,7 @@
 |-----|-----|-----|
 | 1.| **证书申请（JS版）** | 免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
 | 2.| **已有证书托管** | 手动上传自定义证书后，自动部署（每次证书有更新，都需要手动上传一次） | 
-| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书 | 
+| 3.| **获取阿里云订阅证书** | 从阿里云拉取订阅模式的商用证书（支持 API 1.0 和 2.0） | 
 | 4.| **证书申请（Lego）** | 支持海量DNS解析提供商，推荐使用，一样的免费通配符域名证书申请，支持多个域名打到同一个证书上 | 
 ## 2. 主机
@@ -9,5 +9,5 @@
    }
  },
  "npmClient": "pnpm",
-  "version": "1.39.11"
+  "version": "1.39.12"
 }
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/publishlab/node-acme-client/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Performance Improvements
 * 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/publishlab/node-acme-client/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
 ## [1.39.11](https://github.com/publishlab/node-acme-client/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Performance Improvements
@@ -3,7 +3,7 @@
    "description": "Simple and unopinionated ACME client",
    "private": false,
    "author": "nmorsman",
-    "version": "1.39.11",
+    "version": "1.39.12",
    "type": "module",
    "module": "scr/index.js",
    "main": "src/index.js",
@@ -18,7 +18,7 @@
        "types"
    ],
    "dependencies": {
-        "@certd/basic": "^1.39.11",
+        "@certd/basic": "^1.39.12",
        "@peculiar/x509": "^1.11.0",
        "asn1js": "^3.0.5",
        "axios": "^1.9.0",
@@ -70,5 +70,5 @@
    "bugs": {
        "url": "https://github.com/publishlab/node-acme-client/issues"
    },
-    "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+    "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -494,7 +494,7 @@ class AcmeClient {
            throw new Error('Unable to verify ACME challenge, URL not found');
        }
-        const {challenges} = createChallengeFn({logger:this.logger});
+        const {challenges} = createChallengeFn({logger:this.logger,walkFromAuthoritative: this.opts.walkFromAuthoritative});
        const verify = challenges
        if (typeof verify[challenge.type] === 'undefined') {
@@ -252,7 +252,7 @@ async function resolveDomainBySoaRecord(recordName, logger = log) {
 async function getAuthoritativeDnsResolver(recordName, logger = log) {
    logger(`获取域名${recordName}的权威NS服务器: `);
-    const resolver = new dns.Resolver({ timeout: 10000,maxTimeout: 60000 });
+    const resolver = new dns.Resolver({timeout: 2000,tries: 2});
    try {
        /* Resolve root domain by SOA */
@@ -352,3 +352,5 @@ export {
    resolveDomainBySoaRecord
 };
@@ -4,19 +4,23 @@
 import dnsSdk from "dns"
 import https from 'https'
-import {log as defaultLog} from './logger.js'
+import { log as defaultLog } from './logger.js'
 import axios from './axios.js'
 import * as util from './util.js'
-import {isAlpnCertificateAuthorizationValid} from './crypto/index.js'
+import { isAlpnCertificateAuthorizationValid } from './crypto/index.js'
-import {utils} from '@certd/basic'
+import { utils } from '@certd/basic'
 const dns = dnsSdk.promises
 let walkFromAuthoritative = true
 export function setWalkFromAuthoritative(value = true) {
    walkFromAuthoritative = value
 }
-export function createChallengeFn(opts = {}){
+export function createChallengeFn(opts = {}) {
-    const logger = opts?.logger || {info:defaultLog,error:defaultLog,warn:defaultLog,debug:defaultLog}
+    const logger = opts?.logger || { info: defaultLog, error: defaultLog, warn: defaultLog, debug: defaultLog }
-    
+
-    const log = function(...args){
+    const log = function (...args) {
        logger.info(...args)
    }
    /**
@@ -31,201 +35,212 @@ export function createChallengeFn(opts = {}){
 * @returns {Promise<boolean>}
 */
-async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
+    async function verifyHttpChallenge(authz, challenge, keyAuthorization, suffix = `/.well-known/acme-challenge/${challenge.token}`) {
-    async function doQuery(challengeUrl){
+        async function doQuery(challengeUrl) {
-        log(`正在测试请求 ${challengeUrl} `)
+            log(`正在测试请求 ${challengeUrl} `)
-        // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
+            // const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
-        // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
+            // const challengeUrl = `https://${authz.identifier.value}:${httpsPort}${suffix}`;
-        /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
+            /* May redirect to HTTPS with invalid/self-signed cert - https://letsencrypt.org/docs/challenge-types/#http-01-challenge */
-        const httpsAgent = new https.Agent({ rejectUnauthorized: false });
+            const httpsAgent = new https.Agent({ rejectUnauthorized: false });
            log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
            let data = ""
            try {
                const resp = await axios.get(challengeUrl, { httpsAgent });
                data = (resp.data || '').replace(/\s+$/, '');
            } catch (e) {
                log(`[error] HTTP request error from ${authz.identifier.value}`, e.message);
                return false
            }
            if (!data || (data !== keyAuthorization)) {
                log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
                return false
            }
            return true
        log(`Sending HTTP query to ${authz.identifier.value}, suffix: ${suffix}, port: ${httpPort}`);
        let data = ""
        try{
            const resp = await axios.get(challengeUrl, { httpsAgent });
            data = (resp.data || '').replace(/\s+$/, '');
        }catch (e) {
            log(`[error] HTTP request error from ${authz.identifier.value}`,e.message);
            return false
        }
-        if (!data || (data !== keyAuthorization)) {
+        const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
-            log(`[error] Authorization not found in HTTP response from ${authz.identifier.value}`);
+        let host = authz.identifier.value;
-            return false
+        if (utils.domain.isIpv6(host)) {
            host = `[${host}]`;
        }
-        return true
+        const challengeUrl = `http://${host}:${httpPort}${suffix}`;
-    }
+        if (!await doQuery(challengeUrl)) {
-
+            const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
-    const httpPort = axios.defaults.acmeSettings.httpChallengePort || 80;
+            const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
-    let host = authz.identifier.value;
+            const res = await doQuery(httpsChallengeUrl)
-    if(utils.domain.isIpv6(host)){
+            if (!res) {
-        host = `[${host}]`;
+                throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
-    }
+            }
    const challengeUrl = `http://${host}:${httpPort}${suffix}`;
    if (!await doQuery(challengeUrl)) {
        const httpsPort = axios.defaults.acmeSettings.httpsChallengePort || 443;
        const httpsChallengeUrl = `https://${host}:${httpsPort}${suffix}`;
        const res = await doQuery(httpsChallengeUrl)
        if (!res) {
            throw new Error(`[error] 验证失败，请检查以上测试url是否可以正常访问`);
        }
        log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
        return true;
    }
    /**
     * Walk DNS until TXT records are found
     */
-    log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
+    async function walkDnsChallengeRecord(recordName, resolver = dns, deep = 0) {
    return true;
 }
-/**
+        let records = [];
 * Walk DNS until TXT records are found
 */
-async function walkDnsChallengeRecord(recordName, resolver = dns,deep = 0) {
+        const isAuthoritative = resolver === dns
-
+        /* Resolve TXT records */
-    let records = [];
+        try {
-
+            log(`检查域名 ${recordName} 的TXT记录(from ${isAuthoritative ? '本地DNS' : '权威DNS服务器'})`);
-    /* Resolve TXT records */
+            const txtRecords = await resolver.resolveTxt(recordName);
-    try {
+            if (txtRecords && txtRecords.length) {
-        log(`检查域名 ${recordName} 的TXT记录`);
+                log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
-        const txtRecords = await resolver.resolveTxt(recordName);
+                log(`TXT records: ${JSON.stringify(txtRecords)}`);
-        if (txtRecords && txtRecords.length) {
+                records = records.concat(...txtRecords);
-            log(`找到 ${txtRecords.length} 条 TXT记录（ ${recordName}）`);
+            }
-            log(`TXT records: ${JSON.stringify(txtRecords)}`);
+        } catch (e) {
-            records = records.concat(...txtRecords);
+            log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
        }
-    } catch (e) {
+
-        log(`解析 TXT 记录出错, ${recordName} :${e.message}`);
+        /* Resolve CNAME record first */
        try {
            log(`检查是否存在CNAME映射: ${recordName}`);
            const cnameRecords = await resolver.resolveCname(recordName);
            if (cnameRecords.length) {
                const cnameRecord = cnameRecords[0];
                log(`已找到${recordName}的CNAME记录，将检查: ${cnameRecord}`);
                let res = await walkTxtRecord(cnameRecord, deep + 1);
                if (res && res.length) {
                    log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
                    records = records.concat(...res);
                }
            } else {
                log(`没有CNAME映射（${recordName}）`);
            }
        } catch (e) {
            log(`检查CNAME出错（${recordName}） :${e.message}`);
        }
        return records
    }
-    /* Resolve CNAME record first */
+    async function walkTxtRecord(recordName, deep = 0) {
-    try {
+        if (deep > 5) {
-        log(`检查是否存在CNAME映射: ${recordName}`);
+            log(`walkTxtRecord too deep (#${deep}) , skip walk`)
-        const cnameRecords = await resolver.resolveCname(recordName);
+            return []
        }
-        if (cnameRecords.length) {
+        const txtRecords = []
-            const cnameRecord = cnameRecords[0];
+        try {
-            log(`已找到${recordName}的CNAME记录，将检查: ${cnameRecord}`);
+            /* Default DNS resolver first */
-            let res= await  walkTxtRecord(cnameRecord,deep+1);
+            log('从本地DNS服务器获取TXT解析记录');
-            if (res && res.length) {
+            const res = await walkDnsChallengeRecord(recordName, dns, deep);
-                log(`从CNAME中找到TXT记录: ${JSON.stringify(res)}`);
+            if (res && res.length > 0) {
-                records = records.concat(...res);
+                for (const item of res) {
                    txtRecords.push(item)
                }
            }
        } catch (e) {
            log(`本地获取TXT解析记录失败:${e.message}`)
        }
        if (walkFromAuthoritative !==false) {
            try {
                /* Authoritative DNS resolver */
                log(`从域名权威服务器获取TXT解析记录`);
                const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName, log);
                const res = await walkDnsChallengeRecord(recordName, authoritativeResolver, deep);
                if (res && res.length > 0) {
                    for (const item of res) {
                        txtRecords.push(item)
                    }
                }
            } catch (e) {
                log(`权威服务器获取TXT解析记录失败:${e.message}`)
            }
        }else{
-            log(`没有CNAME映射（${recordName}）`);
+            log(`跳过从权威服务器获取TXT解析记录`);
        }
    } catch (e) {
        log(`检查CNAME出错（${recordName}） :${e.message}`);
    }
    return records
 }
 async function walkTxtRecord(recordName,deep = 0) {
    if(deep >5){
        log(`walkTxtRecord too deep (#${deep}) , skip walk`)
        return []
    }
    const txtRecords = []
    try {
        /* Default DNS resolver first */
        log('从本地DNS服务器获取TXT解析记录');
        const res = await walkDnsChallengeRecord(recordName,dns,deep);
        if (res && res.length > 0) {
            for (const item of res) {
                txtRecords.push(item)
            }
        }
    } catch (e) {
        log(`本地获取TXT解析记录失败:${e.message}`)
    }
-    try{
+        if (txtRecords.length === 0) {
-        /* Authoritative DNS resolver */
+            throw new Error(`没有找到TXT解析记录（${recordName}）`);
        log(`从域名权威服务器获取TXT解析记录`);
        const authoritativeResolver = await util.getAuthoritativeDnsResolver(recordName,log);
        const res = await walkDnsChallengeRecord(recordName, authoritativeResolver,deep);
        if (res && res.length > 0) {
            for (const item of res) {
                txtRecords.push(item)
            }
        }
-    }catch (e) {
+        return txtRecords;
        log(`权威服务器获取TXT解析记录失败:${e.message}`)
    }
-    if (txtRecords.length === 0) {
+    /**
-        throw new Error(`没有找到TXT解析记录（${recordName}）`);
+     * Verify ACME DNS challenge
-    }
+     *
-    return txtRecords;
+     * https://datatracker.ietf.org/doc/html/rfc8555#section-8.4
-}
+     *
     * @param {object} authz Identifier authorization
     * @param {object} challenge Authorization challenge
     * @param {string} keyAuthorization Challenge key authorization
     * @param {string} [prefix] DNS prefix
     * @returns {Promise<boolean>}
     */
-/**
+    async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
- * Verify ACME DNS challenge
+        const recordName = `${prefix}${authz.identifier.value}`;
- *
+        log(`本地校验TXT记录）: ${recordName}`);
- * https://datatracker.ietf.org/doc/html/rfc8555#section-8.4
+        let recordValues = await walkTxtRecord(recordName, 0, walkFromAuthoritative);
- *
+        //去重
- * @param {object} authz Identifier authorization
+        recordValues = [...new Set(recordValues)];
- * @param {object} challenge Authorization challenge
+        log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
- * @param {string} keyAuthorization Challenge key authorization
+        if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
- * @param {string} [prefix] DNS prefix
+            const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
- * @returns {Promise<boolean>}
+            throw new Error(err);
- */
+        }
-async function verifyDnsChallenge(authz, challenge, keyAuthorization, prefix = '_acme-challenge.') {
+        log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
-    const recordName = `${prefix}${authz.identifier.value}`;
+        return true;
    log(`本地校验TXT记录）: ${recordName}`);
    let recordValues = await walkTxtRecord(recordName);
    //去重
    recordValues = [...new Set(recordValues)];
    log(`DNS查询成功, 找到 ${recordValues.length} 条TXT记录：${recordValues}`);
    if (!recordValues.length || !recordValues.includes(keyAuthorization)) {
        const err = `没有找到需要的DNS TXT记录: ${recordName}，期望:${keyAuthorization},结果:${recordValues}`
        throw new Error(err);
    }
-    log(`关键授权匹配成功（${challenge.type}/${recordName}）:${keyAuthorization}，校验成功， ACME challenge verified`);
+    /**
-    return true;
+     * Verify ACME TLS ALPN challenge
-}
+     *
     * https://datatracker.ietf.org/doc/html/rfc8737
     *
     * @param {object} authz Identifier authorization
     * @param {object} challenge Authorization challenge
     * @param {string} keyAuthorization Challenge key authorization
     * @returns {Promise<boolean>}
     */
-/**
+    async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
- * Verify ACME TLS ALPN challenge
+        const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
- *
+        const host = authz.identifier.value;
- * https://datatracker.ietf.org/doc/html/rfc8737
+        log(`Establishing TLS connection with host: ${host}:${tlsAlpnPort}`);
 *
 * @param {object} authz Identifier authorization
 * @param {object} challenge Authorization challenge
 * @param {string} keyAuthorization Challenge key authorization
 * @returns {Promise<boolean>}
 */
-async function verifyTlsAlpnChallenge(authz, challenge, keyAuthorization) {
+        const certificate = await util.retrieveTlsAlpnCertificate(host, tlsAlpnPort);
-    const tlsAlpnPort = axios.defaults.acmeSettings.tlsAlpnChallengePort || 443;
+        log('Certificate received from server successfully, matching key authorization in ALPN');
    const host = authz.identifier.value;
    log(`Establishing TLS connection with host: ${host}:${tlsAlpnPort}`);
-    const certificate = await util.retrieveTlsAlpnCertificate(host, tlsAlpnPort);
+        if (!isAlpnCertificateAuthorizationValid(certificate, keyAuthorization)) {
-    log('Certificate received from server successfully, matching key authorization in ALPN');
+            throw new Error(`Authorization not found in certificate from ${authz.identifier.value}`);
        }
-    if (!isAlpnCertificateAuthorizationValid(certificate, keyAuthorization)) {
+        log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
-        throw new Error(`Authorization not found in certificate from ${authz.identifier.value}`);
+        return true;
    }
    log(`Key authorization match for ${challenge.type}/${authz.identifier.value}, ACME challenge verified`);
    return true;
 }
    return {
-        challenges:{
+        challenges: {
            'http-01': verifyHttpChallenge,
            'dns-01': verifyDnsChallenge,
            'tls-alpn-01': verifyTlsAlpnChallenge,
        },
        walkTxtRecord,
        walkDnsChallengeRecord,
    }
-}
+}
 // createChallengeFn({logger:{info:console.log}}).walkDnsChallengeRecord("handsfree.work")
@@ -219,4 +219,6 @@ export function getAuthoritativeDnsResolver(record:string): Promise<any>;
 export const CancelError: typeof CancelError;
-export function resolveDomainBySoaRecord(domain: string): Promise<string>;
+export function resolveDomainBySoaRecord(domain: string): Promise<string>;
 export function setWalkFromAuthoritative(value = true): void;
@@ -3,6 +3,12 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Performance Improvements
 * 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/basic
@@ -1 +1 @@
-13:28
+23:06
@@ -1,7 +1,7 @@
 {
  "name": "@certd/basic",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -47,5 +47,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -111,8 +111,13 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
      if (config.logData == null) {
        config.logData = false;
      }
      if (config.logReq == null) {
        config.logReq = true;
      }
-      logger.info(`http request:${config.url}，method:${config.method}`);
+      if (config.logReq !== false) {
        logger.info(`http request:${config.url}，method:${config.method}`);
      }
      if (config.logParams !== false && config.params) {
        logger.info(`params:${JSON.stringify(config.params)}`);
      }
@@ -151,10 +156,11 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
      config.retry = merge(
        {
-          status: [421],
+          status: [421, 524],
          count: 0,
          max: 3,
-          delay: 1000,
+          delay: 2000,
          includes: ["[524]"],
        },
        config.retry
      );
@@ -273,7 +279,19 @@ export function createAxiosService({ logger }: { logger: ILogger }) {
      const originalRequest = error.config || {};
      // logger.info(`config`, originalRequest);
      const retry = originalRequest.retry || {};
-      if (retry.status && retry.status.includes(status)) {
+
      const isRetryStatus = retry.status && retry.status.includes(status);
      let isRetryMessage = false;
      if (retry.includes) {
        for (const item of retry.includes) {
          if (error.message?.includes(item)) {
            isRetryMessage = true;
            break;
          }
        }
      }
      if (isRetryStatus || isRetryMessage) {
        if (retry.max > 0 && retry.count < retry.max) {
          // 重试次数增加
          retry.count++;
@@ -301,6 +319,7 @@ export type HttpClientResponse<R> = any;
 export type HttpRequestConfig<D = any> = {
  skipSslVerify?: boolean;
  skipCheckRes?: boolean;
  logReq?: boolean;
  logParams?: boolean;
  logRes?: boolean;
  logData?: boolean;
@@ -3,6 +3,13 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Performance Improvements
 * 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
 * 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Performance Improvements
@@ -1,7 +1,7 @@
 {
  "name": "@certd/pipeline",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,8 +18,8 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
-    "@certd/plus-core": "^1.39.11",
+    "@certd/plus-core": "^1.39.12",
    "dayjs": "^1.11.7",
    "lodash-es": "^4.17.21",
    "reflect-metadata": "^0.1.13"
@@ -45,5 +45,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -23,6 +23,7 @@ export type ExecutorOptions = {
  pipeline: Pipeline;
  storage: IStorage;
  onChanged: (history: RunHistory) => Promise<void>;
  onFinished: (history: RunHistory) => Promise<void>;
  accessService: IAccessService;
  emailService: IEmailService;
  notificationService: INotificationService;
@@ -47,16 +48,19 @@ export class Executor {
  lastRuntime!: RunHistory;
  options: ExecutorOptions;
  abort: AbortController = new AbortController();
  _inited = false;
  onChanged: (history: RunHistory) => Promise<void>;
  onFinished: (history: RunHistory) => Promise<void>;
  constructor(options: ExecutorOptions) {
    this.options = options;
    this.pipeline = cloneDeep(options.pipeline);
    this.onChanged = async (history: RunHistory) => {
      await options.onChanged(history);
    };
    this.onFinished = async (history: RunHistory) => {
      await options.onFinished(history);
    };
    this.pipeline.userId = options.user.id;
    this.contextFactory = new ContextFactory(options.storage);
    this.logger = logger;
@@ -77,7 +81,7 @@ export class Executor {
  async cancel() {
    this.abort.abort();
    this.runtime?.cancel(this.pipeline);
-    await this.onChanged(this.runtime);
+    await this.onFinished(this.runtime);
  }
  async run(runtimeId: any = 0, triggerType: string) {
@@ -111,7 +115,7 @@ export class Executor {
      this.logger.error("pipeline 执行失败", e);
    } finally {
      clearInterval(intervalFlushLogId);
-      await this.onChanged(this.runtime);
+      await this.onFinished(this.runtime);
      //保存之前移除logs
      const lastRuntime: any = {
        ...this.runtime,
@@ -87,6 +87,7 @@ export type Notification = {
  options?: EmailOptions;
  notificationId: number;
  title: string;
  id: string;
 };
 export type Pipeline = Runnable & {
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/lib-huawei
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/lib-huawei
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-huawei",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
  "types": "./dist/d/index.d.ts",
@@ -24,5 +24,5 @@
    "prettier": "^2.8.8",
    "tslib": "^2.8.1"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/lib-iframe
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/lib-iframe
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-iframe",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -31,5 +31,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/jdcloud
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/jdcloud
@@ -1,6 +1,6 @@
 {
  "name": "@certd/jdcloud",
-  "version": "1.39.11",
+  "version": "1.39.12",
  "description": "jdcloud openApi sdk",
  "main": "./dist/bundle.js",
  "module": "./dist/bundle.js",
@@ -56,5 +56,5 @@
      "fetch"
    ]
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/lib-k8s
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/lib-k8s
@@ -1,7 +1,7 @@
 {
  "name": "@certd/lib-k8s",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "module": "./dist/index.js",
@@ -18,7 +18,7 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
    "@kubernetes/client-node": "0.21.0"
  },
  "devDependencies": {
@@ -33,5 +33,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,13 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Performance Improvements
 * 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
 * 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@certd/lib-server",
-  "version": "1.39.11",
+  "version": "1.39.12",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -28,11 +28,11 @@
  ],
  "license": "AGPL",
  "dependencies": {
-    "@certd/acme-client": "^1.39.11",
+    "@certd/acme-client": "^1.39.12",
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
-    "@certd/pipeline": "^1.39.11",
+    "@certd/pipeline": "^1.39.12",
-    "@certd/plugin-lib": "^1.39.11",
+    "@certd/plugin-lib": "^1.39.12",
-    "@certd/plus-core": "^1.39.11",
+    "@certd/plus-core": "^1.39.12",
    "@midwayjs/cache": "3.14.0",
    "@midwayjs/core": "3.20.11",
    "@midwayjs/i18n": "3.20.13",
@@ -64,5 +64,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -29,6 +29,7 @@ export class SysPublicSettings extends BaseSettings {
  managerOtherUserPipeline = false;
  icpNo?: string;
  mpsNo?: string;
  customFooter?: string;
  robots?: boolean = true;
  aiChatEnabled = true;
@@ -92,6 +93,9 @@ export class SysPrivateSettings extends BaseSettings {
  environmentVars?: string = '';
  acmeWalkFromAuthoritative?: boolean = true;
  sms?: {
    type?: string;
    config?: any;
@@ -4,7 +4,7 @@ import { Repository } from 'typeorm';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
 import { BaseSettings, SysInstallInfo, SysPrivateSettings, SysPublicSettings, SysSecret, SysSecretBackup } from './models.js';
-import { getAllSslProviderDomains, setSslProviderReverseProxies } from '@certd/acme-client';
+import { getAllSslProviderDomains, setSslProviderReverseProxies, setWalkFromAuthoritative } from '@certd/acme-client';
 import { cache, logger, mergeUtils, setGlobalProxy } from '@certd/basic';
 import { isPlus } from '@certd/plus-core';
 import * as dns from 'node:dns';
@@ -180,6 +180,9 @@ export class SysSettingsService extends BaseService<SysSettingsEntity> {
    //加载环境变量
    this.setEnvironmentVars(privateSetting.environmentVars);
    setWalkFromAuthoritative(privateSetting.acmeWalkFromAuthoritative);
  }
  setEnvironmentVars(vars: string) {
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/midway-flyway-js
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/midway-flyway-js
@@ -1,6 +1,6 @@
 {
  "name": "@certd/midway-flyway-js",
-  "version": "1.39.11",
+  "version": "1.39.12",
  "description": "midway with flyway, sql upgrade way ",
  "private": false,
  "type": "module",
@@ -46,5 +46,5 @@
    "typeorm": "^0.3.11",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/plugin-cert
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 **Note:** Version bump only for package @certd/plugin-cert
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-cert",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -17,10 +17,10 @@
    "compile": "tsc --skipLibCheck --watch"
  },
  "dependencies": {
-    "@certd/acme-client": "^1.39.11",
+    "@certd/acme-client": "^1.39.12",
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
-    "@certd/pipeline": "^1.39.11",
+    "@certd/pipeline": "^1.39.12",
-    "@certd/plugin-lib": "^1.39.11",
+    "@certd/plugin-lib": "^1.39.12",
    "psl": "^1.9.0",
    "punycode.js": "^2.3.1"
  },
@@ -38,5 +38,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,10 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 **Note:** Version bump only for package @certd/plugin-lib
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Performance Improvements
@@ -1,7 +1,7 @@
 {
  "name": "@certd/plugin-lib",
  "private": false,
-  "version": "1.39.11",
+  "version": "1.39.12",
  "type": "module",
  "main": "./dist/index.js",
  "types": "./dist/index.d.ts",
@@ -22,10 +22,10 @@
    "@alicloud/pop-core": "^1.7.10",
    "@alicloud/tea-util": "^1.4.11",
    "@aws-sdk/client-s3": "^3.964.0",
-    "@certd/acme-client": "^1.39.11",
+    "@certd/acme-client": "^1.39.12",
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
-    "@certd/pipeline": "^1.39.11",
+    "@certd/pipeline": "^1.39.12",
-    "@certd/plus-core": "^1.39.11",
+    "@certd/plus-core": "^1.39.12",
    "@kubernetes/client-node": "0.21.0",
    "ali-oss": "^6.22.0",
    "basic-ftp": "^5.0.5",
@@ -57,5 +57,5 @@
    "tslib": "^2.8.1",
    "typescript": "^5.4.2"
  },
-  "gitHead": "112a565bf74c50e16c27a2c0a716588f84f39789"
+  "gitHead": "ec466dc818eace59825d8ae2ebbc9fc75a94a6b0"
 }
@@ -3,6 +3,18 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Bug Fixes
 * 调整手机版首页标题被挤开的bug ([eab66e2](https://github.com/certd/certd/commit/eab66e2d1988635985745f2d1b227b958969ee00))
 ### Performance Improvements
 * 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
 * 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求 ([1aa50cf](https://github.com/certd/certd/commit/1aa50cf53a0deab752f35ec973912e41ab8161b6))
 * 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Bug Fixes
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-client",
-  "version": "1.39.11",
+  "version": "1.39.12",
  "private": true,
  "scripts": {
    "dev": "vite --open",
@@ -106,8 +106,8 @@
    "zod-defaults": "^0.1.3"
  },
  "devDependencies": {
-    "@certd/lib-iframe": "^1.39.11",
+    "@certd/lib-iframe": "^1.39.12",
-    "@certd/pipeline": "^1.39.11",
+    "@certd/pipeline": "^1.39.12",
    "@rollup/plugin-commonjs": "^25.0.7",
    "@rollup/plugin-node-resolve": "^15.2.3",
    "@types/chai": "^4.3.12",
@@ -20,5 +20,6 @@ export async function getTodayVipOrderCount() {
  return await request({
    url: "/sys/plus/getTodayVipOrderCount",
    method: "post",
    showErrorNotify: false,
  });
 }
@@ -1,31 +1,5 @@
 <template>
  <div class="mt-10 vip-active-modal">
    <div v-if="todayOrderCount.enabled" class="order-count hidden md:flex">
      <div v-for="(stage, index) in todayOrderCount.stages" :key="index" class="status-item" :class="{ 'status-show': TodayVipOrderCountRef.current === index }">
        <div class="background">
          <img :src="stage.bg" alt="" />
        </div>
        <div class="flex flex-col order-count-text weight-bold">
          <div class="count-text ml-4 flex items-center">
            <fs-icon icon="noto:fire" class="fs-20 mr-2"></fs-icon>
            <template v-if="stage.vipTotal > 0">
              <span> 已有 </span>
              <span class="count-number color-red font-bold text-2xl ml-1 mr-1"> {{ stage.vipTotal }} </span> 位小伙伴赞助，
              <span>
                {{ stage.title }}
              </span>
            </template>
            <template v-else>
              <span> 今日赞助 </span>
              <span class="count-number color-red font-bold text-2xl ml-1 mr-1"> {{ stage.orderCount }} </span> 人，
              <span>
                {{ stage.title }}
              </span>
            </template>
          </div>
        </div>
      </div>
    </div>
    <div v-if="productInfo.notice" class="mt-10">
      <a-alert type="error" :message="productInfo.notice"></a-alert>
    </div>
@@ -248,73 +222,35 @@ const vipTypeDefine: any = {
 const TodayVipOrderCountRef: Ref = ref({ enabled: false, current: 0, stages: [] });
 async function getTodayVipOrderCount() {
-  const res = await api.getTodayVipOrderCount();
+  try {
-  if (res) {
+    const res = await api.getTodayVipOrderCount();
-    TodayVipOrderCountRef.value = res;
+    if (res) {
-    TodayVipOrderCountRef.value.current = 0;
+      TodayVipOrderCountRef.value = res;
      TodayVipOrderCountRef.value.current = 0;
    }
  } catch (error) {
    console.error(error);
  }
 }
 const todayOrderCount = computed(() => {
  const countInfo = TodayVipOrderCountRef.value;
  const enabled = countInfo?.enabled || false;
  const orderCount = countInfo?.orderCount || 0;
  for (const stage of countInfo?.stages) {
    stage.orderCount = stage.countGe || 0;
  }
  const lastStage = countInfo?.stages?.[countInfo?.stages?.length - 1] || {};
  lastStage.orderCount = orderCount;
  const vipTotal = countInfo?.vipTotal || 0;
  const showVipTotal = countInfo?.showVipTotal || false;
  const userTotal = countInfo?.userTotal || 0;
  const stages: any = [];
  stages.push({
    title: countInfo.title,
    vipTotal: countInfo?.vipTotal || 0,
    orderCount: orderCount,
    bg: lastStage.bg,
    showVipTotal: showVipTotal,
  });
  if (lastStage.orderCount > 0) {
    stages.push(lastStage);
  }
  return {
    enabled: enabled,
    stages: stages,
    showVipTotal: showVipTotal,
    vipTotal: vipTotal,
    userTotal: userTotal,
  };
 });
 async function scrollOrderCount() {
  const stages = todayOrderCount.value.stages;
  if (stages.length === 0) {
    return;
  }
  let index = 0;
  const doScroll = () => {
    TodayVipOrderCountRef.value.current = index;
    index++;
    if (index >= stages.length) {
      index = 0;
    }
  };
  doScroll();
  scrollOrderCountIntervalRef.value = setInterval(doScroll, 7000);
 }
 const scrollOrderCountIntervalRef: Ref = ref(null);
 onMounted(async () => {
  await getTodayVipOrderCount();
  await nextTick();
  await scrollOrderCount();
 });
-onUnmounted(() => {
+onUnmounted(() => {});
  clearInterval(scrollOrderCountIntervalRef.value);
 });
 </script>
 <style lang="less">
@@ -3,7 +3,7 @@
    <div class="flex items-center">
      <span v-if="!settingStore.isComm">
        <span>Powered by</span>
-        <a> handsfree.work </a>
+        <a href="https://certd.docmirror.cn/" target="_blank"> handfree.work </a>
        <a-divider type="vertical" />
      </span>
@@ -21,7 +21,12 @@
      <span v-if="sysPublic.mpsNo">
        <a href="http://www.beian.gov.cn/portal/registerSystemInfo" target="_blank">{{ sysPublic.mpsNo }}</a>
        <a-divider type="vertical" />
      </span>
      <template v-if="sysPublic.customFooter && settingStore.isPlus">
        <div v-html="sysPublic.customFooter"></div>
      </template>
    </div>
    <div class="ml-5">v{{ version }}</div>
  </div>
@@ -75,7 +75,7 @@
        <div>
          <span v-if="!settingStore.isComm">
            <span>Powered by</span>
-            <a> handfree.work </a>
+            <a href="https://certd.docmirror.cn/" target="_blank"> handfree.work </a>
          </span>
          <template v-if="siteInfo.licenseTo">
@@ -749,6 +749,18 @@ export default {
      pipelineValidTimeEnabledHelper: "Whether to enable the valid time of the pipeline",
      certDomainAddToMonitorEnabled: "Add Domain to Certificate Monitor",
      certDomainAddToMonitorEnabledHelper: "Whether to add the domain to the certificate monitor",
      defaultCertRenewDays: "Default Certificate Renew Days",
      defaultCertRenewDaysHelper: "Default certificate renewal days, helpful for table list progress bar display",
      defaultCertRenewDaysRecommend: "Recommend 15",
      pipelineMaxRunningCount: "Max Running Count",
      pipelineMaxRunningCountHelper: "Max running count of the pipeline",
      pipelineMaxRunningCountRecommend: "Recommend 5-15, default 10",
      acmeWalkFromAuthoritative: "Check TXT Record from Authoritative NS",
      acmeWalkFromAuthoritativeHelper: "Apply certificate when whether to check the TXT record from authoritative NS server first",
      fixedCertExpireDays: "Fixed Cert Expire Days",
      fixedCertExpireDaysHelper: "Fixed cert expiration days, helpful for table list progress bar display",
      fixedCertExpireDaysRecommend: "Recommend 90",
@@ -760,6 +760,8 @@ export default {
      pipelineMaxRunningCount: "同时最大运行流水线数量",
      pipelineMaxRunningCountHelper: "同一个用户同时运行的最大流水线数量，避免同时触发太多导致ACME账户被限制",
      pipelineMaxRunningCountRecommend: "推荐5-15，默认10",
      acmeWalkFromAuthoritative: "从权威NS检查TXT记录",
      acmeWalkFromAuthoritativeHelper: "申请证书时，是否从权威NS服务器检查TXT记录，如果影响申请证书，可以关闭",
      fixedCertExpireDays: "固定证书有效期天数",
      fixedCertExpireDaysHelper: "固定证书有效期天数，有助于列表进度条整齐显示",
@@ -800,6 +802,10 @@ export default {
      noticeHelper: "系统公告，将在首页显示",
      noticePlaceholder: "系统公告",
      customFooter: "自定义页脚",
      customFooterHelper: "自定义页脚，支持HTML",
      customFooterPlaceholder: "自定义页脚",
      reverseProxy: "反向代理列表",
      reverseProxyHelper: "证书颁发机构ACME地址的反向代理，在申请证书时自动使用",
      reverseProxyPlaceholder: "http://le.px.handfree.work",
@@ -807,6 +813,7 @@ export default {
      environmentVars: "环境变量",
      environmentVarsHelper: "配置运行时环境变量，每行一个，格式：KEY=VALUE",
      bindUrl: "绑定URL",
      bindUrlHelper: "绑定URL，在各类通知中显示你的站点URL",
    },
  },
  modal: {
@@ -45,6 +45,7 @@ export type SysPublicSetting = {
  managerOtherUserPipeline?: boolean;
  icpNo?: string;
  mpsNo?: string;
  customFooter?: string;
  robots?: boolean;
  aiChatEnabled?: boolean;
@@ -109,6 +110,7 @@ export type SysPrivateSetting = {
    type?: string;
    config?: any;
  };
  acmeWalkFromAuthoritative?: boolean;
  //http请求超时时间
  httpRequestTimeout?: number;
@@ -303,8 +303,18 @@ export const useSettingStore = defineStore({
        }
      };
      const { closable = false } = opts;
      let title = "URL地址未绑定，是否绑定此地址？";
      let okButtonText = "不，回到原来的地址";
      let okButtonDanger = false;
      let forceBack = true;
      if (closable) {
        title = "绑定URL";
        okButtonText = "确定";
        okButtonDanger = false;
        forceBack = false;
      }
      const modalRef: any = Modal.warning({
-        title: "URL地址未绑定，是否绑定此地址？",
+        title: title,
        width: 500,
        keyboard: false,
        closable,
@@ -320,6 +330,7 @@ export const useSettingStore = defineStore({
                  绑定到地址1
                </a-button>
              </div>
              <div class="helper">各类通知里面会以地址1作为URL显示</div>
              <div class="flex items-center justify-between mt-3">
                <span>
                  绑定地址2：
@@ -334,12 +345,14 @@ export const useSettingStore = defineStore({
        },
        onOk: async () => {
          // await this.doBindUrl();
-          window.location.href = bindUrl;
+          if (forceBack) {
            window.location.href = bindUrl;
          }
        },
        okButtonProps: {
-          danger: true,
+          danger: okButtonDanger,
        },
-        okText: "不，回到原来的地址",
+        okText: okButtonText,
        // cancelText: "不，回到原来的地址",
        // onOk: () => {
        //   window.location.href = bindUrl;
@@ -21,6 +21,7 @@ import { LayoutFooter } from "./footer";
 import { LayoutHeader } from "./header";
 import { LayoutExtraMenu, LayoutMenu, LayoutMixedMenu, useExtraMenu, useMixedMenu } from "./menu";
 import { LayoutTabbar } from "./tabbar";
 import router from "/@/router";
 defineOptions({ name: "BasicLayout" });
@@ -160,7 +161,7 @@ const headerSlots = computed(() => {
  >
    <!-- logo -->
    <template #logo>
-      <VbenLogo v-if="preferences.logo.enable" :class="logoClass" :collapsed="logoCollapsed" :src="preferences.logo.source" :text="preferences.app.name" :theme="showHeaderNav ? headerTheme : theme" />
+      <VbenLogo v-if="preferences.logo.enable" class="pointer" :class="logoClass" :collapsed="logoCollapsed" :src="preferences.logo.source" :text="preferences.app.name" :theme="showHeaderNav ? headerTheme : theme" />
    </template>
    <!-- 头部区域 -->
    <template #header>
@@ -1,6 +1,6 @@
 <script setup lang="ts">
 import { VbenAvatar } from "../avatar";
-
+import { useRouter } from "vue-router";
 interface Props {
  /**
   * @zh_CN 是否收起文本
@@ -39,10 +39,15 @@ withDefaults(defineProps<Props>(), {
  src: "",
  theme: "light",
 });
 const router = useRouter();
 function handleLogoClick() {
  router.push({ path: "/" });
 }
 </script>
 <template>
-  <div :class="theme" class="flex h-full items-center text-lg">
+  <div :class="theme" class="flex h-full items-center text-lg pointer" @click="handleLogoClick">
    <a :class="$attrs.class" :href="href" class="flex h-full items-center gap-2 overflow-hidden px-3 text-lg leading-normal transition-all duration-500">
      <VbenAvatar v-if="src" :alt="text" :src="src" class="relative w-8 rounded-none bg-transparent" />
      <span v-if="!collapsed" class="text-foreground truncate text-nowrap font-semibold">
@@ -935,7 +935,7 @@ export default defineComponent({
      };
      const historyCancel = () => {
-        changeCurrentHistory();
+        // changeCurrentHistory();
        console.log("currentPipeline", pipeline);
      };
@@ -2,17 +2,17 @@
  <div class="landing-page">
    <nav class="landing-nav">
      <div class="nav-container">
-        <div class="nav-logo">
+        <div class="nav-logo overflow-hidden text-ellipsis whitespace-nowrap">
          <img :src="siteInfo.logo" alt="Certd Logo" class="logo-img" />
-          <span class="logo-text">{{ siteInfo.title }}</span>
+          <span class="logo-text ellipsis">{{ siteInfo.title }}</span>
        </div>
-        <div class="nav-links">
+        <div class="nav-links text-nowrap">
          <ThemeToggle />
          <template v-if="isLoggedIn">
            <router-link to="/index" class="btn btn-primary">控制台</router-link>
-            <div class="user-avatar" @click="goProfile">
+            <!-- <div class="user-avatar" @click="goProfile">
              <div class="avatar-initials">{{ userInitials }}</div>
-            </div>
+            </div> -->
          </template>
          <template v-else>
            <router-link :to="{ name: 'login' }" class="btn btn-outline">登录</router-link>
@@ -22,12 +22,12 @@
      </div>
    </nav>
-    <section class="hero-section">
+    <section class="hero-section bg-[#f7f7fc] dark:bg-[#000000]">
      <div class="hero-container">
        <div class="hero-content">
-          <h1 class="hero-title">
+          <h1 class="hero-title flex flex-col md:flex-row">
-            让你的网站证书
+            <div>让你的网站证书</div>
-            <span class="gradient-text">永不过期</span>
+            <div class="gradient-text mt-2 md:mt-0 md:ml-4">永不过期</div>
          </h1>
          <p class="hero-description">全自动证书管理系统，首创流水线申请部署证书模式，让你告别证书过期的烦恼。</p>
          <div class="hero-actions">
@@ -45,7 +45,6 @@
        </div>
      </div>
    </section>
    <section id="features" class="features-section">
      <div class="container">
        <div class="section-header">
@@ -21,12 +21,19 @@
      </a-form-item>
      <a-form-item :label="t('certd.sys.setting.notice')" :name="['public', 'notice']">
-        <a-textarea v-model:value="formState.public.notice" :placeholder="t('certd.sys.setting.noticePlaceholder')" :rows="5" />
+        <a-textarea v-model:value="formState.public.notice" :placeholder="t('certd.sys.setting.noticePlaceholder')" :rows="3" />
        <div class="helper" v-html="t('certd.sys.setting.noticeHelper')"></div>
      </a-form-item>
      <a-form-item :label="t('certd.sys.setting.customFooter')" :name="['public', 'customFooter']">
        <a-textarea v-model:value="formState.public.customFooter" :disabled="!settingsStore.isPlus" :placeholder="t('certd.sys.setting.customFooterPlaceholder')" :rows="3" />
        <div class="helper" v-html="t('certd.sys.setting.customFooterHelper')"></div>
        <vip-button class="ml-5 justify-start" mode="button"></vip-button>
      </a-form-item>
      <a-form-item :label="t('certd.sys.setting.bindUrl')">
        <a-button class="ml-2" type="primary" @click="settingsStore.openBindUrlModal({ closable: true })">{{ t("certd.sys.setting.bindUrl") }}</a-button>
        <div class="helper" v-html="t('certd.sys.setting.bindUrlHelper')"></div>
      </a-form-item>
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 8 }">
@@ -53,6 +53,13 @@
        <div class="helper">{{ t("certd.sys.setting.pipelineMaxRunningCountHelper") }}</div>
      </a-form-item>
      <a-form-item :label="t('certd.sys.setting.acmeWalkFromAuthoritative')" :name="['private', 'acmeWalkFromAuthoritative']">
        <div class="flex items-center">
          <a-switch v-model:checked="formState.private.acmeWalkFromAuthoritative" />
        </div>
        <div class="helper">{{ t("certd.sys.setting.acmeWalkFromAuthoritativeHelper") }}</div>
      </a-form-item>
      <a-form-item label=" " :colon="false" :wrapper-col="{ span: 8 }">
        <a-button :loading="saveLoading" type="primary" html-type="submit">{{ t("certd.saveButton") }}</a-button>
      </a-form-item>
@@ -76,7 +83,9 @@ defineOptions({
 const formState = reactive<Partial<SysSettings>>({
  public: {},
-  private: {},
+  private: {
    acmeWalkFromAuthoritative: true,
  },
 });
 async function loadSysSettings() {
@@ -3,6 +3,19 @@
 All notable changes to this project will be documented in this file.
 See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
 ## [1.39.12](https://github.com/certd/certd/compare/v1.39.11...v1.39.12) (2026-04-29)
 ### Bug Fixes
 * 修复腾讯云clb部署报缺少sslmode参数的bug ([2f1ad72](https://github.com/certd/certd/commit/2f1ad7201f5ed9e00368a28b9e40907d4b415852))
 ### Performance Improvements
 * 524错误时重试3次 ([00e6d58](https://github.com/certd/certd/commit/00e6d580c2f54af70fe96a214aff87c4b96426c2))
 * 阿里云证书订单支持获取2.0的订单 ([64b3184](https://github.com/certd/certd/commit/64b3184b286fee996002d857b0de588452abdadd))
 * 优化流水线执行时的状态保存性能 ([e00830b](https://github.com/certd/certd/commit/e00830bebcfe6344499e490bc174de96f9fb22d6))
 * 支持页脚自定义 ([c985a13](https://github.com/certd/certd/commit/c985a13544aa31b0eb0783f9a3193a7e8bdc6ed6))
 ## [1.39.11](https://github.com/certd/certd/compare/v1.39.10...v1.39.11) (2026-04-26)
 ### Bug Fixes
@@ -6,7 +6,7 @@ name: CertApplyGetFormAliyun
 icon: ph:certificate
 title: 获取阿里云订阅证书
 group: cert
-desc: 从阿里云拉取订阅模式的商用证书
+desc: 从阿里云拉取订阅模式的商用证书（支持 API 1.0 和 2.0）
 input:
  domains:
    title: 证书域名
@@ -49,27 +49,28 @@ input:
    order: -1
    helper: 请输入邮箱
  accessId:
-    title: Access授权
+    title: Access 授权
-    helper: 阿里云授权AccessKeyId、AccessKeySecret
+    helper: 阿里云授权 AccessKeyId、AccessKeySecret
    component:
      name: access-selector
      type: aliyun
    required: true
    order: 0
-  orderType:
+  apiVersion:
-    title: 订单类型
+    title: 证书API 版本
-    value: CPACK
+    value: v1
    component:
      name: a-select
      vModel: value
      options:
-        - label: 资源虚拟订单（一般选这个）
+        - label: API 1.0 (旧版)
-          value: CPACK
+          value: v1
-        - label: 售卖订单
+        - label: API 2.0 (新版)
-          value: BUY
+          value: v2
    helper: 选择阿里云证书 API 版本
    order: 0
  orderId:
-    title: 证书订单ID
+    title: 证书订单 ID
    component:
      name: RemoteSelect
      vModel: value
@@ -95,7 +96,7 @@ input:
                  },
               }
-    helper: 订阅模式的证书订单Id
+    helper: 订阅模式的证书订单 Id(在新建流水线时暂时无法获取，可以先随便填个数字，先创建，进入流水线编辑页面再获取选择即可)
    order: 0
  pfxPassword:
    title: 证书加密密码
@@ -1,6 +1,6 @@
 {
  "name": "@certd/ui-server",
-  "version": "1.39.11",
+  "version": "1.39.12",
  "description": "fast-server base midway",
  "private": true,
  "type": "module",
@@ -52,20 +52,20 @@
    "@aws-sdk/client-sts": "^3.990.0",
    "@azure/arm-dns": "^5.1.0",
    "@azure/identity": "^4.13.1",
-    "@certd/acme-client": "^1.39.11",
+    "@certd/acme-client": "^1.39.12",
-    "@certd/basic": "^1.39.11",
+    "@certd/basic": "^1.39.12",
-    "@certd/commercial-core": "^1.39.11",
+    "@certd/commercial-core": "^1.39.12",
    "@certd/cv4pve-api-javascript": "^8.4.2",
-    "@certd/jdcloud": "^1.39.11",
+    "@certd/jdcloud": "^1.39.12",
-    "@certd/lib-huawei": "^1.39.11",
+    "@certd/lib-huawei": "^1.39.12",
-    "@certd/lib-k8s": "^1.39.11",
+    "@certd/lib-k8s": "^1.39.12",
-    "@certd/lib-server": "^1.39.11",
+    "@certd/lib-server": "^1.39.12",
-    "@certd/midway-flyway-js": "^1.39.11",
+    "@certd/midway-flyway-js": "^1.39.12",
-    "@certd/pipeline": "^1.39.11",
+    "@certd/pipeline": "^1.39.12",
-    "@certd/plugin-cert": "^1.39.11",
+    "@certd/plugin-cert": "^1.39.12",
-    "@certd/plugin-lib": "^1.39.11",
+    "@certd/plugin-lib": "^1.39.12",
-    "@certd/plugin-plus": "^1.39.11",
+    "@certd/plugin-plus": "^1.39.12",
-    "@certd/plus-core": "^1.39.11",
+    "@certd/plus-core": "^1.39.12",
    "@google-cloud/dns": "^5.3.1",
    "@google-cloud/publicca": "^1.3.0",
    "@huaweicloud/huaweicloud-sdk-cdn": "^3.1.185",
@@ -80,7 +80,7 @@ const development = {
        type: 'better-sqlite3',
        database: './data/db.sqlite',
        synchronize: false, // 如果第一次使用，不存在表，有同步的需求可以写 true
-        logging: true,
+        logging: false,
        highlightSql: false,
        // 配置实体模型 或者 entities: '/entity',
@@ -674,8 +674,8 @@ export class PipelineService extends BaseService<PipelineEntity> {
        return;
      }
    }
-
+  
-    const onChanged = async (history: RunHistory) => {
+    const doSaveHistory = async (history: RunHistory) => {
      //保存执行历史
      try {
        logger.info("保存执行历史：", history.id);
@@ -690,6 +690,51 @@ export class PipelineService extends BaseService<PipelineEntity> {
        throw e;
      }
    };
    class HistorySaver {
      latest: RunHistory = null;
      interval: any = null;
      started: boolean = false;
      async save(){
        const latest = this.latest;
        this.latest = null;
        if (latest == null) {
          return;
        }
        await doSaveHistory(latest);
      }
      async start(){
        this.started = true
        //先存一次，确保有数据
        await this.save();
        setTimeout(()=>{
          //2秒后保存一次，尽快显示第一个任务的状态
           this.save();
        }, 1000 * 2);
        this.interval = setInterval(()=>{
          //之后每5秒保存一次
          this.save();
        }, 1000 * 5);
      }
      async push(history: RunHistory){
        this.latest = history;
        if(!this.started){
         await this.start();
        }
      }
      async done(){
        clearInterval(this.interval);
        await this.save();
      }
    }
    const historySaver = new HistorySaver();
    const onChanged = async (history: RunHistory)=>{
      await historySaver.push(history);
    }
    const onFinished = async (history: RunHistory)=>{
      await onChanged(history);
      await historySaver.done();
    }
    const userId = entity.userId;
    const projectId = entity.projectId;
@@ -723,6 +768,7 @@ export class PipelineService extends BaseService<PipelineEntity> {
      user,
      pipeline,
      onChanged,
      onFinished,
      accessService: accessGetter,
      cnameProxyService,
      pluginConfigService: this.pluginConfigGetter,
@@ -762,15 +808,15 @@ export class PipelineService extends BaseService<PipelineEntity> {
    if (executor) {
      await executor.cancel();
    }
-    const entity = await this.historyService.info(historyId);
+    // const entity = await this.historyService.info(historyId);
-    if (entity == null) {
+    // if (entity == null) {
-      return;
+    //   return;
-    }
+    // }
-    const pipeline: Pipeline = JSON.parse(entity.pipeline);
+    // const pipeline: Pipeline = JSON.parse(entity.pipeline);
-    pipeline.status.status = ResultType.canceled;
+    // pipeline.status.status = ResultType.canceled;
-    pipeline.status.result = ResultType.canceled;
+    // pipeline.status.result = ResultType.canceled;
-    const runtime = new RunHistory(historyId, null, pipeline);
+    // const runtime = new RunHistory(historyId, null, pipeline);
-    await this.saveHistory(runtime);
+    // await this.saveHistory(runtime);
  }
  private getTriggerType(triggerId, pipeline) {
@@ -9,7 +9,7 @@ import dayjs from "dayjs";
  icon: "ph:certificate",
  title: "获取阿里云订阅证书",
  group: pluginGroups.cert.key,
-  desc: "从阿里云拉取订阅模式的商用证书",
+  desc: "从阿里云拉取订阅模式的商用证书（支持 API 1.0 和 2.0）",
  default: {
    strategy: {
      runStrategy: RunStrategy.AlwaysRun,
@@ -18,8 +18,8 @@ import dayjs from "dayjs";
 })
 export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
  @TaskInput({
-    title: "Access授权",
+    title: "Access 授权",
-    helper: "阿里云授权AccessKeyId、AccessKeySecret",
+    helper: "阿里云授权 AccessKeyId、AccessKeySecret",
    component: {
      name: "access-selector",
      type: "aliyun",
@@ -28,34 +28,34 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
  })
  accessId!: string;
-
+  @TaskInput(
   @TaskInput(
    {
-      title:"订单类型",
+      title: "证书API 版本",
-      value:"CPACK",
+      value: "v1",
-      component:{
+      component: {
-        name:"a-select",
+        name: "a-select",
-        vModel:"value",
+        vModel: "value",
-        options:[
+        options: [
          {
-            label:"资源虚拟订单（一般选这个）",
+            label: "API 1.0 (旧版)",
-            value:"CPACK",
+            value: "v1",
          },
          {
-            label:"售卖订单",
+            label: "API 2.0 (新版)",
-            value:"BUY",
+            value: "v2",
-          }
+          },
-        ]
+        ],
-      }
+      },
      helper: "选择阿里云证书 API 版本",
    }
  )
-  orderType!: string;
+  apiVersion!: string;
  @TaskInput(
    createRemoteSelectInputDefine({
-      title: "证书订单ID",
+      title: "证书订单 ID",
-      helper: "订阅模式的证书订单Id",
+      helper: "订阅模式的证书订单 Id(在新建流水线时暂时无法获取，可以先随便填个数字，先创建，进入流水线编辑页面再获取选择即可)",
      typeName: "CertApplyGetFormAliyun",
      pageSize: 50,
      component: {
@@ -68,40 +68,53 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
  )
  orderId!: string;
-  async onInit(): Promise<void> {}
+  async onInit(): Promise<void> { }
  async doCertApply(): Promise<CertReader> {
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const client = await access.getClient("cas.aliyuncs.com");
-    this.logger.info(`开始获取证书,orderId:${this.orderId}`);
+
    if (this.apiVersion === "v2") {
      return this.doCertApplyV2(client);
    } else {
      return this.doCertApplyV1(client);
    }
  }
  async doCertApplyV1(client: any): Promise<CertReader> {
    this.logger.info(`开始获取证书 (API 1.0),orderId:${this.orderId}`);
    let orderId: any = this.orderId;
    if (!orderId) {
-      throw new Error("请先输入证书订单ID");
+      throw new Error("请先输入证书订单 ID");
    }
    if (typeof orderId !== "string") {
      orderId = parseInt(orderId);
    }
    const certState = await this.getCertificateState(client, orderId);
-    this.logger.info(`获取到证书Id:${JSON.stringify(certState.CertId)}`);
+    this.logger.info(`获取到证书 Id:${JSON.stringify(certState.CertId)}`);
    const certDetail = await this.getCertDetail(client, certState.CertId);
    this.logger.info(`获取到证书:${certDetail.getAllDomains()}, 过期时间：${dayjs(certDetail.expires).format("YYYY-MM-DD HH:mm:ss")}`);
    return certDetail;
  }
  async doCertApplyV2(client: any): Promise<CertReader> {
    this.logger.info(`开始获取证书 (API 2.0),instanceId:${this.orderId}`);
    if (!this.orderId) {
      throw new Error("请先输入证书实例 ID");
    }
    const certDetail = await this.getCertDetailV2(client, this.orderId);
    this.logger.info(`获取到证书:${certDetail.getAllDomains()}, 过期时间：${dayjs(certDetail.expires).format("YYYY-MM-DD HH:mm:ss")}`);
    return certDetail;
  }
  async getCertDetail(client: any, certId: any) {
    const res = await client.doRequest({
      // 接口名称
      // 接口名称
      action: "GetUserCertificateDetail",
      // 接口版本
      version: "2020-04-07",
      // 接口协议
      protocol: "HTTPS",
      // 接口 HTTP 方法
      method: "POST",
      authType: "AK",
      style: "RPC",
      // 接口 PATH
      pathname: `/`,
      data: {
        query: {
@@ -120,19 +133,40 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
    });
  }
-  async getCertificateState(client: any, orderId: any): Promise<{ CertId: string; Type: string; Domain: string }> {
+  async getCertDetailV2(client: any, instanceId: string) {
    const res = await client.doRequest({
-      // 接口名称
+      action: "GetUserCertificateDetail",
-      action: "DescribeCertificateState",
+      version: "2020-04-07",
-      // 接口版本
+      protocol: "HTTPS",
      method: "POST",
      authType: "AK",
      style: "RPC",
      pathname: `/`,
      data: {
        query: {
          CertId: instanceId,
        },
      },
    });
    const crt = res.Cert;
    const key = res.Key;
    return new CertReader({
      crt,
      key,
      csr: "",
    });
  }
  async getCertificateState(client: any, orderId: any): Promise<{ CertId: string; Type: string; Domain: string }> {
    const res = await client.doRequest({
      action: "DescribeCertificateState",
      version: "2020-04-07",
      // 接口协议
      protocol: "HTTPS",
      // 接口 HTTP 方法
      method: "POST",
      authType: "AK",
      style: "RPC",
      // 接口 PATH
      pathname: `/`,
      data: {
        query: {
@@ -146,35 +180,41 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
  async onGetOrderList(req: PageSearch) {
    if (!this.accessId) {
-      throw new Error("请先选择Access授权");
+      throw new Error("请先选择 Access 授权");
    }
    const access = await this.getAccess<AliyunAccess>(this.accessId);
    const client = await access.getClient("cas.aliyuncs.com");
-    const pager = new Pager(req)
+    const pager = new Pager(req);
    if (this.apiVersion === "v2") {
      return this.onGetOrderListV2(client, pager);
    } else {
      return this.onGetOrderListV1(client, pager);
    }
  }
  async onGetOrderListV1(client: any, pager: Pager) {
    const res = await client.doRequest({
      // 接口名称
      action: "ListUserCertificateOrder",
      // 接口版本
      version: "2020-04-07",
      method: "POST",
      authType: "AK",
      style: "RPC",
      // 接口 PATH
      pathname: `/`,
      data: {
        query: {
-          OrderType: this.orderType,
+          OrderType: "CPACK",
          Status: "ISSUED",
          CurrentPage: pager.pageNo,
-          ShowSize : pager.pageSize,
+          ShowSize: pager.pageSize,
        },
      },
    });
    const list = res?.CertificateOrderList || [];
    if (!list || list.length === 0) {
-      return []
+      return [];
    }
    const total = res.TotalCount || 0;
@@ -195,9 +235,49 @@ export class CertApplyGetFormAliyunPlugin extends CertApplyBasePlugin {
      };
    });
    return {
-      list:records,
+      list: records,
      total,
    };
  }
  async onGetOrderListV2(client: any, pager: Pager) {
    const res = await client.doRequest({
      action: "ListInstances",
      version: "2020-04-07",
      method: "POST",
      authType: "AK",
      style: "RPC",
      pathname: `/`,
      data: {
        query: {
          Status: "normal",
          CurrentPage: pager.pageNo,
          ShowSize: pager.pageSize,
        },
      },
    });
    const list = res?.InstanceList || [];
    if (!list || list.length === 0) {
      return [];
    }
    const total = res.TotalCount || 0;
    const records = list.map((item: any) => {
      const value = item.InstanceId;
      const domain = item.Domain;
      const label = `${item.Domain}<${item.CertificateName}>`;
      return {
        label: label,
        value: value,
        Domain: domain,
      };
    });
    return {
      list: records,
      total,
    };
  }
 }
@@ -93,6 +93,9 @@ export class OnePanelClient {
    if (res.code === 200) {
      return res.data;
    }
    if (res?.message?.includes("record not found")){
      throw new Error("没有找到证书，请确认证书在1panel上是否已被删除，如果被删除请重新选择新的证书id:"+ config.url);
    }
    throw new Error(res.message);
  }
@@ -246,6 +246,7 @@ export class DeployCertToTencentCLB extends AbstractTaskPlugin {
    if (typeof this.cert === 'string') {
      return {
        Certificate: {
          SSLMode: 'UNIDIRECTIONAL', // 单向认证
          CertId: certId,
        },
        LoadBalancerId: this.loadBalancerId,
@@ -241,6 +241,7 @@ token=md5(zhangsan + 5dh232kfg!* + 1554691950854)=cfcd208495d565ef66e7dff9f98764
          try {
            const contentType = headers['content-type'] || '';
            // 判断是否是 GB2312/GBK 编码
            //@ts-ignore
            if (contentType.includes('gb2312') || contentType.includes('gbk')) {
              // 使用 iconv-lite 解码
              data = iconv.decode(data, 'gb2312');
@@ -40,3 +40,4 @@ function randomStr(length, options?) {
 }
 export const RandomUtil = { randomStr };
@@ -49,7 +49,7 @@ importers:
  packages/core/acme-client:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../basic
      '@peculiar/x509':
        specifier: ^1.11.0
@@ -213,11 +213,11 @@ importers:
  packages/core/pipeline:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../basic
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/plus-core
+        version: 1.39.11
      dayjs:
        specifier: ^1.11.7
        version: 1.11.13
@@ -412,7 +412,7 @@ importers:
  packages/libs/lib-k8s:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/basic
      '@kubernetes/client-node':
        specifier: 0.21.0
@@ -452,20 +452,20 @@ importers:
  packages/libs/lib-server:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/plus-core
+        version: 1.39.11
      '@midwayjs/cache':
        specifier: 3.14.0
        version: 3.14.0
@@ -610,16 +610,16 @@ importers:
  packages/plugins/plugin-cert:
    dependencies:
      '@certd/acme-client':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../plugin-lib
      psl:
        specifier: ^1.9.0
@@ -683,17 +683,17 @@ importers:
        specifier: ^3.964.0
        version: 3.964.0(aws-crt@1.26.2)
      '@certd/acme-client':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/pipeline
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/plus-core
+        version: 1.39.11
      '@kubernetes/client-node':
        specifier: 0.21.0
        version: 0.21.0
@@ -783,16 +783,16 @@ importers:
  packages/pro/commercial-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../core/basic
      '@certd/lib-server':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../libs/lib-server
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../core/pipeline
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../plus-core
      '@midwayjs/core':
        specifier: 3.20.11
@@ -868,16 +868,16 @@ importers:
  packages/pro/plugin-plus:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../core/basic
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../core/pipeline
      '@certd/plugin-lib':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../plugins/plugin-lib
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../plus-core
      crypto-js:
        specifier: ^4.2.0
@@ -953,7 +953,7 @@ importers:
  packages/pro/plus-core:
    dependencies:
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.7
        version: link:../../core/basic
      dayjs:
        specifier: ^1.11.7
@@ -1249,10 +1249,10 @@ importers:
        version: 0.1.3(zod@3.24.4)
    devDependencies:
      '@certd/lib-iframe':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/lib-iframe
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/pipeline
      '@rollup/plugin-commonjs':
        specifier: ^25.0.7
@@ -1453,47 +1453,47 @@ importers:
        specifier: ^4.13.1
        version: 4.13.1
      '@certd/acme-client':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/acme-client
      '@certd/basic':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/basic
      '@certd/commercial-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/commercial-core
+        version: 1.39.11(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3))
      '@certd/cv4pve-api-javascript':
        specifier: ^8.4.2
        version: 8.4.2
      '@certd/jdcloud':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/lib-jdcloud
      '@certd/lib-huawei':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/lib-huawei
      '@certd/lib-k8s':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/lib-k8s
      '@certd/lib-server':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/lib-server
      '@certd/midway-flyway-js':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../libs/midway-flyway-js
      '@certd/pipeline':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../core/pipeline
      '@certd/plugin-cert':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../plugins/plugin-cert
      '@certd/plugin-lib':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
        version: link:../../plugins/plugin-lib
      '@certd/plugin-plus':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/plugin-plus
+        version: 1.39.11
      '@certd/plus-core':
-        specifier: ^1.39.10
+        specifier: ^1.39.11
-        version: link:../../pro/plus-core
+        version: 1.39.11
      '@google-cloud/dns':
        specifier: ^5.3.1
        version: 5.3.1
@@ -2907,9 +2907,18 @@ packages:
  '@better-scroll/zoom@2.5.1':
    resolution: {integrity: sha512-aGvFY5ooeZWS4RcxQLD+pGLpQHQxpPy0sMZV3yadcd2QK53PK9gS4Dp+BYfRv8lZ4/P2LoNEhr6Wq1DN6+uPlA==}
  '@certd/commercial-core@1.39.11':
    resolution: {integrity: sha512-sX0WOF+FflGcx3aeBt1f/meu8plnHqC7UnPivJr9gMx54PRdyTC/zQ5jKvcSTUlivp8xX9Mm2qLmevb5XlN8uQ==}
  '@certd/cv4pve-api-javascript@8.4.2':
    resolution: {integrity: sha512-udGce7ewrVl4DmZvX+17PjsnqsdDIHEDatr8QP0AVrY2p+8JkaSPW4mXCKiLGf82C9K2+GXgT+qNIqgW7tfF9Q==}
  '@certd/plugin-plus@1.39.11':
    resolution: {integrity: sha512-oi3+0gcyHswI97+cAY7dNXPP66sQga9n98STQYtaDQ5d2LY8dXYpXQl9V1L7IvfAafc1ZAcQLTrfwKA+b9kAZg==}
  '@certd/plus-core@1.39.11':
    resolution: {integrity: sha512-DOi7mTUTEK4iFhfLjmxSL7gcF/LMlFguERBPyd7YHI7QBkkufTodLu3l8SuXYwFtp3O883XzlDkcBlnQNAdkwA==}
  '@certd/vue-js-cron-core@6.0.3':
    resolution: {integrity: sha512-kqzoAMhYz9j6FGNWEODRYtt4NpUEUwjpkU89z5WVg2tCtOcI5VhwyUGOd8AxiBCRfd6PtXvzuqw85PaOps9wrQ==}
@@ -15455,12 +15464,64 @@ snapshots:
    dependencies:
      '@better-scroll/core': 2.5.1
  '@certd/commercial-core@1.39.11(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3))':
    dependencies:
      '@certd/basic': link:packages/core/basic
      '@certd/lib-server': link:packages/libs/lib-server
      '@certd/pipeline': link:packages/core/pipeline
      '@certd/plus-core': 1.39.11
      '@midwayjs/core': 3.20.11
      '@midwayjs/koa': 3.20.13
      '@midwayjs/logger': 3.4.2
      '@midwayjs/swagger': 3.20.11
      '@midwayjs/typeorm': 3.20.11
      dayjs: 1.11.13
      typeorm: 0.3.24(better-sqlite3@11.10.0)(mysql2@3.14.1)(pg@8.16.0)(reflect-metadata@0.2.2)(ts-node@10.9.2(@types/node@18.19.100)(typescript@5.9.3))
    transitivePeerDependencies:
      - '@google-cloud/spanner'
      - '@sap/hana-client'
      - babel-plugin-macros
      - better-sqlite3
      - hdb-pool
      - ioredis
      - mongodb
      - mssql
      - mysql2
      - oracledb
      - pg
      - pg-native
      - pg-query-stream
      - redis
      - reflect-metadata
      - sql.js
      - sqlite3
      - supports-color
      - ts-node
      - typeorm-aurora-data-api-driver
  '@certd/cv4pve-api-javascript@8.4.2':
    dependencies:
      debug: 4.4.3(supports-color@8.1.1)
    transitivePeerDependencies:
      - supports-color
  '@certd/plugin-plus@1.39.11':
    dependencies:
      '@certd/basic': link:packages/core/basic
      '@certd/pipeline': link:packages/core/pipeline
      '@certd/plugin-lib': link:packages/plugins/plugin-lib
      '@certd/plus-core': 1.39.11
      crypto-js: 4.2.0
      dayjs: 1.11.13
      form-data: 4.0.2
      jsrsasign: 11.1.0
      querystring: 0.2.1
  '@certd/plus-core@1.39.11':
    dependencies:
      '@certd/basic': link:packages/core/basic
      dayjs: 1.11.13
  '@certd/vue-js-cron-core@6.0.3':
    dependencies:
      mustache: 4.2.0
@@ -1 +1 @@
-23:47
+13:33
@@ -1 +1 @@
-00:29
+14:09
Author	SHA1	Message	Date
xiaojunnuo	898bc9b9f2	v1.39.12	2026-04-29 23:10:25 +08:00
xiaojunnuo	d8e5928523	build: prepare to build	2026-04-29 23:06:41 +08:00
xiaojunnuo	36808a953e	chore: 1	2026-04-29 23:06:34 +08:00
xiaojunnuo	39d3f79026	build: prepare to build	2026-04-29 00:12:48 +08:00
xiaojunnuo	6463e1ca22	chore: 1	2026-04-29 00:12:07 +08:00
xiaojunnuo	c985a13544	perf: 支持页脚自定义	2026-04-29 00:07:20 +08:00
xiaojunnuo	64b3184b28	perf: 阿里云证书订单支持获取2.0的订单	2026-04-28 11:51:54 +08:00
xiaojunnuo	2f1ad7201f	fix: 修复腾讯云clb部署报缺少sslmode参数的bug	2026-04-28 10:52:09 +08:00
xiaojunnuo	cd23ee2055	chore: 1	2026-04-28 00:38:57 +08:00
xiaojunnuo	e00830bebc	perf: 优化流水线执行时的状态保存性能	2026-04-28 00:33:59 +08:00
xiaojunnuo	00e6d580c2	perf: 524错误时重试3次	2026-04-27 23:51:27 +08:00
xiaojunnuo	9c7b419e8f	chore: 1	2026-04-27 00:57:53 +08:00
xiaojunnuo	95edc0d303	chore: check interval	2026-04-27 00:42:06 +08:00
xiaojunnuo	5991b1e37c	chore: 1	2026-04-27 00:19:49 +08:00
xiaojunnuo	1aa50cf53a	perf: 增加权威NS检查开关，某些用户服务器禁止向黑名单NS服务器发请求	2026-04-27 00:16:14 +08:00
xiaojunnuo	eab66e2d19	fix: 调整手机版首页标题被挤开的bug	2026-04-27 00:13:36 +08:00
xiaojunnuo	5b504f094f	build: release	2026-04-26 14:09:42 +08:00
xiaojunnuo	1460cb9ac1	chore: 1	2026-04-26 13:45:08 +08:00
xiaojunnuo	53782cbf49	build: publish	2026-04-26 13:33:26 +08:00
xiaojunnuo	0ea22dddf0	build: trigger build image	2026-04-26 13:33:14 +08:00
`@@ -40,3 +40,4 @@ function randomStr(length, options?) {`
	`}`	`}`

	`export const RandomUtil = { randomStr };`	`export const RandomUtil = { randomStr };`