From 902359f24ed12eee4f9b65178f1d6a60378351d2 Mon Sep 17 00:00:00 2001 From: Zero Clover <13190004+ZeroClover@users.noreply.github.com> Date: Sat, 6 Sep 2025 00:41:03 +0800 Subject: [PATCH] perf: add preferred chain option (#519) @ZeroClover --- .../src/plugin/cert-plugin/acme.ts | 4 +++- .../src/plugin/cert-plugin/index.ts | 24 +++++++++++++++++++ .../pipeline/service/pipeline-service.ts | 1 + 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts index 0362c6c9..8b5f04c7 100644 --- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts +++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts @@ -329,8 +329,9 @@ export class AcmeService { isTest?: boolean; privateKeyType?: string; profile?: string; + preferredChain?: string; }): Promise { - const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options; + const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile, preferredChain } = options; const client: acme.Client = await this.getAcmeClient(email, isTest); let domains = options.domains; @@ -404,6 +405,7 @@ export class AcmeService { }, signal: this.options.signal, profile, + preferredChain, }); const crtString = crt.toString(); diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts index 1b9e452d..1d608648 100644 --- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts +++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts @@ -292,6 +292,29 @@ export class CertApplyPlugin extends CertApplyBasePlugin { }) certProfile!: string; + @TaskInput({ + title: "首选链", + value: "ISRG Root X1", + component: { + name: "a-select", + vModel: "value", + options: [ + { value: "ISRG Root X1", label: "ISRG Root X1" }, + { value: "ISRG Root X2", label: "ISRG Root X2" }, + ], + }, + helper: "仅 Let's Encrypt 可选,默认为 ISRG Root X1", + required: false, + mergeScript: ` + return { + show: ctx.compute(({form})=>{ + return form.sslProvider === 'letsencrypt' + }) + } + `, + }) + preferredChain!: string; + @TaskInput({ title: "使用代理", value: false, @@ -438,6 +461,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin { isTest: false, privateKeyType: this.privateKeyType, profile: this.certProfile, + preferredChain: this.preferredChain, }); const certInfo = this.formatCerts(cert); diff --git a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts index a4937cd0..3d5b9420 100644 --- a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts +++ b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts @@ -934,6 +934,7 @@ export class PipelineService extends BaseService { "sslProvider": "letsencrypt", "privateKeyType": "rsa_2048", "certProfile": "classic", + "preferredChain": "ISRG Root X1", "useProxy": false, "skipLocalVerify": false, "maxCheckRetryCount": 20,