From 3da104218797fa90e08de1d6225a60e95ca092ae Mon Sep 17 00:00:00 2001
From: wantoper <305986045@qq.com>
Date: Thu, 22 May 2025 11:30:19 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90=E6=96=B0=E5=A2=9E=E3=80=91=E3=80=90?=
 =?UTF-8?q?=E9=83=A8=E7=BD=B2=E3=80=91=E9=98=BF=E9=87=8C=E4=BA=91WAF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 backend/internal/cert/deploy/ali_test.go      |  23 +-
 backend/internal/cert/deploy/aliyun.go        |  75 +++++
 .../cert/deploy/client/aliyun/aliyunCas.go    |  42 +++
 .../cert/deploy/client/aliyun/aliyunWaf.go    | 282 ++++++++++++++++++
 .../deploy/client/aliyun/aliyunWaf_test.go    |  36 +++
 backend/internal/cert/deploy/deploy.go        |   3 +
 go.mod                                        |   7 +-
 go.sum                                        |   5 +
 8 files changed, 468 insertions(+), 5 deletions(-)
 create mode 100644 backend/internal/cert/deploy/client/aliyun/aliyunCas.go
 create mode 100644 backend/internal/cert/deploy/client/aliyun/aliyunWaf.go
 create mode 100644 backend/internal/cert/deploy/client/aliyun/aliyunWaf_test.go

diff --git a/backend/internal/cert/deploy/ali_test.go b/backend/internal/cert/deploy/ali_test.go
index 9d0e079..56372b0 100644
--- a/backend/internal/cert/deploy/ali_test.go
+++ b/backend/internal/cert/deploy/ali_test.go
@@ -43,8 +43,27 @@ func TestALiOss(t *testing.T) {
 func TestAliyunCdnAPITest(t *testing.T) {
 	result := AliyunCdnAPITest("10")
 	if result != nil {
-		t.Fatalf("SSHAPITest failed: %v", result)
+		t.Fatalf("AliyunCdnAPITest failed: %v", result)
 	} else {
-		t.Log("SSHAPITest success")
+		t.Log("AliyunCdnAPITest success")
+	}
+}
+
+func TestDeployAliyunWaf(t *testing.T) {
+	cfg := map[string]any{
+		"domain":      "www.xxx.cn",
+		"region":      "cn-hangzhou",
+		"provider_id": "10",
+		"certificate": map[string]any{
+			"key":    "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC6F44tk6411wYH\n2BbL8V8VuKGCeH2mkfVl5orYz1gnLmVimyEzeIOyCnjYKpoP4kzC7SmqyMGwedN4\nvVTVcrloDRB0VziUIO+AJlv+ELeFPiQguycx0Jn6bDKZBYHo/ZIWMuUsxwnEyHfJ\nnG74GLVbk2la2CAeO6RPzxkI5/PezrGSWlttFoZYcxig89OVxA6N2XYirICP5euU\nsOkjO8oMMst729/S5gGlhEKYl8KJYr0NQ8SfVOwqUDnHgQEDMAXnJL7Pd8UlGU0V\nvSpwfhET+e9fbCU7O2iqgrxATUeCr/eYkfBxHqzZFqRdbQ0dvH5MKtK6uPfnc1sH\n7OCALpeJAgMBAAECggEAWFQD7UgyoWWNfD2qHGVWD5ZSOv58DYssIpD6CIzqN7bC\n8rnVWXvzbpef4mLeO3nbm448f87IeL5qjN25HZNVw7invcEEnvK/G2GZuo8uvLTR\nKyQKJ4/u9jlTDuTZU8DADX9c3hMfZOMOUIjK90GrG2ttz2vUWuVOSX9wT5ThYTiE\nk9jv3L07yjegYkoTpDf/pXSXxAkjrjUeuo39H5FgQf0VD20RKafoqGPgT4fGp1i2\nDv5lMTPsQCCEtuJyJEGRlOLldPYaZb2gsw98/jkJNfr/5kE9GixpazbgtfIJzX7c\nj7qvsf8Ula0HGA5gW54upogxHWgBZKNe0jMz2aOXPQKBgQDs9VmlnhYQDvGIIoMO\nwSdiG0TCRpva988d2nV2vG7DxtURoyJu2bzmXJMlExKLtSZP/OZBNd1neUBb16NR\neK+z54cW7kgVdYV1Pb+6MFluC9wh2wJOVHMNvhuI/wFlc/gbiyClisBk//XXcVsc\nG5N/lbKCIoosAnaEbXc2/xtgfwKBgQDJC8tgTABVkg4r4xPEHLLUN8DYOsO1yYa6\nPghTrxPuw5kaQLrRrI7t+E++Dd5fbuScu4e8+Ti7A+U43xN9skkqnad+4XHsgRq7\nWu44rZS0a7wVtsUDTiron/J4qlu6KfgoTb0kUEkszriGPKaqF/CJjKoj3IEixyYb\nM3tQw90D9wKBgGtrtp48EmhpPdmnO56etcnl7r/b3p/fo4c3F/Uh61zZcJI0UFHM\nZ7RO124BPXEUSDAOyBtb3ekgsKpyEVnHym9WUIl2sDr6Mew6eAZiEMiwm7TFYkA8\nTIQ4YKc0Y1+ouRtTcRNa2WlwF/T5MIKHhdBa/re8DMNywmO6dEb8U17lAoGAQU37\negQ195XB1K+mNAW+cQDLO3GbMOmNQeH0gnpUVzJiAQ0VohYTN2l5PZrzqLw0tlST\n+uZZbyYMxzRu+F15NsaPKb/BablmHYWj6/U2YIS+S69av4AcoAOUl21+7jHD0hOu\nZKVPn6ZmefQpjwbHs2ZlvdBaghl+X0eRvuJgYHECgYAiv6eMzqHGc0jfs8uZqGGE\nv/DVDTRyevnZMQEw8ZzVwfuTxZM6fKanjingkG3a56ELKiPX8TTFsmKpJK/AmjfB\njCeloQV3bSHc+Tas4duArgZBjBLEO1awM4FlSf7ntItTLf2F0JiMMS0loIqC8uwn\nWkU6gr8Q3Oh8t8iv1HTdoA==\n-----END PRIVATE KEY-----",
+			"cert":   "-----BEGIN CERTIFICATE-----\nMIIG9TCCBN2gAwIBAgIQUUIS2m0nbRAAeXaCB2b1NDANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJDTjEtMCsGA1UECgwk5bm/5Lic5aCh5aGU5a6J5YWo5oqA5pyv\n5pyJ6ZmQ5YWs5Y+4MRkwFwYDVQQDDBDlrp3loZQgRFYgVExTIENBMB4XDTI1MDQx\nMDA2Mzg0NloXDTI2MDQxMDA2Mzg0NVowFzEVMBMGA1UEAwwMKi5iZWZ1bm55LmNu\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuheOLZOuNdcGB9gWy/Ff\nFbihgnh9ppH1ZeaK2M9YJy5lYpshM3iDsgp42CqaD+JMwu0pqsjBsHnTeL1U1XK5\naA0QdFc4lCDvgCZb/hC3hT4kILsnMdCZ+mwymQWB6P2SFjLlLMcJxMh3yZxu+Bi1\nW5NpWtggHjukT88ZCOfz3s6xklpbbRaGWHMYoPPTlcQOjdl2IqyAj+XrlLDpIzvK\nDDLLe9vf0uYBpYRCmJfCiWK9DUPEn1TsKlA5x4EBAzAF5yS+z3fFJRlNFb0qcH4R\nE/nvX2wlOztoqoK8QE1Hgq/3mJHwcR6s2RakXW0NHbx+TCrSurj353NbB+zggC6X\niQIDAQABo4IC+zCCAvcwDAYDVR0TAQH/BAIwADBHBgNVHR8EQDA+MDygOqA4hjZo\ndHRwOi8vYnRkdnRsc3IzNWcyY2EuY3JsLmNlcnR1bS5wbC9idGR2dGxzcjM1ZzJj\nYS5jcmwwgY0GCCsGAQUFBwEBBIGAMH4wMQYIKwYBBQUHMAGGJWh0dHA6Ly9idGR2\ndGxzcjM1ZzJjYS5vY3NwLWNlcnR1bS5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9i\ndGR2dGxzcjM1ZzJjYS5yZXBvc2l0b3J5LmNlcnR1bS5wbC9idGR2dGxzcjM1ZzJj\nYS5jZXIwHwYDVR0jBBgwFoAU20yJOMQn62M/cvkK1OlC3eyZc6gwIQYDVR0gBBow\nGDAIBgZngQwBAgEwDAYKKoRoAYb2dwJlATATBgNVHSUEDDAKBggrBgEFBQcDATAO\nBgNVHQ8BAf8EBAMCBaAwIwYDVR0RBBwwGoIMKi5iZWZ1bm55LmNuggpiZWZ1bm55\nLmNuMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwAZhtTHKKpv/roDb3gqTQGR\nqs4tcjEPrs5dcEEtJUzH1AAAAZYebCyhAAAEAwBIMEYCIQC0TGbOoADw+Xh0F1b5\nIeAQDz3aWPOcEchBGRKhf7vb9wIhAO9+zS4YiwH1uMgW9WVgLagFouUv4/zohp6N\nrCmERgXmAHUADleUvPOuqT4zGyyZB7P3kN+bwj1xMiXdIaklrGHFTiEAAAGWHmws\nvwAABAMARjBEAiBmIxJi880176inXlzMZyVMU3rA6CsuQHHGfTx/9wbL8AIgVnaU\n0YfZm6GzTR3+/bt6b9PtmJ5GErBlHxHpbH5jAPEAdgBkEcRspBLsp4kcogIuALyr\nTygH1B41J6vq/tUDyX3N8AAAAZYebCzGAAAEAwBHMEUCIQDYdirqdSr8960U+kE1\ntPYwS8VWRN2zrhiRvu1zlEzX/AIgHE/LB5fRIZIFKHTmE1itu5z1jRg5RSiaAxzG\nS7XqlLkwDQYJKoZIhvcNAQELBQADggIBAASke6sdSSoI3tz8JlDl4+hLodjoud16\nvftwAmz28qpOTcXeNZwDN3aguKDK7lZlqQ8XCM7vV+8uWg4i/IBexEwQPvc51vFG\n/y0uuL2ybTsJun9DQUzINr8j3CrZw0wtnfbSoRLnWekCI0eV1rX5N2RBVeSR5eXI\nX6TuAQh4L0/AWjqF8pDq/GN0OD5Hw1bZagcWIE0i19HthLVjIjZevC9SSqHKqTNr\nZIHQemNh5k2sEDAg9mDlAza4UaX80yn4Lhhfi3uhQ6qt1GTZg1yTBuVYOob/WOvV\nNrU/m5yfyVQr/Tv2v3iz68AKIUcPsok84pqzlRM4u+t1Fg7lVziYNj3BqIcOuuz6\nGfU25Jh/nassyCdRyyc3xpvdL5YXPWOxFaA3Sg7jBpkHT3tJ/JRPjWwBF6Zfrdh0\ncWBidS9udC4x23NIFOopr4ElpBawafTBvZSWsErire5IcE9oPTJHaf4abOsg7XVT\nhyPRw+qPHvy028eA4uYEXXB42KdK46QVUAeq6AxWHXlD58ie5VIPd0QqmPd6y4yJ\nX/YTOZo0CY4AkY7c/uDWAaJrP+l3HV/5EezhtvrDSW8H9AAX1ruBf7htx9BM4PSs\n9y8n3tyyA/0NVQ0ixeYFcDM5Cwlbpdyxgd7bOtEGu7XvStSSbqMdiG8FuGwZxHr5\nHIOucga96oD8\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIGmDCCBICgAwIBAgIRANIa0kwTJVdUiIuxnJd6d1QwDQYJKoZIhvcNAQENBQAw\nejELMAkGA1UEBhMCUEwxITAfBgNVBAoTGEFzc2VjbyBEYXRhIFN5c3RlbXMgUy5B\nLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR8wHQYD\nVQQDExZDZXJ0dW0gVHJ1c3RlZCBSb290IENBMB4XDTI1MDExNTEwMzQ1NVoXDTM1\nMDEwMzEwMzQ1NVowVzELMAkGA1UEBhMCQ04xLTArBgNVBAoMJOW5v+S4nOWgoeWh\nlOWuieWFqOaKgOacr+aciemZkOWFrOWPuDEZMBcGA1UEAwwQ5a6d5aGUIERWIFRM\nUyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJrqOp1sGzlYxNQz\nVz8BmnBbdMElduQwM0vi///FObjpBVCPiLMyeHr8UUacE6IcRbTE1hRO/lbKwYts\naFaSuUdLLreijqTMYCDPvXqIhurPkTRiDrLLnfRmjWhVcKehwBk8x9pOWMTx5Mbx\nU8f2edxwuUA/bf6Mq97EgabuCeP/y9WKhYNr695+hAwtT/j1p5nhcCuuKbLcVPuF\nM12PZCbeLOANe9BKKwRGu3j6fzKL+m4IDNuXm9Ca203oqLq1QllXkDrkOwTksrny\nOmD/Hn4cPWyCj/0TUZQN7CXfwq05yyfxwZXSS9POQkThIqk1gQhGSasm5rJbGYgk\nSjp0nAEr06N4NdR68DeLstq4tFMuPWNPI0IeWw4afBepEHSoDXO/HeDsoRvAqAPn\nhmjgKzS3K5QHr3KDJuVFn3jXu9+VYcbgrGMuDGRKnPLxnNRT3uf8qloFk2OZvUJZ\nytX1134tuyGn4YnjIxM/6Tm4plHSbEBMmlY6or4oHqAD55528dojR9dPsx1QCKw7\neARjPC5pVtLI8vi/SyW69BXwEK4cy2D8Z32qpsSlxAFFxorKM3i764pwAxQdDLAh\nZKQjnIINJVqG/62IPbeewnvoP8XRtgNa5WoE4ChmD0XvMlH565b25wBTzKZ9hXnp\nHiq13zbJ+VJ/3PcGLRcK9HHAiyzpAgMBAAGjggE6MIIBNjBxBggrBgEFBQcBAQRl\nMGMwNwYIKwYBBQUHMAKGK2h0dHA6Ly9zdWJjYS5yZXBvc2l0b3J5LmNlcnR1bS5w\nbC9jdHJjYS5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1\nbS5jb20wHwYDVR0jBBgwFoAUjPscdbwC059OLkjZ+WBUqsSzT/owEgYDVR0TAQH/\nBAgwBgEB/wIBADA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNl\ncnR1bS5wbC9jdHJjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/\nBAQDAgEGMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHQ4EFgQU20yJOMQn62M/cvkK\n1OlC3eyZc6gwDQYJKoZIhvcNAQENBQADggIBAJGal9WZ1oHFDeocAP/U9eQF+dFy\nbjIBpe9/j9ZOx/VIGrRyVgZlQ6kqxciGmJG2lTTZg0qG1E9SZ4WEMhI1Ju0mkEyO\n7dsygB/AP6XDsKwvq4+gytQ2lIkaWrviKpAf3yXDaPFkK+fryc1a7CJjdNNxQPCJ\nGtOTc/2qOPUP1RwYlLPOdnpW922o4J6n+zaB0210geoHKdxIRF0SAia3HYcepeyA\nl2n92mL4Af+sNkwRMZoTgOac0Dz81qlApZs8ueqTKmHH5qcy7omtAoI41L+dEPHc\nupL7990zZIEjK1KulpqZWAV0bjaZvUcSPqdE8UPw+K/0Zg9YTt+4HI2rmMCEmVK5\nQAlp0XWWFLvQyvIsnDAqIh20lEz+ryn+cYMSdGuy07ipE1e3uKlPPxYe76dJJ2Cu\n22QdI5XSaX+SwDtn5UfMeWglM7l3g8Ef82MkMxqGItFmmu0GC20Dj2x57QSGsgHo\nTNFH3Kzq7nzI5I5WmZgj7lbXsAm6EsfFDS2Nw4q+gKM8kxNv1yM+q45HOI9BU30W\nK0Nrwhqoe5Ht5Pmbcpj/NfrutqJ3YrjIJC86okjFELMwkwqTe5wcrygQ5vFLWDtB\n1wQBv/6vSLyszw9xOi5QYLTS9NIPP45sqrBrasnBMEdqkmv4dEoOZn5rwmQ3EOzL\nNoVPcXhpL4qk5KQG\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFxDCCBKygAwIBAgIRANjgdEtYJJGfvQiEffcgIPowDQYJKoZIhvcNAQENBQAw\nfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu\nQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG\nA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0yMzA5MTkxMDAwMDBa\nFw0yODA5MTkxMDAwMDBaMHoxCzAJBgNVBAYTAlBMMSEwHwYDVQQKExhBc3NlY28g\nRGF0YSBTeXN0ZW1zIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9u\nIEF1dGhvcml0eTEfMB0GA1UEAxMWQ2VydHVtIFRydXN0ZWQgUm9vdCBDQTCCAiIw\nDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANEtjru3NuptN5GfTpOnBeQpAyXO\nHIL3fJmfQQbN7aO6wNsJLMF83yl+S2Uvk6fUAWsDKBij2J0FwSrYRfGR3t870IAC\njM84D+qnXHgRpMHIhVwl09Oy5yXPEVSXqzXAHnYc7wBTnzncFKUsIiWzcnL8jbPl\nPggeFCo3C4g8yrD0yMKhrrzBvilnVeL8rVlc/r1XLLCQjcLtN7Z8mYi11QOaPRUN\nPTqoqEXwlU4lWR3NmGm708wyyY3vgf6tfYm7umATymWVZ6DzGfYDVtRq0yfioa2D\n8EoSInccBXPiGXFCwOx1RpqQWOBqjiulRjAEjhmyF+O+qbp/VvEkA9eyISh2DjYw\nTHnVQZqaqLg1ugw68kQbIIj3xSXXPcbjPkPdh/7E6vVTPkxl/ztKy3haaxdfDcfD\nT06aKqLtV00i4kaaPw+RNCR9VeOMlTfTGvAJKyzSyY20DQCrZyko2AH1GQS2Hb52\n/nJcxIXK0oBB3wWoo9WEkE8L8+A/mxnSN4k/8ntSHIz24fc8B5eMDqJZgQyykD3T\n41lG7Q+pp96Aa1qqB7YZy7xX85chegyxK3Q+69qnZy1MxJieNgl2Zmb8Gj/qSFQc\nvjC9gFC/fLXOAPYMYdnnJAPg4wGBDr3YhTSIvbI2qHtcCOVEgIxv+C/VIcodHND7\nxLWH0TpOx3a1NUi1AgMBAAGjggE/MIIBOzAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud\nDgQWBBSM+xx1vALTn04uSNn5YFSqxLNP+jAfBgNVHSMEGDAWgBQIds3LB/8k9sXN\n7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYwLwYDVR0fBCgwJjAkoCKgIIYeaHR0\ncDovL2NybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsGCCsGAQUFBwEBBF8wXTAoBggr\nBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTAxBggrBgEFBQcw\nAoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2N0bmNhLmNlcjA6BgNVHSAE\nMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBs\nL0NQUzANBgkqhkiG9w0BAQ0FAAOCAQEAKPpdjKpRGqa+eIZpwndaFy+p4H1FT2wf\n9JOJdmyjSkJ4wlUp+xbL6v7D6/6xYO8IcvyWyR1sdqef8HK49mYK9jDjk+ypq7IO\nh8R9VbhSuS6KxY3X5lVV6vmYZ6QE4G8IuK9ktvGSVS4uNabf+/r+Gq9oiysCwsck\nAsjwXbYN2gsKAWxXGC1vAqIOlB3tJaL29UVh2nKdl0eD7EsFwbk0vo/U5pQ/Yi8u\nJJb/OSiK1XXUJ7S8wmURNWK2hIzHSnP9xotjmUJMVMb8Igj8jntZNc9U3lNuzG6R\nF2kSR3FCgnCJ9AebGFZwEc7QDTCuohG6Lmb6D3Dtopv/LvqypxAmQQ==\n-----END CERTIFICATE-----",
+			"issuer": "cert-issuer",
+		},
+	}
+	result := DeployAliyunWaf(cfg)
+	if result != nil {
+		t.Fatalf("DeployAliyunWaf failed: %v", result)
+	} else {
+		t.Log("DeployAliyunWaf success")
 	}
 }
\ No newline at end of file
diff --git a/backend/internal/cert/deploy/aliyun.go b/backend/internal/cert/deploy/aliyun.go
index fe8cd79..a08778f 100644
--- a/backend/internal/cert/deploy/aliyun.go
+++ b/backend/internal/cert/deploy/aliyun.go
@@ -2,6 +2,7 @@ package deploy
 
 import (
 	"ALLinSSL/backend/internal/access"
+	"ALLinSSL/backend/internal/cert/deploy/client/aliyun"
 	"encoding/json"
 	"fmt"
 	aliyuncdn "github.com/alibabacloud-go/cdn-20180510/v6/client"
@@ -11,6 +12,7 @@ import (
 	"github.com/aliyun/aliyun-oss-go-sdk/oss"
 	"strconv"
 	"strings"
+	"time"
 )
 
 func ClientAliCdn(accessKey, accessSecret string) (_result *aliyuncdn.Client, err error) {
@@ -221,5 +223,78 @@ func AliyunCdnAPITest(providerID string) error {
 	if err != nil {
 		return fmt.Errorf("测试请求失败: %v", err)
 	}
+	return nil
+}
+
+func DeployAliyunWaf(cfg map[string]any) error {
+	cert, ok := cfg["certificate"].(map[string]any)
+	if !ok {
+		return fmt.Errorf("证书不存在")
+	}
+	var providerID string
+	switch v := cfg["provider_id"].(type) {
+	case float64:
+		providerID = strconv.Itoa(int(v))
+	case string:
+		providerID = v
+	default:
+		return fmt.Errorf("参数错误：provider_id")
+	}
+	providerData, err := access.GetAccess(providerID)
+	if err != nil {
+		return err
+	}
+	providerConfigStr, ok := providerData["config"].(string)
+	if !ok {
+		return fmt.Errorf("api配置错误")
+	}
+	var providerConfig map[string]string
+	err = json.Unmarshal([]byte(providerConfigStr), &providerConfig)
+	if err != nil {
+		return err
+	}
+	regionId, ok := cfg["region"].(string)
+	if !ok {
+		return fmt.Errorf("参数错误：region")
+	}
+	wafclient, err := aliyun.ClientAliWaf(providerConfig["access_key_id"], providerConfig["access_key_secret"], regionId)
+	if err != nil {
+		return err
+	}
+	domain, ok := cfg["domain"].(string)
+	if !ok {
+		return fmt.Errorf("参数错误：domain")
+	}
+	// 设置证书
+	keyPem, ok := cert["key"].(string)
+	if !ok {
+		return fmt.Errorf("证书错误：key")
+	}
+	certPem, ok := cert["cert"].(string)
+	if !ok {
+		return fmt.Errorf("证书错误：cert")
+	}
+	//根据地区获取实例ID 目前一个地区只能有一个waf实例
+	instanceId, err := wafclient.IGetInstanceId()
+	if err != nil {
+		return fmt.Errorf("获取地区实例ID失败: %v", err)
+	}
+	//查询接入详情
+	domainDesc, err := wafclient.IDescribeDomainDetail(*instanceId, domain)
+	if err != nil {
+		return fmt.Errorf("获取域名配置详情失败: %v", err)
+	}
+	//上传证书
+	certName := fmt.Sprintf("%s_allinssl_%d", domain, time.Now().UnixMilli())
+	certId, err := wafclient.ICreateCerts(certName, certPem, keyPem, *instanceId)
+	if err != nil {
+		return fmt.Errorf("创建证书失败: %v", err)
+	}
+	//更新接入
+	err = wafclient.IUpdateDomain(domainDesc, *instanceId, *certId)
+	if err != nil {
+		return fmt.Errorf("更新证书失败: %v", err)
+	}
+	
 	return nil
 }
\ No newline at end of file
diff --git a/backend/internal/cert/deploy/client/aliyun/aliyunCas.go b/backend/internal/cert/deploy/client/aliyun/aliyunCas.go
new file mode 100644
index 0000000..5c8db4a
--- /dev/null
+++ b/backend/internal/cert/deploy/client/aliyun/aliyunCas.go
@@ -0,0 +1,42 @@
+package aliyun
+
+import (
+	aliyuncas "github.com/alibabacloud-go/cas-20200407/v4/client"
+	openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
+	"github.com/alibabacloud-go/tea/tea"
+)
+
+type ClientAliCas struct {
+	aliyuncas.Client
+}
+
+func NewClientAliCas(accessKey, accessSecret string) (_result *ClientAliCas, err error) {
+	config := &openapi.Config{
+		AccessKeyId:     tea.String(accessKey),
+		AccessKeySecret: tea.String(accessSecret),
+		Endpoint:        tea.String("cas.aliyuncs.com"),
+	}
+	casClient, err := aliyuncas.NewClient(config)
+	if err != nil {
+		return nil, err
+	}
+	
+	client := &ClientAliCas{
+		Client: *casClient,
+	}
+	return client, nil
+}
+
+func (c *ClientAliCas) UploadCert(certName, certContent, certKey string) (*int64, error) {
+	certificateRequest := &aliyuncas.UploadUserCertificateRequest{
+		Cert: tea.String(certContent),
+		Key:  tea.String(certKey),
+		Name: tea.String(certName),
+	}
+	uploadUserCertificateResp, err := c.UploadUserCertificate(certificateRequest)
+	if err != nil {
+		return nil, err
+	}
+	
+	return uploadUserCertificateResp.Body.CertId, nil
+}
diff --git a/backend/internal/cert/deploy/client/aliyun/aliyunWaf.go b/backend/internal/cert/deploy/client/aliyun/aliyunWaf.go
new file mode 100644
index 0000000..fa26822
--- /dev/null
+++ b/backend/internal/cert/deploy/client/aliyun/aliyunWaf.go
@@ -0,0 +1,282 @@
+package aliyun
+
+import (
+	"fmt"
+	openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
+	openapiutil "github.com/alibabacloud-go/openapi-util/service"
+	util "github.com/alibabacloud-go/tea-utils/v2/service"
+	"github.com/alibabacloud-go/tea/tea"
+	aliyunwaf "github.com/alibabacloud-go/waf-openapi-20211001/v5/client"
+)
+
+type AliyunWafClient struct {
+	aliyunwaf.Client
+	accessKey    string
+	accessSecret string
+	region       string
+}
+
+func ClientAliWaf(accessKey, accessSecret, region string) (_result *AliyunWafClient, err error) {
+	//region:[cn-hangzhou,ap-southeast-1]
+	
+	config := &openapi.Config{
+		AccessKeyId:     tea.String(accessKey),
+		AccessKeySecret: tea.String(accessSecret),
+		Endpoint:        tea.String(fmt.Sprintf("wafopenapi.%s.aliyuncs.com", region)),
+	}
+	client, err := aliyunwaf.NewClient(config)
+	if err != nil {
+		return nil, err
+	}
+	
+	aliyunwafClient := &AliyunWafClient{
+		Client:       *client,
+		accessKey:    accessKey,
+		accessSecret: accessSecret,
+		region:       region,
+	}
+	return aliyunwafClient, nil
+}
+
+type CreateCertsResponseBody struct {
+	CertIdentifier *string `json:"CertIdentifier,omitempty" xml:"DomainInfo,omitempty"`
+	RequestId      *string `json:"RequestId,omitempty" xml:"RequestId,omitempty"`
+}
+
+type CreateCertsResponse struct {
+	Headers    map[string]*string       `json:"headers,omitempty" xml:"headers,omitempty"`
+	StatusCode *int32                   `json:"statusCode,omitempty" xml:"statusCode,omitempty"`
+	Body       *CreateCertsResponseBody `json:"body,omitempty" xml:"body,omitempty"`
+}
+
+func (client *AliyunWafClient) ICreateCerts(certName, certContent, certKey, instanceId string) (certId *string, _err error) {
+	query := map[string]interface{}{
+		"CertName":    certName,
+		"CertContent": certContent,
+		"CertKey":     certKey,
+		"InstanceId":  instanceId,
+	}
+	
+	req := &openapi.OpenApiRequest{
+		Query: openapiutil.Query(query),
+	}
+	params := &openapi.Params{
+		Action:      tea.String("CreateCerts"),
+		Version:     tea.String("2021-10-01"),
+		Protocol:    tea.String("HTTPS"),
+		Pathname:    tea.String("/"),
+		Method:      tea.String("POST"),
+		AuthType:    tea.String("AK"),
+		Style:       tea.String("RPC"),
+		ReqBodyType: tea.String("formData"),
+		BodyType:    tea.String("json"),
+	}
+	
+	createCertsResponse := &CreateCertsResponse{}
+	runtime := &util.RuntimeOptions{}
+	_body, _err := client.CallApi(params, req, runtime)
+	if _err != nil {
+		return nil, _err
+	}
+	_err = tea.Convert(_body, &createCertsResponse)
+	certId = createCertsResponse.Body.CertIdentifier
+	return certId, _err
+}
+
+func (client *AliyunWafClient) IGetInstanceId() (instanceId *string, _err error) {
+	req := &aliyunwaf.DescribeInstanceRequest{
+		RegionId: tea.String(client.region),
+	}
+	response, _err := client.DescribeInstance(req)
+	instanceId = response.Body.InstanceId
+	
+	return instanceId, _err
+}
+
+func (client *AliyunWafClient) IDescribeDomainDetail(instanceId, domain string) (describeDomainDetailResponseBody *aliyunwaf.DescribeDomainDetailResponseBody, _err error) {
+	req := &aliyunwaf.DescribeDomainDetailRequest{
+		InstanceId: tea.String(instanceId),
+		RegionId:   tea.String(client.region),
+		Domain:     tea.String(domain),
+	}
+	response, _err := client.DescribeDomainDetail(req)
+	describeDomainDetailResponseBody = response.Body
+	
+	return describeDomainDetailResponseBody, _err
+}
+
+func (client *AliyunWafClient) IUpdateDomain(domainDesc *aliyunwaf.DescribeDomainDetailResponseBody, instanceId, certId string) error {
+	modifyDomainReq := &aliyunwaf.ModifyDomainRequest{
+		InstanceId: tea.String(instanceId),
+		RegionId:   tea.String(client.region),
+		Domain:     domainDesc.Domain,
+		Listen:     &aliyunwaf.ModifyDomainRequestListen{CertId: tea.String(certId)},
+	}
+	assignDomain(domainDesc, modifyDomainReq)
+	_, err := client.ModifyDomain(modifyDomainReq)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func assignDomain(from *aliyunwaf.DescribeDomainDetailResponseBody, to *aliyunwaf.ModifyDomainRequest) *aliyunwaf.ModifyDomainRequest {
+	if from == nil {
+		return to
+	}
+	
+	if from.Listen != nil {
+		if to.Listen == nil {
+			to.Listen = &aliyunwaf.ModifyDomainRequestListen{}
+		}
+		
+		if from.Listen.CipherSuite != nil {
+			to.Listen.CipherSuite = tea.Int32(int32(*from.Listen.CipherSuite))
+		}
+		
+		if from.Listen.CustomCiphers != nil {
+			to.Listen.CustomCiphers = from.Listen.CustomCiphers
+		}
+		
+		if from.Listen.EnableTLSv3 != nil {
+			to.Listen.EnableTLSv3 = from.Listen.EnableTLSv3
+		}
+		
+		if from.Listen.ExclusiveIp != nil {
+			to.Listen.ExclusiveIp = from.Listen.ExclusiveIp
+		}
+		
+		if from.Listen.FocusHttps != nil {
+			to.Listen.FocusHttps = from.Listen.FocusHttps
+		}
+		
+		if from.Listen.Http2Enabled != nil {
+			to.Listen.Http2Enabled = from.Listen.Http2Enabled
+		}
+		
+		if from.Listen.IPv6Enabled != nil {
+			to.Listen.IPv6Enabled = from.Listen.IPv6Enabled
+		}
+		
+		if from.Listen.ProtectionResource != nil {
+			to.Listen.ProtectionResource = from.Listen.ProtectionResource
+		}
+		
+		if from.Listen.TLSVersion != nil {
+			to.Listen.TLSVersion = from.Listen.TLSVersion
+		}
+		
+		if from.Listen.XffHeaderMode != nil {
+			to.Listen.XffHeaderMode = tea.Int32(int32(*from.Listen.XffHeaderMode))
+		}
+		
+		if from.Listen.XffHeaders != nil {
+			to.Listen.XffHeaders = from.Listen.XffHeaders
+		}
+		
+		if from.Listen.HttpPorts != nil {
+			to.Listen.HttpPorts = make([]*int32, len(from.Listen.HttpPorts))
+			for i, port := range from.Listen.HttpPorts {
+				if port != nil {
+					to.Listen.HttpPorts[i] = tea.Int32(int32(*port))
+				}
+			}
+		}
+		
+		if from.Listen.HttpsPorts != nil {
+			to.Listen.HttpsPorts = make([]*int32, len(from.Listen.HttpsPorts))
+			for i, port := range from.Listen.HttpsPorts {
+				if port != nil {
+					to.Listen.HttpsPorts[i] = tea.Int32(int32(*port))
+				}
+			}
+		}
+		
+	}
+	
+	if from.Redirect != nil {
+		if to.Redirect == nil {
+			to.Redirect = &aliyunwaf.ModifyDomainRequestRedirect{}
+		}
+		
+		if from.Redirect.ConnectTimeout != nil {
+			to.Redirect.ConnectTimeout = from.Redirect.ConnectTimeout
+		}
+		
+		if from.Redirect.FocusHttpBackend != nil {
+			to.Redirect.FocusHttpBackend = from.Redirect.FocusHttpBackend
+		}
+		
+		if from.Redirect.Keepalive != nil {
+			to.Redirect.Keepalive = from.Redirect.Keepalive
+		}
+		
+		if from.Redirect.KeepaliveRequests != nil {
+			to.Redirect.KeepaliveRequests = from.Redirect.KeepaliveRequests
+		}
+		
+		if from.Redirect.KeepaliveTimeout != nil {
+			to.Redirect.KeepaliveTimeout = from.Redirect.KeepaliveTimeout
+		}
+		
+		if from.Redirect.Loadbalance != nil {
+			to.Redirect.Loadbalance = from.Redirect.Loadbalance
+		}
+		
+		if from.Redirect.ReadTimeout != nil {
+			to.Redirect.ReadTimeout = from.Redirect.ReadTimeout
+		}
+		
+		if from.Redirect.Retry != nil {
+			to.Redirect.Retry = from.Redirect.Retry
+		}
+		
+		if from.Redirect.SniEnabled != nil {
+			to.Redirect.SniEnabled = from.Redirect.SniEnabled
+		}
+		
+		if from.Redirect.SniHost != nil {
+			to.Redirect.SniHost = from.Redirect.SniHost
+		}
+		
+		if from.Redirect.WriteTimeout != nil {
+			to.Redirect.WriteTimeout = from.Redirect.WriteTimeout
+		}
+		
+		if from.Redirect.XffProto != nil {
+			to.Redirect.XffProto = from.Redirect.XffProto
+		}
+		
+		if from.Redirect.Backends != nil {
+			to.Redirect.Backends = make([]*string, len(from.Redirect.Backends))
+			for i, backend := range from.Redirect.Backends {
+				if backend != nil {
+					to.Redirect.Backends[i] = backend.Backend
+				}
+			}
+		}
+		
+		if from.Redirect.BackupBackends != nil {
+			to.Redirect.BackupBackends = make([]*string, len(from.Redirect.BackupBackends))
+			for i, backend := range from.Redirect.BackupBackends {
+				if backend != nil {
+					to.Redirect.BackupBackends[i] = backend.Backend
+				}
+			}
+		}
+		
+		if from.Redirect.RequestHeaders != nil {
+			to.Redirect.RequestHeaders = make([]*aliyunwaf.ModifyDomainRequestRedirectRequestHeaders, len(from.Redirect.RequestHeaders))
+			for i, header := range from.Redirect.RequestHeaders {
+				if header != nil {
+					to.Redirect.RequestHeaders[i] = &aliyunwaf.ModifyDomainRequestRedirectRequestHeaders{
+						Key:   header.Key,
+						Value: header.Value,
+					}
+				}
+			}
+		}
+	}
+	
+	return to
+}
diff --git a/backend/internal/cert/deploy/client/aliyun/aliyunWaf_test.go b/backend/internal/cert/deploy/client/aliyun/aliyunWaf_test.go
new file mode 100644
index 0000000..5e3fb79
--- /dev/null
+++ b/backend/internal/cert/deploy/client/aliyun/aliyunWaf_test.go
@@ -0,0 +1,36 @@
+package aliyun
+
+import (
+	"fmt"
+	"testing"
+)
+
+func TestAliyunCreateCerts(t *testing.T) {
+	client, _ := ClientAliWaf("", "", "cn-hangzhou")
+	
+	id := "waf_v2_public_cn-"
+	certName := "TestCert1"
+	certKey := "-----BEGIN PRIVATE KEY-----\nMIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC6F44tk6411wYH\n2BbL8V8VuKGCeH2mkfVl5orYz1gnLmVimyEzeIOyCnjYKpoP4kzC7SmqyMGwedN4\nvVTVcrloDRB0VziUIO+AJlv+ELeFPiQguycx0Jn6bDKZBYHo/ZIWMuUsxwnEyHfJ\nnG74GLVbk2la2CAeO6RPzxkI5/PezrGSWlttFoZYcxig89OVxA6N2XYirICP5euU\nsOkjO8oMMst729/S5gGlhEKYl8KJYr0NQ8SfVOwqUDnHgQEDMAXnJL7Pd8UlGU0V\nvSpwfhET+e9fbCU7O2iqgrxATUeCr/eYkfBxHqzZFqRdbQ0dvH5MKtK6uPfnc1sH\n7OCALpeJAgMBAAECggEAWFQD7UgyoWWNfD2qHGVWD5ZSOv58DYssIpD6CIzqN7bC\n8rnVWXvzbpef4mLeO3nbm448f87IeL5qjN25HZNVw7invcEEnvK/G2GZuo8uvLTR\nKyQKJ4/u9jlTDuTZU8DADX9c3hMfZOMOUIjK90GrG2ttz2vUWuVOSX9wT5ThYTiE\nk9jv3L07yjegYkoTpDf/pXSXxAkjrjUeuo39H5FgQf0VD20RKafoqGPgT4fGp1i2\nDv5lMTPsQCCEtuJyJEGRlOLldPYaZb2gsw98/jkJNfr/5kE9GixpazbgtfIJzX7c\nj7qvsf8Ula0HGA5gW54upogxHWgBZKNe0jMz2aOXPQKBgQDs9VmlnhYQDvGIIoMO\nwSdiG0TCRpva988d2nV2vG7DxtURoyJu2bzmXJMlExKLtSZP/OZBNd1neUBb16NR\neK+z54cW7kgVdYV1Pb+6MFluC9wh2wJOVHMNvhuI/wFlc/gbiyClisBk//XXcVsc\nG5N/lbKCIoosAnaEbXc2/xtgfwKBgQDJC8tgTABVkg4r4xPEHLLUN8DYOsO1yYa6\nPghTrxPuw5kaQLrRrI7t+E++Dd5fbuScu4e8+Ti7A+U43xN9skkqnad+4XHsgRq7\nWu44rZS0a7wVtsUDTiron/J4qlu6KfgoTb0kUEkszriGPKaqF/CJjKoj3IEixyYb\nM3tQw90D9wKBgGtrtp48EmhpPdmnO56etcnl7r/b3p/fo4c3F/Uh61zZcJI0UFHM\nZ7RO124BPXEUSDAOyBtb3ekgsKpyEVnHym9WUIl2sDr6Mew6eAZiEMiwm7TFYkA8\nTIQ4YKc0Y1+ouRtTcRNa2WlwF/T5MIKHhdBa/re8DMNywmO6dEb8U17lAoGAQU37\negQ195XB1K+mNAW+cQDLO3GbMOmNQeH0gnpUVzJiAQ0VohYTN2l5PZrzqLw0tlST\n+uZZbyYMxzRu+F15NsaPKb/BablmHYWj6/U2YIS+S69av4AcoAOUl21+7jHD0hOu\nZKVPn6ZmefQpjwbHs2ZlvdBaghl+X0eRvuJgYHECgYAiv6eMzqHGc0jfs8uZqGGE\nv/DVDTRyevnZMQEw8ZzVwfuTxZM6fKanjingkG3a56ELKiPX8TTFsmKpJK/AmjfB\njCeloQV3bSHc+Tas4duArgZBjBLEO1awM4FlSf7ntItTLf2F0JiMMS0loIqC8uwn\nWkU6gr8Q3Oh8t8iv1HTdoA==\n-----END PRIVATE KEY-----"
+	certContent := "-----BEGIN CERTIFICATE-----\nMIIG9TCCBN2gAwIBAgIQUUIS2m0nbRAAeXaCB2b1NDANBgkqhkiG9w0BAQsFADBX\nMQswCQYDVQQGEwJDTjEtMCsGA1UECgwk5bm/5Lic5aCh5aGU5a6J5YWo5oqA5pyv\n5pyJ6ZmQ5YWs5Y+4MRkwFwYDVQQDDBDlrp3loZQgRFYgVExTIENBMB4XDTI1MDQx\nMDA2Mzg0NloXDTI2MDQxMDA2Mzg0NVowFzEVMBMGA1UEAwwMKi5iZWZ1bm55LmNu\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuheOLZOuNdcGB9gWy/Ff\nFbihgnh9ppH1ZeaK2M9YJy5lYpshM3iDsgp42CqaD+JMwu0pqsjBsHnTeL1U1XK5\naA0QdFc4lCDvgCZb/hC3hT4kILsnMdCZ+mwymQWB6P2SFjLlLMcJxMh3yZxu+Bi1\nW5NpWtggHjukT88ZCOfz3s6xklpbbRaGWHMYoPPTlcQOjdl2IqyAj+XrlLDpIzvK\nDDLLe9vf0uYBpYRCmJfCiWK9DUPEn1TsKlA5x4EBAzAF5yS+z3fFJRlNFb0qcH4R\nE/nvX2wlOztoqoK8QE1Hgq/3mJHwcR6s2RakXW0NHbx+TCrSurj353NbB+zggC6X\niQIDAQABo4IC+zCCAvcwDAYDVR0TAQH/BAIwADBHBgNVHR8EQDA+MDygOqA4hjZo\ndHRwOi8vYnRkdnRsc3IzNWcyY2EuY3JsLmNlcnR1bS5wbC9idGR2dGxzcjM1ZzJj\nYS5jcmwwgY0GCCsGAQUFBwEBBIGAMH4wMQYIKwYBBQUHMAGGJWh0dHA6Ly9idGR2\ndGxzcjM1ZzJjYS5vY3NwLWNlcnR1bS5jb20wSQYIKwYBBQUHMAKGPWh0dHA6Ly9i\ndGR2dGxzcjM1ZzJjYS5yZXBvc2l0b3J5LmNlcnR1bS5wbC9idGR2dGxzcjM1ZzJj\nYS5jZXIwHwYDVR0jBBgwFoAU20yJOMQn62M/cvkK1OlC3eyZc6gwIQYDVR0gBBow\nGDAIBgZngQwBAgEwDAYKKoRoAYb2dwJlATATBgNVHSUEDDAKBggrBgEFBQcDATAO\nBgNVHQ8BAf8EBAMCBaAwIwYDVR0RBBwwGoIMKi5iZWZ1bm55LmNuggpiZWZ1bm55\nLmNuMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdwAZhtTHKKpv/roDb3gqTQGR\nqs4tcjEPrs5dcEEtJUzH1AAAAZYebCyhAAAEAwBIMEYCIQC0TGbOoADw+Xh0F1b5\nIeAQDz3aWPOcEchBGRKhf7vb9wIhAO9+zS4YiwH1uMgW9WVgLagFouUv4/zohp6N\nrCmERgXmAHUADleUvPOuqT4zGyyZB7P3kN+bwj1xMiXdIaklrGHFTiEAAAGWHmws\nvwAABAMARjBEAiBmIxJi880176inXlzMZyVMU3rA6CsuQHHGfTx/9wbL8AIgVnaU\n0YfZm6GzTR3+/bt6b9PtmJ5GErBlHxHpbH5jAPEAdgBkEcRspBLsp4kcogIuALyr\nTygH1B41J6vq/tUDyX3N8AAAAZYebCzGAAAEAwBHMEUCIQDYdirqdSr8960U+kE1\ntPYwS8VWRN2zrhiRvu1zlEzX/AIgHE/LB5fRIZIFKHTmE1itu5z1jRg5RSiaAxzG\nS7XqlLkwDQYJKoZIhvcNAQELBQADggIBAASke6sdSSoI3tz8JlDl4+hLodjoud16\nvftwAmz28qpOTcXeNZwDN3aguKDK7lZlqQ8XCM7vV+8uWg4i/IBexEwQPvc51vFG\n/y0uuL2ybTsJun9DQUzINr8j3CrZw0wtnfbSoRLnWekCI0eV1rX5N2RBVeSR5eXI\nX6TuAQh4L0/AWjqF8pDq/GN0OD5Hw1bZagcWIE0i19HthLVjIjZevC9SSqHKqTNr\nZIHQemNh5k2sEDAg9mDlAza4UaX80yn4Lhhfi3uhQ6qt1GTZg1yTBuVYOob/WOvV\nNrU/m5yfyVQr/Tv2v3iz68AKIUcPsok84pqzlRM4u+t1Fg7lVziYNj3BqIcOuuz6\nGfU25Jh/nassyCdRyyc3xpvdL5YXPWOxFaA3Sg7jBpkHT3tJ/JRPjWwBF6Zfrdh0\ncWBidS9udC4x23NIFOopr4ElpBawafTBvZSWsErire5IcE9oPTJHaf4abOsg7XVT\nhyPRw+qPHvy028eA4uYEXXB42KdK46QVUAeq6AxWHXlD58ie5VIPd0QqmPd6y4yJ\nX/YTOZo0CY4AkY7c/uDWAaJrP+l3HV/5EezhtvrDSW8H9AAX1ruBf7htx9BM4PSs\n9y8n3tyyA/0NVQ0ixeYFcDM5Cwlbpdyxgd7bOtEGu7XvStSSbqMdiG8FuGwZxHr5\nHIOucga96oD8\n-----END CERTIFICATE-----\n\n-----BEGIN CERTIFICATE-----\nMIIGmDCCBICgAwIBAgIRANIa0kwTJVdUiIuxnJd6d1QwDQYJKoZIhvcNAQENBQAw\nejELMAkGA1UEBhMCUEwxITAfBgNVBAoTGEFzc2VjbyBEYXRhIFN5c3RlbXMgUy5B\nLjEnMCUGA1UECxMeQ2VydHVtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MR8wHQYD\nVQQDExZDZXJ0dW0gVHJ1c3RlZCBSb290IENBMB4XDTI1MDExNTEwMzQ1NVoXDTM1\nMDEwMzEwMzQ1NVowVzELMAkGA1UEBhMCQ04xLTArBgNVBAoMJOW5v+S4nOWgoeWh\nlOWuieWFqOaKgOacr+aciemZkOWFrOWPuDEZMBcGA1UEAwwQ5a6d5aGUIERWIFRM\nUyBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAJrqOp1sGzlYxNQz\nVz8BmnBbdMElduQwM0vi///FObjpBVCPiLMyeHr8UUacE6IcRbTE1hRO/lbKwYts\naFaSuUdLLreijqTMYCDPvXqIhurPkTRiDrLLnfRmjWhVcKehwBk8x9pOWMTx5Mbx\nU8f2edxwuUA/bf6Mq97EgabuCeP/y9WKhYNr695+hAwtT/j1p5nhcCuuKbLcVPuF\nM12PZCbeLOANe9BKKwRGu3j6fzKL+m4IDNuXm9Ca203oqLq1QllXkDrkOwTksrny\nOmD/Hn4cPWyCj/0TUZQN7CXfwq05yyfxwZXSS9POQkThIqk1gQhGSasm5rJbGYgk\nSjp0nAEr06N4NdR68DeLstq4tFMuPWNPI0IeWw4afBepEHSoDXO/HeDsoRvAqAPn\nhmjgKzS3K5QHr3KDJuVFn3jXu9+VYcbgrGMuDGRKnPLxnNRT3uf8qloFk2OZvUJZ\nytX1134tuyGn4YnjIxM/6Tm4plHSbEBMmlY6or4oHqAD55528dojR9dPsx1QCKw7\neARjPC5pVtLI8vi/SyW69BXwEK4cy2D8Z32qpsSlxAFFxorKM3i764pwAxQdDLAh\nZKQjnIINJVqG/62IPbeewnvoP8XRtgNa5WoE4ChmD0XvMlH565b25wBTzKZ9hXnp\nHiq13zbJ+VJ/3PcGLRcK9HHAiyzpAgMBAAGjggE6MIIBNjBxBggrBgEFBQcBAQRl\nMGMwNwYIKwYBBQUHMAKGK2h0dHA6Ly9zdWJjYS5yZXBvc2l0b3J5LmNlcnR1bS5w\nbC9jdHJjYS5jZXIwKAYIKwYBBQUHMAGGHGh0dHA6Ly9zdWJjYS5vY3NwLWNlcnR1\nbS5jb20wHwYDVR0jBBgwFoAUjPscdbwC059OLkjZ+WBUqsSzT/owEgYDVR0TAQH/\nBAgwBgEB/wIBADA1BgNVHR8ELjAsMCqgKKAmhiRodHRwOi8vc3ViY2EuY3JsLmNl\ncnR1bS5wbC9jdHJjYS5jcmwwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDgYDVR0PAQH/\nBAQDAgEGMBEGA1UdIAQKMAgwBgYEVR0gADAdBgNVHQ4EFgQU20yJOMQn62M/cvkK\n1OlC3eyZc6gwDQYJKoZIhvcNAQENBQADggIBAJGal9WZ1oHFDeocAP/U9eQF+dFy\nbjIBpe9/j9ZOx/VIGrRyVgZlQ6kqxciGmJG2lTTZg0qG1E9SZ4WEMhI1Ju0mkEyO\n7dsygB/AP6XDsKwvq4+gytQ2lIkaWrviKpAf3yXDaPFkK+fryc1a7CJjdNNxQPCJ\nGtOTc/2qOPUP1RwYlLPOdnpW922o4J6n+zaB0210geoHKdxIRF0SAia3HYcepeyA\nl2n92mL4Af+sNkwRMZoTgOac0Dz81qlApZs8ueqTKmHH5qcy7omtAoI41L+dEPHc\nupL7990zZIEjK1KulpqZWAV0bjaZvUcSPqdE8UPw+K/0Zg9YTt+4HI2rmMCEmVK5\nQAlp0XWWFLvQyvIsnDAqIh20lEz+ryn+cYMSdGuy07ipE1e3uKlPPxYe76dJJ2Cu\n22QdI5XSaX+SwDtn5UfMeWglM7l3g8Ef82MkMxqGItFmmu0GC20Dj2x57QSGsgHo\nTNFH3Kzq7nzI5I5WmZgj7lbXsAm6EsfFDS2Nw4q+gKM8kxNv1yM+q45HOI9BU30W\nK0Nrwhqoe5Ht5Pmbcpj/NfrutqJ3YrjIJC86okjFELMwkwqTe5wcrygQ5vFLWDtB\n1wQBv/6vSLyszw9xOi5QYLTS9NIPP45sqrBrasnBMEdqkmv4dEoOZn5rwmQ3EOzL\nNoVPcXhpL4qk5KQG\n-----END CERTIFICATE-----\n-----BEGIN CERTIFICATE-----\nMIIFxDCCBKygAwIBAgIRANjgdEtYJJGfvQiEffcgIPowDQYJKoZIhvcNAQENBQAw\nfjELMAkGA1UEBhMCUEwxIjAgBgNVBAoTGVVuaXpldG8gVGVjaG5vbG9naWVzIFMu\nQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEiMCAG\nA1UEAxMZQ2VydHVtIFRydXN0ZWQgTmV0d29yayBDQTAeFw0yMzA5MTkxMDAwMDBa\nFw0yODA5MTkxMDAwMDBaMHoxCzAJBgNVBAYTAlBMMSEwHwYDVQQKExhBc3NlY28g\nRGF0YSBTeXN0ZW1zIFMuQS4xJzAlBgNVBAsTHkNlcnR1bSBDZXJ0aWZpY2F0aW9u\nIEF1dGhvcml0eTEfMB0GA1UEAxMWQ2VydHVtIFRydXN0ZWQgUm9vdCBDQTCCAiIw\nDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANEtjru3NuptN5GfTpOnBeQpAyXO\nHIL3fJmfQQbN7aO6wNsJLMF83yl+S2Uvk6fUAWsDKBij2J0FwSrYRfGR3t870IAC\njM84D+qnXHgRpMHIhVwl09Oy5yXPEVSXqzXAHnYc7wBTnzncFKUsIiWzcnL8jbPl\nPggeFCo3C4g8yrD0yMKhrrzBvilnVeL8rVlc/r1XLLCQjcLtN7Z8mYi11QOaPRUN\nPTqoqEXwlU4lWR3NmGm708wyyY3vgf6tfYm7umATymWVZ6DzGfYDVtRq0yfioa2D\n8EoSInccBXPiGXFCwOx1RpqQWOBqjiulRjAEjhmyF+O+qbp/VvEkA9eyISh2DjYw\nTHnVQZqaqLg1ugw68kQbIIj3xSXXPcbjPkPdh/7E6vVTPkxl/ztKy3haaxdfDcfD\nT06aKqLtV00i4kaaPw+RNCR9VeOMlTfTGvAJKyzSyY20DQCrZyko2AH1GQS2Hb52\n/nJcxIXK0oBB3wWoo9WEkE8L8+A/mxnSN4k/8ntSHIz24fc8B5eMDqJZgQyykD3T\n41lG7Q+pp96Aa1qqB7YZy7xX85chegyxK3Q+69qnZy1MxJieNgl2Zmb8Gj/qSFQc\nvjC9gFC/fLXOAPYMYdnnJAPg4wGBDr3YhTSIvbI2qHtcCOVEgIxv+C/VIcodHND7\nxLWH0TpOx3a1NUi1AgMBAAGjggE/MIIBOzAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud\nDgQWBBSM+xx1vALTn04uSNn5YFSqxLNP+jAfBgNVHSMEGDAWgBQIds3LB/8k9sXN\n7buQvOKEN0Z19zAOBgNVHQ8BAf8EBAMCAQYwLwYDVR0fBCgwJjAkoCKgIIYeaHR0\ncDovL2NybC5jZXJ0dW0ucGwvY3RuY2EuY3JsMGsGCCsGAQUFBwEBBF8wXTAoBggr\nBgEFBQcwAYYcaHR0cDovL3N1YmNhLm9jc3AtY2VydHVtLmNvbTAxBggrBgEFBQcw\nAoYlaHR0cDovL3JlcG9zaXRvcnkuY2VydHVtLnBsL2N0bmNhLmNlcjA6BgNVHSAE\nMzAxMC8GBFUdIAAwJzAlBggrBgEFBQcCARYZaHR0cHM6Ly93d3cuY2VydHVtLnBs\nL0NQUzANBgkqhkiG9w0BAQ0FAAOCAQEAKPpdjKpRGqa+eIZpwndaFy+p4H1FT2wf\n9JOJdmyjSkJ4wlUp+xbL6v7D6/6xYO8IcvyWyR1sdqef8HK49mYK9jDjk+ypq7IO\nh8R9VbhSuS6KxY3X5lVV6vmYZ6QE4G8IuK9ktvGSVS4uNabf+/r+Gq9oiysCwsck\nAsjwXbYN2gsKAWxXGC1vAqIOlB3tJaL29UVh2nKdl0eD7EsFwbk0vo/U5pQ/Yi8u\nJJb/OSiK1XXUJ7S8wmURNWK2hIzHSnP9xotjmUJMVMb8Igj8jntZNc9U3lNuzG6R\nF2kSR3FCgnCJ9AebGFZwEc7QDTCuohG6Lmb6D3Dtopv/LvqypxAmQQ==\n-----END CERTIFICATE-----"
+	
+	certs, err := client.ICreateCerts(certName, certContent, certKey, id)
+	if err != nil {
+		fmt.Printf("err:%+v", err)
+		return
+	}
+	fmt.Printf("certs body:%s", *certs)
+}
+
+func TestAliyunGetDescribeDomainDetail(t *testing.T) {
+	id := "waf_v2_public_cn-"
+	domain := "www.xxxx.cn"
+	
+	client, _ := ClientAliWaf("", "", "cn-hangzhou")
+	
+	certs, err := client.IDescribeDomainDetail(id, domain)
+	if err != nil {
+		fmt.Printf("err:%+v", err)
+		return
+	}
+	fmt.Printf("certs body:%s \n", *certs)
+}
diff --git a/backend/internal/cert/deploy/deploy.go b/backend/internal/cert/deploy/deploy.go
index bf32de9..abf1077 100644
--- a/backend/internal/cert/deploy/deploy.go
+++ b/backend/internal/cert/deploy/deploy.go
@@ -46,6 +46,9 @@ func Deploy(cfg map[string]any, logger *public.Logger) error {
 	case "aliyun-oss":
 		logger.Debug("部署到阿里云OSS...")
 		return DeployOss(cfg)
+	case "aliyun-waf":
+		logger.Debug("部署到阿里云WAF...")
+		return DeployAliyunWaf(cfg)
 	case "safeline-site":
 		logger.Debug("部署雷池WAF网站...")
 		return DeploySafeLineWafSite(cfg, logger)
diff --git a/go.mod b/go.mod
index 7a23fad..8d319d6 100644
--- a/go.mod
+++ b/go.mod
@@ -3,10 +3,14 @@ module ALLinSSL
 go 1.23.2
 
 require (
+	github.com/alibabacloud-go/cas-20200407/v4 v4.0.0
 	github.com/alibabacloud-go/cdn-20180510/v6 v6.0.0
 	github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7
 	github.com/alibabacloud-go/market-20151101/v4 v4.1.0
+	github.com/alibabacloud-go/openapi-util v0.1.1
 	github.com/alibabacloud-go/tea v1.3.9
+	github.com/alibabacloud-go/tea-utils/v2 v2.0.7
+	github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2
 	github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible
 	github.com/gin-contrib/gzip v1.2.3
 	github.com/gin-contrib/sessions v1.0.3
@@ -29,10 +33,7 @@ require (
 	github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 // indirect
 	github.com/alibabacloud-go/debug v1.0.1 // indirect
 	github.com/alibabacloud-go/endpoint-util v1.1.0 // indirect
-	github.com/alibabacloud-go/openapi-util v0.1.1 // indirect
-	github.com/alibabacloud-go/tea-utils/v2 v2.0.7 // indirect
 	github.com/aliyun/alibaba-cloud-sdk-go v1.63.100 // indirect
-	github.com/aliyun/credentials-go v1.4.6 // indirect
 	github.com/baidubce/bce-sdk-go v0.9.223 // indirect
 	github.com/bytedance/sonic v1.13.2 // indirect
 	github.com/bytedance/sonic/loader v0.2.4 // indirect
diff --git a/go.sum b/go.sum
index b22e74a..4b9efdb 100644
--- a/go.sum
+++ b/go.sum
@@ -60,6 +60,8 @@ github.com/alibabacloud-go/alibabacloud-gateway-pop v0.0.6/go.mod h1:4EUIoxs/do2
 github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4/go.mod h1:sCavSAvdzOjul4cEqeVtvlSaSScfNsTQ+46HwlTL1hc=
 github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5 h1:zE8vH9C7JiZLNJJQ5OwjU9mSi4T9ef9u3BURT6LCLC8=
 github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.5/go.mod h1:tWnyE9AjF8J8qqLk645oUmVUnFybApTQWklQmi5tY6g=
+github.com/alibabacloud-go/cas-20200407/v4 v4.0.0 h1:nCJ8Ih9IGTbcBrFUcUXQJ6IV/Mwm7jEYioVKOlTOgRI=
+github.com/alibabacloud-go/cas-20200407/v4 v4.0.0/go.mod h1:OuMv6sG1bj4nhzySA/mMdBcSAOJxpi9okEHqM5l73qo=
 github.com/alibabacloud-go/cdn-20180510/v6 v6.0.0 h1:mHVIQWtoGBRV7R7B8l2yoJha13rahY7eNYcKt5SLS/k=
 github.com/alibabacloud-go/cdn-20180510/v6 v6.0.0/go.mod h1:ahEUlWkWWwrDvAruyPwIRfGkrzaMrCG0q6WKHU+BQgQ=
 github.com/alibabacloud-go/darabonba-array v0.1.0 h1:vR8s7b1fWAQIjEjWnuF0JiKsCvclSRTfDzZHTYqfufY=
@@ -69,6 +71,7 @@ github.com/alibabacloud-go/darabonba-encode-util v0.0.2/go.mod h1:JiW9higWHYXm7F
 github.com/alibabacloud-go/darabonba-map v0.0.2 h1:qvPnGB4+dJbJIxOOfawxzF3hzMnIpjmafa0qOTp6udc=
 github.com/alibabacloud-go/darabonba-map v0.0.2/go.mod h1:28AJaX8FOE/ym8OUFWga+MtEzBunJwQGceGQlvaPGPc=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.10/go.mod h1:26a14FGhZVELuz2cc2AolvW4RHmIO3/HRwsdHhaIPDE=
+github.com/alibabacloud-go/darabonba-openapi/v2 v2.0.11/go.mod h1:wHxkgZT1ClZdcwEVP/pDgYK/9HucsnCfMipmJgCz4xY=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7 h1:ASXSBga98QrGMxbIThCD6jAti09gedLfvry6yJtsoBE=
 github.com/alibabacloud-go/darabonba-openapi/v2 v2.1.7/go.mod h1:TBpgqm3XofZz2LCYjZhektGPU7ArEgascyzbm4SjFo4=
 github.com/alibabacloud-go/darabonba-signature-util v0.0.7 h1:UzCnKvsjPFzApvODDNEYqBHMFt1w98wC7FOo0InLyxg=
@@ -102,6 +105,8 @@ github.com/alibabacloud-go/tea-utils/v2 v2.0.6/go.mod h1:qxn986l+q33J5VkialKMqT/
 github.com/alibabacloud-go/tea-utils/v2 v2.0.7 h1:WDx5qW3Xa5ZgJ1c8NfqJkF6w+AU5wB8835UdhPr6Ax0=
 github.com/alibabacloud-go/tea-utils/v2 v2.0.7/go.mod h1:qxn986l+q33J5VkialKMqT/TTs3E+U9MJpd001iWQ9I=
 github.com/alibabacloud-go/tea-xml v1.1.3/go.mod h1:Rq08vgCcCAjHyRi/M7xlHKUykZCEtyBy9+DPF6GgEu8=
+github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2 h1:CmhJzCZ5RiSiWU6BV2XJUtIMD2LDo9FFfqlYGtx1aAw=
+github.com/alibabacloud-go/waf-openapi-20211001/v5 v5.1.2/go.mod h1:9itYSTzipL3NlvhvNYfTjFaapoZzG68nlu/KUdh9SpA=
 github.com/aliyun/alibaba-cloud-sdk-go v1.63.100 h1:yUkCbrSM1cWtgBfRVKMQtdt22KhDvKY7g4V+92eG9wA=
 github.com/aliyun/alibaba-cloud-sdk-go v1.63.100/go.mod h1:SOSDHfe1kX91v3W5QiBsWSLqeLxImobbMX1mxrFHsVQ=
 github.com/aliyun/aliyun-oss-go-sdk v3.0.2+incompatible h1:8psS8a+wKfiLt1iVDX79F7Y6wUM49Lcha2FMXt4UM8g=