diff --git a/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts b/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts
index 654c43db..40ae592e 100644
--- a/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/domain-parser.ts
@@ -1,12 +1,15 @@
 import { IDomainParser, ISubDomainsGetter } from "./api";
 //@ts-ignore
 import psl from "psl";
-import { logger, utils } from "@certd/basic";
+import { ILogger, utils, logger as globalLogger } from "@certd/basic";
+import { resolveDomainBySoaRecord } from "@certd/acme-client";
 
 export class DomainParser implements IDomainParser {
   subDomainsGetter: ISubDomainsGetter;
-  constructor(subDomainsGetter: ISubDomainsGetter) {
+  logger: ILogger;
+  constructor(subDomainsGetter: ISubDomainsGetter, logger?: ILogger) {
     this.subDomainsGetter = subDomainsGetter;
+    this.logger = logger || globalLogger;
   }
 
   parseDomainByPsl(fullDomain: string) {
@@ -18,42 +21,46 @@ export class DomainParser implements IDomainParser {
   }
 
   async parse(fullDomain: string) {
-    logger.info(`查找主域名:${fullDomain}`);
+    this.logger.info(`查找主域名:${fullDomain}`);
     const cacheKey = `domain_parse:${fullDomain}`;
     const value = utils.cache.get(cacheKey);
     if (value) {
-      logger.info(`从缓存获取到主域名:${fullDomain}->${value}`);
+      this.logger.info(`从缓存获取到主域名:${fullDomain}->${value}`);
       return value;
     }
-    // try {
-    //   const mainDomain = await resolveDomainBySoaRecord(fullDomain);
-    //   if (mainDomain) {
-    //     utils.cache.set(cacheKey, mainDomain, {
-    //       ttl: 2 * 60 * 1000,
-    //     });
-    //     logger.info(`获取到主域名:${fullDomain}->${mainDomain}`);
-    //     return mainDomain;
-    //   }
-    // } catch (e) {
-    //   logger.error("从SOA获取主域名失败", e.message);
-    // }
 
     const subDomains = await this.subDomainsGetter.getSubDomains();
     if (subDomains && subDomains.length > 0) {
+      const fullDomainDot = "." + fullDomain;
       for (const subDomain of subDomains) {
-        if (fullDomain.endsWith(subDomain)) {
+        if (fullDomainDot.endsWith("." + subDomain)) {
           //找到子域名托管
           utils.cache.set(cacheKey, subDomain, {
-            ttl: 2 * 60 * 1000,
+            ttl: 60 * 1000,
           });
-          logger.info(`获取到子域名托管域名:${fullDomain}->${subDomain}`);
+          this.logger.info(`获取到子域名托管域名:${fullDomain}->${subDomain}`);
           return subDomain;
         }
       }
     }
 
     const res = this.parseDomainByPsl(fullDomain);
-    logger.info(`从psl获取主域名:${fullDomain}->${res}`);
+    this.logger.info(`从psl获取主域名:${fullDomain}->${res}`);
+
+    let soaManDomain = null;
+    try {
+      const mainDomain = await resolveDomainBySoaRecord(fullDomain);
+      if (mainDomain) {
+        this.logger.info(`从SOA获取到主域名:${fullDomain}->${mainDomain}`);
+        soaManDomain = mainDomain;
+      }
+    } catch (e) {
+      this.logger.error("从SOA获取主域名失败", e.message);
+    }
+    if (soaManDomain && soaManDomain !== res) {
+      this.logger.warn(`SOA获取的主域名（${soaManDomain}）和psl获取的主域名(${res})不一致，请确认是否有设置子域名托管`);
+    }
+
     return res;
   }
 }
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
index 8eca09d6..a8c4e484 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base-convert.ts
@@ -28,7 +28,7 @@ export abstract class CertApplyBaseConvertPlugin extends AbstractTaskPlugin {
       "2、子域名被通配符包含的不要填写，例如：www.foo.com已经被*.foo.com包含，不要填写www.foo.com\n" +
       "3、泛域名只能通配*号那一级（*.foo.com的证书不能用于xxx.yyy.foo.com、不能用于foo.com）\n" +
       "4、输入一个，空格之后，再输入下一个 \n" +
-      "5、如果你配置了子域托管解析，请先[设置托管子域名](#/certd/pipeline/subDomain)",
+      "5、如果您配置了子域托管解析，请先[设置托管子域名](#/certd/pipeline/subDomain)",
   })
   domains!: string[];
 
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
index 3931af9d..ec0a3098 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -327,7 +327,7 @@ HTTP文件验证：不支持泛域名，需要配置网站文件上传`,
     }
     this.eab = eab;
     const subDomainsGetter = await this.ctx.serviceGetter.get<ISubDomainsGetter>("subDomainsGetter");
-    const domainParser = new DomainParser(subDomainsGetter);
+    const domainParser = new DomainParser(subDomainsGetter, this.logger);
     this.acme = new AcmeService({
       userId: this.ctx.user.id,
       userContext: this.userContext,
diff --git a/packages/ui/certd-server/.env.dev-pluslocal.yaml b/packages/ui/certd-server/.env.dev-localplus.yaml
similarity index 100%
rename from packages/ui/certd-server/.env.dev-pluslocal.yaml
rename to packages/ui/certd-server/.env.dev-localplus.yaml
diff --git a/packages/ui/certd-server/src/modules/cname/service/common-provider.ts b/packages/ui/certd-server/src/modules/cname/service/common-provider.ts
index 5125d269..e9fe32b7 100644
--- a/packages/ui/certd-server/src/modules/cname/service/common-provider.ts
+++ b/packages/ui/certd-server/src/modules/cname/service/common-provider.ts
@@ -61,7 +61,7 @@ export class CommonDnsProvider implements IDnsProvider {
         domain: options.recordReq.domain,
         hostRecord: options.recordReq.hostRecord,
         recordValue: options.recordReq.value,
-        recordId: options.recordRes.recordId,
+        recordId: options.recordRes?.recordId,
         providerId: this.config.id,
       },
     });