diff --git a/packages/core/acme-client/src/auto.js b/packages/core/acme-client/src/auto.js
index 193a72eb..d8ee534e 100644
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -118,16 +118,16 @@ module.exports = async (client, userOpts) => {
             /* Trigger challengeCreateFn() */
             log(`[auto] [${d}] Trigger challengeCreateFn()`);
             const keyAuthorization = await client.getChallengeKeyAuthorization(challenge);
-            let recordItem = null;
+
             try {
-                recordItem = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
+                const { recordReq, recordRes, dnsProvider } = await opts.challengeCreateFn(authz, challenge, keyAuthorization);
                 log(`[auto] [${d}] challengeCreateFn success`);
                 log(`[auto] [${d}] add challengeRemoveFn()`);
                 clearTasks.push(async () => {
                     /* Trigger challengeRemoveFn(), suppress errors */
                     log(`[auto] [${d}] Trigger challengeRemoveFn()`);
                     try {
-                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem);
+                        await opts.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
                     }
                     catch (e) {
                         log(`[auto] [${d}] challengeRemoveFn threw error: ${e.message}`);
diff --git a/packages/core/acme-client/src/verify.js b/packages/core/acme-client/src/verify.js
index 1b30f4f7..93e147a3 100644
--- a/packages/core/acme-client/src/verify.js
+++ b/packages/core/acme-client/src/verify.js
@@ -68,6 +68,7 @@ async function walkDnsChallengeRecord(recordName, resolver = dns) {
 
         if (txtRecords.length) {
             log(`Found ${txtRecords.length} TXT records at ${recordName}`);
+            log(`TXT records: ${JSON.stringify(txtRecords)}`);
             return [].concat(...txtRecords);
         }
     }
diff --git a/packages/core/acme-client/types/index.d.ts b/packages/core/acme-client/types/index.d.ts
index b0fc9657..ac469cb9 100644
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -55,8 +55,8 @@ export interface ClientExternalAccountBindingOptions {
 
 export interface ClientAutoOptions {
     csr: CsrBuffer | CsrString;
-    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<any>;
-    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string, recordRes:any) => Promise<any>;
+    challengeCreateFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string) => Promise<{recordReq:any,recordRes:any,dnsProvider:any}>;
+    challengeRemoveFn: (authz: Authorization, challenge: rfc8555.Challenge, keyAuthorization: string,recordReq:any, recordRes:any,dnsProvider:any) => Promise<any>;
     email?: string;
     termsOfServiceAgreed?: boolean;
     skipChallengeVerification?: boolean;
diff --git a/packages/core/pipeline/src/core/executor.ts b/packages/core/pipeline/src/core/executor.ts
index b4ee8d53..99fb2eaa 100644
--- a/packages/core/pipeline/src/core/executor.ts
+++ b/packages/core/pipeline/src/core/executor.ts
@@ -10,7 +10,7 @@ import { createAxiosService } from "../utils/util.request.js";
 import { IAccessService } from "../access/index.js";
 import { RegistryItem } from "../registry/index.js";
 import { Decorator } from "../decorator/index.js";
-import { IEmailService } from "../service/index.js";
+import { ICnameProxyService, IEmailService } from "../service/index.js";
 import { FileStore } from "./file-store.js";
 import { hashUtils, utils } from "../utils/index.js";
 // import { TimeoutPromise } from "../utils/util.promise.js";
@@ -21,6 +21,7 @@ export type ExecutorOptions = {
   onChanged: (history: RunHistory) => Promise<void>;
   accessService: IAccessService;
   emailService: IEmailService;
+  cnameProxyService: ICnameProxyService;
   fileRootDir?: string;
   user: UserInfo;
 };
@@ -221,7 +222,7 @@ export class Executor {
     //从outputContext读取输入参数
     const input = _.cloneDeep(step.input);
     Decorator.inject(define.input, instance, input, (item, key) => {
-      if (item.component?.name === "pi-output-selector") {
+      if (item.component?.name === "output-selector") {
         const contextKey = input[key];
         if (contextKey != null) {
           if (typeof contextKey !== "string") {
@@ -268,6 +269,7 @@ export class Executor {
       inputChanged,
       accessService: this.options.accessService,
       emailService: this.options.emailService,
+      cnameProxyService: this.options.cnameProxyService,
       pipelineContext: this.pipelineContext,
       userContext: this.contextFactory.getContext("user", this.options.user.id),
       fileStore: new FileStore({
diff --git a/packages/core/pipeline/src/plugin/api.ts b/packages/core/pipeline/src/plugin/api.ts
index e327adb6..7dc9a4c7 100644
--- a/packages/core/pipeline/src/plugin/api.ts
+++ b/packages/core/pipeline/src/plugin/api.ts
@@ -3,7 +3,7 @@ import { FileItem, FormItemProps, Pipeline, Runnable, Step } from "../dt/index.j
 import { FileStore } from "../core/file-store.js";
 import { Logger } from "log4js";
 import { IAccessService } from "../access/index.js";
-import { IEmailService } from "../service/index.js";
+import { ICnameProxyService, IEmailService } from "../service/index.js";
 import { IContext, PluginRequestHandleReq, RunnableCollection } from "../core/index.js";
 import { ILogger, logger, utils } from "../utils/index.js";
 import { HttpClient } from "../utils/util.request.js";
@@ -70,6 +70,8 @@ export type TaskInstanceContext = {
   accessService: IAccessService;
   //邮件服务
   emailService: IEmailService;
+  //cname记录服务
+  cnameProxyService: ICnameProxyService;
   //流水线上下文
   pipelineContext: IContext;
   //用户上下文
@@ -84,7 +86,7 @@ export type TaskInstanceContext = {
   signal: AbortSignal;
   //工具类
   utils: typeof utils;
-
+  //用户信息
   user: UserInfo;
 };
 
diff --git a/packages/core/pipeline/src/service/cname.ts b/packages/core/pipeline/src/service/cname.ts
new file mode 100644
index 00000000..4cd12a60
--- /dev/null
+++ b/packages/core/pipeline/src/service/cname.ts
@@ -0,0 +1,16 @@
+export type CnameProvider = {
+  id: any;
+  domain: string;
+  dnsProviderType: string;
+  accessId: any;
+};
+export type CnameRecord = {
+  id: any;
+  domain: string;
+  hostRecord: string;
+  recordValue: string;
+  cnameProvider: CnameProvider;
+};
+export type ICnameProxyService = {
+  getByDomain: (domain: string) => Promise<CnameRecord>;
+};
diff --git a/packages/core/pipeline/src/service/index.ts b/packages/core/pipeline/src/service/index.ts
index 33c5af08..bee36485 100644
--- a/packages/core/pipeline/src/service/index.ts
+++ b/packages/core/pipeline/src/service/index.ts
@@ -1 +1,2 @@
 export * from "./email.js";
+export * from "./cname.js";
diff --git a/packages/libs/lib-server/src/basic/base-service.ts b/packages/libs/lib-server/src/basic/base-service.ts
index 6e35c4cf..1c3fcb8d 100644
--- a/packages/libs/lib-server/src/basic/base-service.ts
+++ b/packages/libs/lib-server/src/basic/base-service.ts
@@ -192,18 +192,17 @@ export abstract class BaseService<T> {
     return await qb.getMany();
   }
 
-  async checkUserId(id: any = 0, userId, userKey = 'userId') {
-    // @ts-ignore
+  async checkUserId(id: any = 0, userId: number, userKey = 'userId') {
     const res = await this.getRepository().findOne({
+      // eslint-disable-next-line @typescript-eslint/ban-ts-comment
       // @ts-ignore
       select: { [userKey]: true },
-      // @ts-ignore
       where: {
+        // eslint-disable-next-line @typescript-eslint/ban-ts-comment
         // @ts-ignore
         id,
       },
     });
-    // @ts-ignore
     if (!res || res[userKey] === userId) {
       return;
     }
diff --git a/packages/plugins/plugin-cert/src/dns-provider/api.ts b/packages/plugins/plugin-cert/src/dns-provider/api.ts
index 94115e28..015d4d99 100644
--- a/packages/plugins/plugin-cert/src/dns-provider/api.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/api.ts
@@ -8,14 +8,16 @@ export type DnsProviderDefine = Registrable & {
 };
 
 export type CreateRecordOptions = {
+  domain: string;
   fullRecord: string;
+  hostRecord: string;
   type: string;
   value: any;
-  domain: string;
 };
-export type RemoveRecordOptions<T> = CreateRecordOptions & {
+export type RemoveRecordOptions<T> = {
+  recordReq: CreateRecordOptions;
   // 本次创建的dns解析记录，实际上就是createRecord接口的返回值
-  record: T;
+  recordRes: T;
 };
 
 export type DnsProviderContext = {
diff --git a/packages/plugins/plugin-cert/src/dns-provider/base.ts b/packages/plugins/plugin-cert/src/dns-provider/base.ts
index 9771640f..03cdaf50 100644
--- a/packages/plugins/plugin-cert/src/dns-provider/base.ts
+++ b/packages/plugins/plugin-cert/src/dns-provider/base.ts
@@ -1,4 +1,5 @@
 import { CreateRecordOptions, DnsProviderContext, IDnsProvider, RemoveRecordOptions } from "./api.js";
+import psl from "psl";
 
 export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
   ctx!: DnsProviderContext;
@@ -13,3 +14,11 @@ export abstract class AbstractDnsProvider<T = any> implements IDnsProvider<T> {
 
   abstract removeRecord(options: RemoveRecordOptions<T>): Promise<void>;
 }
+
+export function parseDomain(fullDomain: string) {
+  const parsed = psl.parse(fullDomain) as psl.ParsedDomain;
+  if (parsed.error) {
+    throw new Error(`解析${fullDomain}域名失败:` + JSON.stringify(parsed.error));
+  }
+  return parsed.domain as string;
+}
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
index 1789f534..9b5c2cd3 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -1,13 +1,28 @@
 // @ts-ignore
 import * as acme from "@certd/acme-client";
+import { ClientExternalAccountBindingOptions, UrlMapping } from "@certd/acme-client";
 import _ from "lodash-es";
 import { Challenge } from "@certd/acme-client/types/rfc8555";
 import { Logger } from "log4js";
-import { IContext } from "@certd/pipeline";
-import { IDnsProvider } from "../../dns-provider/index.js";
-import psl from "psl";
-import { ClientExternalAccountBindingOptions, UrlMapping } from "@certd/acme-client";
-import { utils } from "@certd/pipeline";
+import { IContext, utils } from "@certd/pipeline";
+import { IDnsProvider, parseDomain } from "../../dns-provider/index.js";
+
+export type CnameVerifyPlan = {
+  domain: string;
+  fullRecord: string;
+  dnsProvider: IDnsProvider;
+};
+
+export type DomainVerifyPlan = {
+  domain: string;
+  type: "cname" | "dns";
+  dnsProvider?: IDnsProvider;
+  cnameVerifyPlan?: Record<string, CnameVerifyPlan>;
+};
+export type DomainsVerifyPlan = {
+  [key: string]: DomainVerifyPlan;
+};
+
 export type CertInfo = {
   crt: string;
   key: string;
@@ -132,14 +147,7 @@ export class AcmeService {
     return key.toString();
   }
 
-  parseDomain(fullDomain: string) {
-    const parsed = psl.parse(fullDomain) as psl.ParsedDomain;
-    if (parsed.error) {
-      throw new Error(`解析${fullDomain}域名失败:` + JSON.stringify(parsed.error));
-    }
-    return parsed.domain as string;
-  }
-  async challengeCreateFn(authz: any, challenge: any, keyAuthorization: string, dnsProvider: IDnsProvider) {
+  async challengeCreateFn(authz: any, challenge: any, keyAuthorization: string, dnsProvider: IDnsProvider, domainsVerifyPlan: DomainsVerifyPlan) {
     this.logger.info("Triggered challengeCreateFn()");
 
     /* http-01 */
@@ -155,21 +163,62 @@ export class AcmeService {
       // await fs.writeFileAsync(filePath, fileContents);
     } else if (challenge.type === "dns-01") {
       /* dns-01 */
-      const dnsRecord = `_acme-challenge.${fullDomain}`;
+      let fullRecord = `_acme-challenge.${fullDomain}`;
       const recordValue = keyAuthorization;
 
-      this.logger.info(`Creating TXT record for ${fullDomain}: ${dnsRecord}`);
+      this.logger.info(`Creating TXT record for ${fullDomain}: ${fullRecord}`);
       /* Replace this */
-      this.logger.info(`Would create TXT record "${dnsRecord}" with value "${recordValue}"`);
+      this.logger.info(`Would create TXT record "${fullRecord}" with value "${recordValue}"`);
 
-      const domain = this.parseDomain(fullDomain);
+      let domain = parseDomain(fullDomain);
       this.logger.info("解析到域名domain=", domain);
-      return await dnsProvider.createRecord({
-        fullRecord: dnsRecord,
+
+      if (domainsVerifyPlan) {
+        //按照计划执行
+        const domainVerifyPlan = domainsVerifyPlan[domain];
+        if (domainVerifyPlan) {
+          if (domainVerifyPlan.type === "dns") {
+            dnsProvider = domainVerifyPlan.dnsProvider;
+          } else if (domainVerifyPlan.type === "cname") {
+            const cnameVerifyPlan = domainVerifyPlan.cnameVerifyPlan;
+            if (cnameVerifyPlan) {
+              const cname = cnameVerifyPlan[fullDomain];
+              if (cname) {
+                dnsProvider = cname.dnsProvider;
+                domain = parseDomain(cname.domain);
+                fullRecord = cname.fullRecord;
+              }
+            } else {
+              this.logger.error("未找到域名Cname校验计划，使用默认的dnsProvider");
+            }
+          } else {
+            this.logger.error("不支持的校验类型", domainVerifyPlan.type);
+          }
+        } else {
+          this.logger.info("未找到域名校验计划，使用默认的dnsProvider");
+        }
+      }
+
+      let hostRecord = fullRecord.replace(`${domain}`, "");
+      if (hostRecord.endsWith(".")) {
+        hostRecord = hostRecord.substring(0, hostRecord.length - 1);
+      }
+
+      const recordReq = {
+        domain,
+        fullRecord,
+        hostRecord,
         type: "TXT",
         value: recordValue,
-        domain,
-      });
+      };
+      this.logger.info("添加 TXT 解析记录", JSON.stringify(recordReq));
+      const recordRes = await dnsProvider.createRecord(recordReq);
+      this.logger.info("添加 TXT 解析记录成功", JSON.stringify(recordRes));
+      return {
+        recordReq,
+        recordRes,
+        dnsProvider,
+      };
     }
   }
 
@@ -179,12 +228,13 @@ export class AcmeService {
    * @param {object} authz Authorization object
    * @param {object} challenge Selected challenge
    * @param {string} keyAuthorization Authorization key
-   * @param recordItem  challengeCreateFn create record item
+   * @param recordReq
+   * @param recordRes
    * @param dnsProvider dnsProvider
    * @returns {Promise}
    */
 
-  async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordItem: any, dnsProvider: IDnsProvider) {
+  async challengeRemoveFn(authz: any, challenge: any, keyAuthorization: string, recordReq: any, recordRes: any, dnsProvider: IDnsProvider) {
     this.logger.info("Triggered challengeRemoveFn()");
 
     /* http-01 */
@@ -198,24 +248,13 @@ export class AcmeService {
       this.logger.info(`Would remove file on path "${filePath}"`);
       // await fs.unlinkAsync(filePath);
     } else if (challenge.type === "dns-01") {
-      const dnsRecord = `_acme-challenge.${fullDomain}`;
-      const recordValue = keyAuthorization;
-
-      this.logger.info(`Removing TXT record for ${fullDomain}: ${dnsRecord}`);
-
-      /* Replace this */
-      this.logger.info(`Would remove TXT record "${dnsRecord}" with value "${recordValue}"`);
-
-      const domain = this.parseDomain(fullDomain);
-
+      this.logger.info(`删除 TXT 解析记录:${JSON.stringify(recordReq)} ,recordRes = ${JSON.stringify(recordRes)}`);
       try {
         await dnsProvider.removeRecord({
-          fullRecord: dnsRecord,
-          type: "TXT",
-          value: keyAuthorization,
-          record: recordItem,
-          domain,
+          recordReq,
+          recordRes,
         });
+        this.logger.info("删除解析记录成功");
       } catch (e) {
         this.logger.error("删除解析记录出错：", e);
         throw e;
@@ -226,12 +265,13 @@ export class AcmeService {
   async order(options: {
     email: string;
     domains: string | string[];
-    dnsProvider: any;
+    dnsProvider?: any;
+    domainsVerifyPlan?: DomainsVerifyPlan;
     csrInfo: any;
     isTest?: boolean;
     privateKeyType?: string;
   }): Promise<CertInfo> {
-    const { email, isTest, domains, csrInfo, dnsProvider } = options;
+    const { email, isTest, domains, csrInfo, dnsProvider, domainsVerifyPlan } = options;
     const client: acme.Client = await this.getAcmeClient(email, isTest);
 
     /* Create CSR */
@@ -271,8 +311,8 @@ export class AcmeService {
       privateKey
     );
 
-    if (dnsProvider == null) {
-      throw new Error("dnsProvider 不能为空");
+    if (dnsProvider == null && domainsVerifyPlan == null) {
+      throw new Error("dnsProvider 、 domainsVerifyPlan 不能都为空");
     }
     /* 自动申请证书 */
     const crt = await client.auto({
@@ -281,11 +321,22 @@ export class AcmeService {
       termsOfServiceAgreed: true,
       skipChallengeVerification: this.skipLocalVerify,
       challengePriority: ["dns-01"],
-      challengeCreateFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string): Promise<any> => {
-        return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider);
+      challengeCreateFn: async (
+        authz: acme.Authorization,
+        challenge: Challenge,
+        keyAuthorization: string
+      ): Promise<{ recordReq: any; recordRes: any; dnsProvider: any }> => {
+        return await this.challengeCreateFn(authz, challenge, keyAuthorization, dnsProvider, domainsVerifyPlan);
       },
-      challengeRemoveFn: async (authz: acme.Authorization, challenge: Challenge, keyAuthorization: string, recordItem: any): Promise<any> => {
-        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordItem, dnsProvider);
+      challengeRemoveFn: async (
+        authz: acme.Authorization,
+        challenge: Challenge,
+        keyAuthorization: string,
+        recordReq: any,
+        recordRes: any,
+        dnsProvider: IDnsProvider
+      ): Promise<any> => {
+        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider);
       },
       signal: this.options.signal,
     });
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
index 7b6b31b3..97b24892 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/base.ts
@@ -24,7 +24,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
     col: {
       span: 24,
     },
-    order: -1,
+    order: -999,
     helper:
       "1、支持通配符域名，例如： *.foo.com、foo.com、*.test.handsfree.work\n" +
       "2、支持多个域名、多个子域名、多个通配符域名打到一个证书上（域名必须是在同一个DNS提供商解析）\n" +
@@ -39,6 +39,7 @@ export abstract class CertApplyBasePlugin extends AbstractTaskPlugin {
       name: "a-input",
       vModel: "value",
     },
+    rules: [{ type: "email" }],
     required: true,
     order: -1,
     helper: "请输入邮箱",
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
index 3fee9830..832215ed 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -1,13 +1,27 @@
 import { Decorator, IsTaskPlugin, pluginGroups, RunStrategy, TaskInput, utils } from "@certd/pipeline";
-import type { CertInfo, PrivateKeyType, SSLProvider } from "./acme.js";
+import type { CertInfo, CnameVerifyPlan, DomainsVerifyPlan, PrivateKeyType, SSLProvider } from "./acme.js";
 import { AcmeService } from "./acme.js";
 import _ from "lodash-es";
-import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry } from "../../dns-provider/index.js";
+import { DnsProviderContext, DnsProviderDefine, dnsProviderRegistry, IDnsProvider } from "../../dns-provider/index.js";
 import { CertReader } from "./cert-reader.js";
 import { CertApplyBasePlugin } from "./base.js";
 
 export type { CertInfo };
 export * from "./cert-reader.js";
+export type CnameRecordInput = {
+  id: number;
+  status: string;
+};
+export type DomainVerifyPlanInput = {
+  domain: string;
+  type: "cname" | "dns";
+  dnsProviderType?: string;
+  dnsProviderAccessId?: number;
+  cnameVerifyPlan?: Record<string, CnameRecordInput>;
+};
+export type DomainsVerifyPlanInput = {
+  [key: string]: DomainVerifyPlanInput;
+};
 
 @IsTaskPlugin({
   name: "CertApply",
@@ -26,6 +40,85 @@ export * from "./cert-reader.js";
   },
 })
 export class CertApplyPlugin extends CertApplyBasePlugin {
+  @TaskInput({
+    title: "域名验证方式",
+    value: "dns",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "dns", label: "DNS直接验证" },
+        { value: "cname", label: "CNAME间接验证" },
+      ],
+    },
+    required: true,
+    helper:
+      "DNS直接验证：适合域名是在阿里云、腾讯云、华为云、Cloudflare、西数注册的，需要提供Access授权信息。\nCNAME间接验证：支持任何注册商注册的域名，并且不需要提供Access授权信息，但第一次需要手动添加CNAME记录",
+  })
+  challengeType!: string;
+
+  @TaskInput({
+    title: "DNS提供商",
+    component: {
+      name: "dns-provider-selector",
+    },
+    mergeScript: `
+    return {
+      show: ctx.compute(({form})=>{
+          return form.challengeType === 'dns' 
+      })
+    }
+    `,
+    required: true,
+    helper: "请选择dns解析提供商，您的域名是在哪里注册的，或者域名的dns解析服务器属于哪个平台\n如果这里没有您需要的dns解析提供商，请选择CNAME间接验证校验方式",
+  })
+  dnsProviderType!: string;
+
+  @TaskInput({
+    title: "DNS解析授权",
+    component: {
+      name: "access-selector",
+    },
+    required: true,
+    helper: "请选择dns解析提供商授权",
+    mergeScript: `return {
+      component:{
+        type: ctx.compute(({form})=>{
+            return form.dnsProviderType
+        })
+      },
+      show: ctx.compute(({form})=>{
+          return form.challengeType === 'dns' 
+      })
+    }
+    `,
+  })
+  dnsProviderAccess!: number;
+
+  @TaskInput({
+    title: "域名验证配置",
+    component: {
+      name: "domains-verify-plan-editor",
+    },
+    required: true,
+    helper: "如果选择CNAME方式，请按照上面的显示，给域名添加CNAME记录",
+    col: {
+      span: 24,
+    },
+    mergeScript: `return {
+      component:{
+        domains: ctx.compute(({form})=>{
+            return form.domains
+        })
+      },
+      show: ctx.compute(({form})=>{
+          return form.challengeType === 'cname' 
+      })
+    }
+    `,
+  })
+  domainsVerifyPlan!: DomainsVerifyPlanInput;
+
   @TaskInput({
     title: "证书提供商",
     value: "letsencrypt",
@@ -38,7 +131,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         { value: "zerossl", label: "ZeroSSL" },
       ],
     },
-    helper: "Let's Encrypt最简单，如果使用ZeroSSL、google证书，需要提供EAB授权",
+    helper: "Let's Encrypt最简单，如果使用ZeroSSL、Google证书，需要提供EAB授权",
     required: true,
   })
   sslProvider!: SSLProvider;
@@ -46,7 +139,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
   @TaskInput({
     title: "EAB授权",
     component: {
-      name: "pi-access-selector",
+      name: "access-selector",
       type: "eab",
     },
     maybeNeed: true,
@@ -80,39 +173,11 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
         // { value: "ec_521", label: "EC 521" },
       ],
     },
+    helper: "如无特殊需求，默认即可",
     required: true,
   })
   privateKeyType!: PrivateKeyType;
 
-  @TaskInput({
-    title: "DNS提供商",
-    component: {
-      name: "pi-dns-provider-selector",
-    },
-    required: true,
-    helper:
-      "请选择dns解析提供商，您的域名是在哪里注册的，或者域名的dns解析服务器属于哪个平台\n如果这里没有您需要的dns解析提供商，您需要将域名解析服务器设置成上面的任意一个提供商",
-  })
-  dnsProviderType!: string;
-
-  @TaskInput({
-    title: "DNS解析授权",
-    component: {
-      name: "pi-access-selector",
-    },
-    required: true,
-    helper: "请选择dns解析提供商授权",
-    mergeScript: `return {
-      component:{
-        type: ctx.compute(({form})=>{
-            return form.dnsProviderType
-        })
-      }
-    }
-    `,
-  })
-  dnsProviderAccess!: string;
-
   @TaskInput({
     title: "使用代理",
     value: false,
@@ -120,7 +185,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       name: "a-switch",
       vModel: "checked",
     },
-    helper: "如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问，请尝试开启此选项",
+    helper: "如果acme-v02.api.letsencrypt.org或dv.acme-v02.api.pki.goog被墙无法访问，请尝试开启此选项\n默认情况会进行测试，如果无法访问，将会自动使用代理",
   })
   useProxy = false;
 
@@ -131,7 +196,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       name: "a-switch",
       vModel: "checked",
     },
-    helper: "如果重试多次出现Authorization not found TXT record，导致无法申请成功，请尝试开启此选项",
+    helper: "跳过本地校验可以加快申请速度，同时也会增加失败概率。",
   })
   skipLocalVerify = false;
 
@@ -150,14 +215,15 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       skipLocalVerify: this.skipLocalVerify,
       useMappingProxy: this.useProxy,
       privateKeyType: this.privateKeyType,
+      // cnameProxyService: this.ctx.cnameProxyService,
+      // dnsProviderCreator: this.createDnsProvider.bind(this),
     });
   }
 
   async doCertApply() {
     const email = this["email"];
     const domains = this["domains"];
-    const dnsProviderType = this["dnsProviderType"];
-    const dnsProviderAccessId = this["dnsProviderAccess"];
+
     const csrInfo = _.merge(
       {
         country: "CN",
@@ -171,26 +237,22 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
     );
     this.logger.info("开始申请证书,", email, domains);
 
-    const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
-    const DnsProviderClass = dnsProviderPlugin.target;
-    const dnsProviderDefine = dnsProviderPlugin.define as DnsProviderDefine;
-    if (dnsProviderDefine.deprecated) {
-      throw new Error(dnsProviderDefine.deprecated);
+    let dnsProvider: any = null;
+    let domainsVerifyPlan: DomainsVerifyPlan = null;
+    if (this.challengeType === "cname") {
+      domainsVerifyPlan = await this.createDomainsVerifyPlan();
+    } else {
+      const dnsProviderType = this.dnsProviderType;
+      const dnsProviderAccessId = this.dnsProviderAccess;
+      dnsProvider = await this.createDnsProvider(dnsProviderType, dnsProviderAccessId);
     }
-    const access = await this.accessService.getById(dnsProviderAccessId);
-
-    // @ts-ignore
-    const dnsProvider: IDnsProvider = new DnsProviderClass();
-    const context: DnsProviderContext = { access, logger: this.logger, http: this.http, utils };
-    Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
-    dnsProvider.setCtx(context);
-    await dnsProvider.onInstance();
 
     try {
       const cert = await this.acme.order({
         email,
         domains,
         dnsProvider,
+        domainsVerifyPlan,
         csrInfo,
         isTest: false,
         privateKeyType: this.privateKeyType,
@@ -207,6 +269,52 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
       throw e;
     }
   }
+
+  async createDnsProvider(dnsProviderType: string, dnsProviderAccessId: number): Promise<IDnsProvider> {
+    const dnsProviderPlugin = dnsProviderRegistry.get(dnsProviderType);
+    const DnsProviderClass = dnsProviderPlugin.target;
+    const dnsProviderDefine = dnsProviderPlugin.define as DnsProviderDefine;
+    if (dnsProviderDefine.deprecated) {
+      throw new Error(dnsProviderDefine.deprecated);
+    }
+    const access = await this.accessService.getById(dnsProviderAccessId);
+
+    // @ts-ignore
+    const dnsProvider: IDnsProvider = new DnsProviderClass();
+    const context: DnsProviderContext = { access, logger: this.logger, http: this.http, utils };
+    Decorator.inject(dnsProviderDefine.autowire, dnsProvider, context);
+    dnsProvider.setCtx(context);
+    await dnsProvider.onInstance();
+    return dnsProvider;
+  }
+
+  async createDomainsVerifyPlan(): Promise<DomainsVerifyPlan> {
+    const plan: DomainsVerifyPlan = {};
+    for (const domain in this.domainsVerifyPlan) {
+      const domainVerifyPlan = this.domainsVerifyPlan[domain];
+      let dnsProvider = null;
+      const cnameVerifyPlan: Record<string, CnameVerifyPlan> = {};
+      if (domainVerifyPlan.type === "dns") {
+        dnsProvider = await this.createDnsProvider(domainVerifyPlan.dnsProviderType, domainVerifyPlan.dnsProviderAccessId);
+      } else {
+        for (const key in domainVerifyPlan.cnameVerifyPlan) {
+          const cnameRecord = await this.ctx.cnameProxyService.getByDomain(key);
+          cnameVerifyPlan[key] = {
+            domain: cnameRecord.cnameProvider.domain,
+            fullRecord: cnameRecord.recordValue,
+            dnsProvider: await this.createDnsProvider(cnameRecord.cnameProvider.dnsProviderType, cnameRecord.cnameProvider.accessId),
+          };
+        }
+      }
+      plan[domain] = {
+        domain,
+        type: domainVerifyPlan.type,
+        dnsProvider,
+        cnameVerifyPlan,
+      };
+    }
+    return plan;
+  }
 }
 
 new CertApplyPlugin();
diff --git a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
index de4e6213..881a7ac7 100644
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/lego/index.ts
@@ -69,7 +69,7 @@ export class CertApplyLegoPlugin extends CertApplyBasePlugin {
   @TaskInput({
     title: "EAB授权",
     component: {
-      name: "pi-access-selector",
+      name: "access-selector",
       type: "eab",
     },
     maybeNeed: true,
diff --git a/packages/ui/certd-client/index.html b/packages/ui/certd-client/index.html
index 9abb0bdf..3e60def3 100644
--- a/packages/ui/certd-client/index.html
+++ b/packages/ui/certd-client/index.html
@@ -4,7 +4,7 @@
     <meta charset="UTF-8"/>
     <link rel="icon" href="/static/logo.svg"/>
     <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
-    <title>Certd-让你的证书永不过期</title>
+    <title>Loading</title>
     <script src="/static/icons/iconfont.js"></script>
     <link rel="stylesheet" type="text/css" href="/static/index.css"/>
 </head>
diff --git a/packages/ui/certd-client/package.json b/packages/ui/certd-client/package.json
index 258a8690..a3094af8 100644
--- a/packages/ui/certd-client/package.json
+++ b/packages/ui/certd-client/package.json
@@ -32,6 +32,7 @@
     "@soerenmartius/vue3-clipboard": "^0.1.2",
     "@vue-js-cron/light": "^4.0.5",
     "ant-design-vue": "^4.1.2",
+    "async-validator": "^4.2.5",
     "axios": "^1.7.2",
     "axios-mock-adapter": "^1.22.0",
     "base64-js": "^1.5.1",
@@ -49,6 +50,7 @@
     "nprogress": "^0.2.0",
     "object-assign": "^4.1.1",
     "pinia": "2.1.7",
+    "psl": "^1.9.0",
     "qiniu-js": "^3.4.2",
     "sortablejs": "^1.15.2",
     "vue": "^3.4.21",
diff --git a/packages/ui/certd-client/src/components/cron-editor/index.vue b/packages/ui/certd-client/src/components/cron-editor/index.vue
index 087324cf..15bce87e 100644
--- a/packages/ui/certd-client/src/components/cron-editor/index.vue
+++ b/packages/ui/certd-client/src/components/cron-editor/index.vue
@@ -22,6 +22,9 @@
 
 <script lang="ts" setup>
 import { ref } from "vue";
+defineOptions({
+  name: "CronEditor"
+});
 const props = defineProps<{
   modelValue?: string;
   disabled?: boolean;
diff --git a/packages/ui/certd-client/src/components/dns-provider-selector/index.vue b/packages/ui/certd-client/src/components/dns-provider-selector/index.vue
deleted file mode 100644
index bd4800c1..00000000
--- a/packages/ui/certd-client/src/components/dns-provider-selector/index.vue
+++ /dev/null
@@ -1,97 +0,0 @@
-<template>
-  <a-select class="pi-dns-provider-selector" :value="modelValue" :options="options" @update:value="onChanged">
-  </a-select>
-</template>
-
-<script lang="ts">
-import { inject, Ref, ref, watch } from "vue";
-import * as api from "./api";
-
-export default {
-  name: "PiDnsProviderSelector",
-  props: {
-    modelValue: {
-      type: String,
-      default: undefined
-    }
-  },
-  emits: ["update:modelValue"],
-  setup(props:any, ctx:any) {
-    const options = ref<any[]>([]);
-
-    async function onCreate() {
-      const list = await api.GetList();
-      const array: any[] = [];
-      for (let item of list) {
-        array.push({
-          value: item.name,
-          label: item.title
-        });
-      }
-      options.value = array;
-      if (props.modelValue == null && options.value.length > 0) {
-        ctx.emit("update:modelValue", options.value[0].value);
-      }
-    }
-    onCreate();
-
-    function onChanged(value:any) {
-      ctx.emit("update:modelValue", value);
-    }
-    return {
-      options,
-      onChanged
-    };
-  }
-};
-</script>
-
-<style lang="less">
-.step-edit-form {
-  .body {
-    padding: 10px;
-    .ant-card {
-      margin-bottom: 10px;
-
-      &.current {
-        border-color: #00b7ff;
-      }
-
-      .ant-card-meta-title {
-        display: flex;
-        flex-direction: row;
-        justify-content: flex-start;
-      }
-
-      .ant-avatar {
-        width: 24px;
-        height: 24px;
-        flex-shrink: 0;
-      }
-
-      .title {
-        margin-left: 5px;
-        white-space: nowrap;
-        flex: 1;
-        display: block;
-        overflow: hidden;
-        text-overflow: ellipsis;
-      }
-    }
-
-    .ant-card-body {
-      padding: 14px;
-      height: 100px;
-
-      overflow-y: hidden;
-
-      .ant-card-meta-description {
-        font-size: 10px;
-        line-height: 20px;
-        height: 40px;
-        color: #7f7f7f;
-      }
-    }
-  }
-}
-</style>
diff --git a/packages/ui/certd-client/src/components/editable.vue b/packages/ui/certd-client/src/components/editable.vue
index 8e89782d..26a47a04 100644
--- a/packages/ui/certd-client/src/components/editable.vue
+++ b/packages/ui/certd-client/src/components/editable.vue
@@ -1,5 +1,5 @@
 <template>
-  <div class="pi-editable" :class="{ disabled, 'hover-show': hoverShow }">
+  <div class="text-editable" :class="{ disabled, 'hover-show': hoverShow }">
     <div v-if="isEdit" class="input">
       <a-input ref="inputRef" v-model:value="valueRef" :validate-status="modelValue ? '' : 'error'" v-bind="input" @keyup.enter="save()" @blur="save()">
         <template #suffix>
@@ -18,7 +18,7 @@
 import { watch, ref, nextTick } from "vue";
 
 export default {
-  name: "PiEditable",
+  name: "TextEditable",
   props: {
     modelValue: {
       type: String,
@@ -73,7 +73,7 @@ export default {
 </script>
 
 <style lang="less">
-.pi-editable {
+.text-editable {
   flex: 1;
   line-height: 34px;
 
diff --git a/packages/ui/certd-client/src/components/index.ts b/packages/ui/certd-client/src/components/index.ts
index 5e55761d..fc1390ed 100644
--- a/packages/ui/certd-client/src/components/index.ts
+++ b/packages/ui/certd-client/src/components/index.ts
@@ -1,8 +1,5 @@
 import PiContainer from "./container.vue";
-import PiAccessSelector from "../views/certd/access/access-selector/index.vue";
-import PiDnsProviderSelector from "./dns-provider-selector/index.vue";
-import PiOutputSelector from "../views/certd/pipeline/pipeline/component/output-selector/index.vue";
-import PiEditable from "./editable.vue";
+import TextEditable from "./editable.vue";
 import vip from "./vip-button/install.js";
 import { CheckCircleOutlined, InfoCircleOutlined, UndoOutlined } from "@ant-design/icons-vue";
 import CronEditor from "./cron-editor/index.vue";
@@ -13,10 +10,7 @@ import Plugins from "./plugins/index";
 export default {
   install(app: any) {
     app.component("PiContainer", PiContainer);
-    app.component("PiAccessSelector", PiAccessSelector);
-    app.component("PiEditable", PiEditable);
-    app.component("PiOutputSelector", PiOutputSelector);
-    app.component("PiDnsProviderSelector", PiDnsProviderSelector);
+    app.component("TextEditable", TextEditable);
 
     app.component("CronLight", CronLight);
     app.component("CronEditor", CronEditor);
diff --git a/packages/ui/certd-client/src/components/dns-provider-selector/api.ts b/packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/api.ts
similarity index 100%
rename from packages/ui/certd-client/src/components/dns-provider-selector/api.ts
rename to packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/api.ts
diff --git a/packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/index.vue b/packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/index.vue
new file mode 100644
index 00000000..74a241bd
--- /dev/null
+++ b/packages/ui/certd-client/src/components/plugins/cert/dns-provider-selector/index.vue
@@ -0,0 +1,48 @@
+<template>
+  <a-select class="dns-provider-selector" :value="modelValue" :options="options" @update:value="onChanged"> </a-select>
+</template>
+
+<script lang="ts">
+import { ref } from "vue";
+import * as api from "./api";
+
+export default {
+  name: "DnsProviderSelector",
+  props: {
+    modelValue: {
+      type: String,
+      default: undefined
+    }
+  },
+  emits: ["update:modelValue"],
+  setup(props: any, ctx: any) {
+    const options = ref<any[]>([]);
+
+    async function onCreate() {
+      const list = await api.GetList();
+      const array: any[] = [];
+      for (let item of list) {
+        array.push({
+          value: item.name,
+          label: item.title
+        });
+      }
+      options.value = array;
+      if (props.modelValue == null && options.value.length > 0) {
+        ctx.emit("update:modelValue", options.value[0].value);
+      }
+    }
+    onCreate();
+
+    function onChanged(value: any) {
+      ctx.emit("update:modelValue", value);
+    }
+    return {
+      options,
+      onChanged
+    };
+  }
+};
+</script>
+
+<style lang="less"></style>
diff --git a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts
new file mode 100644
index 00000000..184ecf36
--- /dev/null
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/api.ts
@@ -0,0 +1,26 @@
+import { request } from "/src/api/service";
+
+const apiPrefix = "/cname/record";
+
+export type CnameRecord = {
+  id: number;
+  status: string;
+};
+
+export async function GetList() {
+  return await request({
+    url: apiPrefix + "/list",
+    method: "post"
+  });
+}
+
+export async function GetByDomain(domain: string) {
+  return await request({
+    url: apiPrefix + "/getByDomain",
+    method: "post",
+    data: {
+      domain,
+      createOnNotFound: true
+    }
+  });
+}
diff --git a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
new file mode 100644
index 00000000..272b644f
--- /dev/null
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue
@@ -0,0 +1,82 @@
+<template>
+  <tr v-if="cnameRecord" class="cname-record-info">
+    <!--    <td class="domain">-->
+    <!--      {{ props.domain }}-->
+    <!--    </td>-->
+    <td class="host-record" :title="'域名：' + props.domain">
+      <fs-copyable v-model="cnameRecord.hostRecord"></fs-copyable>
+    </td>
+    <td class="record-value">
+      <fs-copyable v-model="cnameRecord.recordValue"></fs-copyable>
+    </td>
+    <td class="status center flex-center">
+      <fs-values-format v-model="cnameRecord.status" :dict="statusDict" />
+      <fs-icon icon="ion:refresh-outline" class="pointer" @click="doRefresh"></fs-icon>
+    </td>
+  </tr>
+</template>
+
+<script lang="ts" setup>
+import { CnameRecord, GetByDomain } from "/@/components/plugins/cert/domains-verify-plan-editor/api";
+import { ref, watch } from "vue";
+import { dict } from "@fast-crud/fast-crud";
+
+const statusDict = dict({
+  data: [
+    { label: "待设置CNAME", value: "cname", color: "warning" },
+    { label: "验证中", value: "validating", color: "primary" },
+    { label: "验证成功", value: "valid", color: "success" },
+    { label: "验证失败", value: "failed", color: "error" }
+  ]
+});
+
+defineOptions({
+  name: "CnameRecordInfo"
+});
+
+const props = defineProps<{
+  domain: string;
+}>();
+
+const emit = defineEmits<{
+  change: {
+    id: number | null;
+    status: string | null;
+  };
+}>();
+
+const cnameRecord = ref<CnameRecord | null>(null);
+
+function onRecordChange() {
+  emit("change", {
+    id: cnameRecord.value?.id,
+    status: cnameRecord.value?.status
+  });
+}
+
+async function doRefresh() {
+  if (!props.domain) {
+    return;
+  }
+  cnameRecord.value = await GetByDomain(props.domain);
+  onRecordChange();
+}
+
+watch(
+  () => props.domain,
+  async (value) => {
+    await doRefresh();
+  },
+  {
+    immediate: true
+  }
+);
+</script>
+
+<style lang="less">
+.cname-record-info {
+  .fs-copyable {
+    width: 100%;
+  }
+}
+</style>
diff --git a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue
new file mode 100644
index 00000000..35b4c67e
--- /dev/null
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/cname-verify-plan.vue
@@ -0,0 +1,67 @@
+<template>
+  <table class="cname-verify-plan">
+    <tr>
+      <td style="width: 160px">主机记录</td>
+      <td style="width: 250px">请设置CNAME记录</td>
+      <td style="width: 120px" class="center">状态</td>
+    </tr>
+    <template v-for="key in domains" :key="key">
+      <cname-record-info :domain="key" @change="onRecordChange(key, $event)" />
+    </template>
+  </table>
+</template>
+
+<script lang="ts" setup>
+import { CnameRecord } from "/@/components/plugins/cert/domains-verify-plan-editor/api";
+import CnameRecordInfo from "/@/components/plugins/cert/domains-verify-plan-editor/cname-record-info.vue";
+import { computed } from "vue";
+
+defineOptions({
+  name: "CnameVerifyPlan"
+});
+
+const emit = defineEmits<{
+  "update:modelValue": any;
+  change: Record<string, any>;
+}>();
+
+const props = defineProps<{
+  modelValue: Record<string, any>;
+}>();
+
+const domains = computed(() => {
+  return Object.keys(props.modelValue);
+});
+
+function onRecordChange(domain: string, record: CnameRecord) {
+  const value = { ...props.modelValue };
+  value[domain] = record;
+  emit("update:modelValue", value);
+  emit("change", value);
+}
+</script>
+
+<style lang="less">
+.cname-verify-plan {
+  width: 100%;
+  table-layout: fixed;
+  tr {
+    td {
+      border: 0 !important;
+      border-bottom: 1px solid #e8e8e8 !important;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      white-space: nowrap;
+
+      &.center {
+        text-align: center;
+      }
+    }
+    &:last-child {
+      td {
+        border-bottom: 0 !important;
+      }
+    }
+  }
+}
+</style>
diff --git a/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue
new file mode 100644
index 00000000..32aa89ff
--- /dev/null
+++ b/packages/ui/certd-client/src/components/plugins/cert/domains-verify-plan-editor/index.vue
@@ -0,0 +1,315 @@
+<template>
+  <div class="domains-verify-plan-editor" :class="{ fullscreen }">
+    <div class="fullscreen-modal" @click="fullscreenExit"></div>
+    <div class="plan-wrapper">
+      <div class="plan-box">
+        <div class="fullscreen-button pointer">
+          <fs-icon :icon="fullscreen ? 'material-symbols:fullscreen' : 'material-symbols:fullscreen-exit'" @click="fullscreen = !fullscreen"></fs-icon>
+        </div>
+        <table class="plan-table">
+          <tr>
+            <th>域名</th>
+            <th>验证方式</th>
+            <th>验证计划</th>
+          </tr>
+          <tr v-for="(item, key) of planRef" :key="key" class="row">
+            <td>{{ item.domain }}</td>
+            <td>
+              <div class="type">
+                <a-select v-model:value="item.type" size="small" :options="challengeTypeOptions" @change="onPlanChanged"></a-select>
+              </div>
+            </td>
+            <td style="padding: 0">
+              <div class="plan">
+                <div v-if="item.type === 'dns'" class="plan-dns">
+                  <div class="form-item">
+                    <span class="label">DNS类型：</span>
+                    <span class="input">
+                      <fs-dict-select
+                        v-model="item.dnsProviderType"
+                        size="small"
+                        :dict="dnsProviderTypeDict"
+                        placeholder="DNS提供商"
+                        @change="onPlanChanged"
+                      ></fs-dict-select>
+                    </span>
+                  </div>
+                  <a-divider type="vertical" />
+                  <div class="form-item">
+                    <span class="label">DNS授权：</span>
+                    <span class="input">
+                      <access-selector
+                        v-model="item.dnsProviderAccessId"
+                        size="small"
+                        :type="item.dnsProviderType"
+                        placeholder="请选择"
+                        @change="onPlanChanged"
+                      ></access-selector>
+                    </span>
+                  </div>
+                </div>
+                <div v-if="item.type === 'cname'" class="plan-cname">
+                  <cname-verify-plan v-model="item.cnameVerifyPlan" @change="onPlanChanged" />
+                </div>
+              </div>
+            </td>
+          </tr>
+        </table>
+        <div class="error">
+          {{ errorMessageRef }}
+        </div>
+      </div>
+    </div>
+  </div>
+</template>
+
+<script lang="ts" setup>
+import { ref, watch } from "vue";
+import { dict, FsDictSelect } from "@fast-crud/fast-crud";
+import AccessSelector from "/@/views/certd/access/access-selector/index.vue";
+import CnameVerifyPlan from "./cname-verify-plan.vue";
+import psl from "psl";
+defineOptions({
+  name: "DomainsVerifyPlanEditor"
+});
+
+type DomainVerifyPlanInput = {
+  domain: string;
+  type: "cname" | "dns";
+  dnsProviderType?: string;
+  dnsProviderAccessId?: number;
+  cnameVerifyPlan?: Record<string, CnameRecord>;
+};
+type DomainsVerifyPlanInput = {
+  [key: string]: DomainVerifyPlanInput;
+};
+
+const challengeTypeOptions = ref<any[]>([
+  {
+    label: "DNS验证",
+    value: "dns"
+  },
+  {
+    label: "CNAME验证",
+    value: "cname"
+  }
+]);
+
+const props = defineProps<{
+  modelValue?: DomainsVerifyPlanInput;
+  domains?: string[];
+}>();
+
+const emit = defineEmits<{
+  "update:modelValue": any;
+}>();
+
+const fullscreen = ref(false);
+function fullscreenExit() {
+  if (fullscreen.value) {
+    fullscreen.value = false;
+  }
+}
+const planRef = ref<DomainsVerifyPlanInput>(props.modelValue || {});
+const dnsProviderTypeDict = dict({
+  url: "pi/dnsProvider/dnsProviderTypeDict"
+});
+function onPlanChanged() {
+  debugger;
+  emit("update:modelValue", planRef.value);
+}
+
+const errorMessageRef = ref<string>("");
+function showError(error: string) {
+  errorMessageRef.value = error;
+}
+
+type DomainGroup = Record<
+  string,
+  {
+    [key: string]: CnameRecord;
+  }
+>[];
+
+function onDomainsChanged(domains: string[]) {
+  console.log("域名变化", domains);
+  if (domains == null) {
+    return;
+  }
+
+  const domainGroups: DomainGroup = {};
+  for (let domain of domains) {
+    domain = domain.replace("*.", "");
+    const parsed = psl.parse(domain);
+    if (parsed.error) {
+      showError(`域名${domain}解析失败: ${JSON.stringify(parsed.error)}`);
+      continue;
+    }
+    const mainDomain = parsed.domain;
+    let group = domainGroups[mainDomain];
+    if (!group) {
+      group = {};
+      domainGroups[mainDomain] = group;
+    }
+    group[domain] = {
+      id: 0
+    };
+  }
+
+  for (const domain in domainGroups) {
+    let planItem = planRef.value[domain];
+    const subDomains = domainGroups[domain];
+    if (!planItem) {
+      planItem = {
+        domain,
+        type: "cname",
+        cnameVerifyPlan: {
+          ...subDomains
+        }
+      };
+      planRef.value[domain] = planItem;
+    } else {
+      const cnamePlan = planItem.cnameVerifyPlan;
+      for (const subDomain in subDomains) {
+        if (!cnamePlan[subDomain]) {
+          cnamePlan[subDomain] = {
+            id: 0
+          };
+        }
+      }
+      for (const subDomain of Object.keys(cnamePlan)) {
+        if (!subDomains[subDomain]) {
+          delete cnamePlan[subDomain];
+        }
+      }
+    }
+  }
+  for (const domain of Object.keys(planRef.value)) {
+    const mainDomains = Object.keys(domainGroups);
+    if (!mainDomains.includes(domain)) {
+      delete planRef.value[domain];
+    }
+  }
+}
+
+watch(
+  () => {
+    return props.domains;
+  },
+  (domains: string[]) => {
+    onDomainsChanged(domains);
+  },
+  {
+    immediate: true,
+    deep: true
+  }
+);
+</script>
+
+<style lang="less">
+.domains-verify-plan-editor {
+  width: 100%;
+  min-height: 100px;
+  overflow-x: auto;
+  .fullscreen-modal {
+    display: none;
+  }
+
+  &.fullscreen {
+    position: fixed;
+    top: 0;
+    left: 0;
+    width: 100%;
+    height: 100%;
+    background-color: rgba(74, 74, 74, 0.78);
+    z-index: 1000;
+    padding: 100px;
+    margin: auto;
+    .plan-wrapper {
+      width: 1400px;
+      margin: auto;
+      //background-color: #a3a3a3;
+      //padding: 50px;
+      .plan-box {
+        position: relative;
+        margin: auto;
+        background-color: #fff;
+      }
+    }
+
+    .fullscreen-modal {
+      display: block;
+      position: fixed;
+      top: 0;
+      left: 0;
+      right: 0;
+      bottom: 0;
+      width: 100%;
+      height: 100%;
+    }
+  }
+
+  .fullscreen-button {
+    position: absolute;
+    right: 10px;
+    top: 10px;
+    z-index: 1001;
+  }
+
+  .plan-table {
+    width: 100%;
+    height: 100%;
+    //table-layout: fixed;
+    th {
+      background-color: #f5f5f5;
+      border-top: 1px solid #e8e8e8;
+      border-left: 1px solid #e8e8e8;
+      border-bottom: 1px solid #e8e8e8;
+      text-align: left;
+      padding: 10px 6px;
+    }
+    td {
+      border-bottom: 1px solid #e8e8e8;
+      border-left: 1px solid #e8e8e8;
+      padding: 6px 6px;
+    }
+
+    .plan {
+      font-size: 14px;
+      .ant-select {
+        width: 100%;
+      }
+      .plan-dns {
+        display: flex;
+        flex-direction: row;
+        justify-content: start;
+        align-items: center;
+        .form-item {
+          min-width: 250px;
+          display: flex;
+          justify-content: center;
+          align-items: center;
+          .label {
+            width: 80px;
+          }
+          .input {
+            width: 150px;
+          }
+        }
+      }
+      .plan-cname {
+        .cname-row {
+          display: flex;
+          flex-direction: row;
+          .domain {
+            width: 100px;
+          }
+          .cname-record {
+            flex: 1;
+          }
+        }
+      }
+    }
+  }
+}
+</style>
diff --git a/packages/ui/certd-client/src/components/plugins/common/cert-domains-getter.vue b/packages/ui/certd-client/src/components/plugins/common/cert-domains-getter.vue
index fa27feaa..0f40a017 100644
--- a/packages/ui/certd-client/src/components/plugins/common/cert-domains-getter.vue
+++ b/packages/ui/certd-client/src/components/plugins/common/cert-domains-getter.vue
@@ -1,6 +1,10 @@
 <script setup lang="ts">
 import { inject, ref, watch } from "vue";
 
+defineOptions({
+  name: "CertDomainsGetter"
+});
+
 const props = defineProps<{
   inputKey?: string;
   modelValue?: string[];
diff --git a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/output-selector/index.vue b/packages/ui/certd-client/src/components/plugins/common/output-selector/index.vue
similarity index 90%
rename from packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/output-selector/index.vue
rename to packages/ui/certd-client/src/components/plugins/common/output-selector/index.vue
index d8d4ab16..76f770c3 100644
--- a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/output-selector/index.vue
+++ b/packages/ui/certd-client/src/components/plugins/common/output-selector/index.vue
@@ -1,18 +1,18 @@
 <template>
-  <a-select class="pi-output-selector" :value="modelValue" :options="options" @update:value="onChanged"> </a-select>
+  <a-select class="output-selector" :value="modelValue" :options="options" @update:value="onChanged"> </a-select>
 </template>
 
 <script lang="ts">
 import { inject, onMounted, Ref, ref, watch } from "vue";
-import { pluginManager } from "../../plugin";
 
 export default {
-  name: "PiOutputSelector",
+  name: "OutputSelector",
   props: {
     modelValue: {
       type: String,
       default: undefined
     },
+    // eslint-disable-next-line vue/require-default-prop
     from: {
       type: [String, Array]
     }
diff --git a/packages/ui/certd-client/src/components/plugins/common/remote-select.vue b/packages/ui/certd-client/src/components/plugins/common/remote-select.vue
index 93ce220b..d2bbd2c7 100644
--- a/packages/ui/certd-client/src/components/plugins/common/remote-select.vue
+++ b/packages/ui/certd-client/src/components/plugins/common/remote-select.vue
@@ -2,6 +2,10 @@
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 import { ref, watch } from "vue";
 
+defineOptions({
+  name: "RemoteSelect"
+});
+
 const props = defineProps<
   {
     watches: string[];
@@ -63,14 +67,14 @@ watch(
 <template>
   <div>
     <a-select
-    class="remote-select"
-    show-search
-    :filter-option="filterOption"
-    :options="optionsRef"
-    :value="value"
-    @click="onClick"
-    @update:value="emit('update:value', $event)"
-  />
+      class="remote-select"
+      show-search
+      :filter-option="filterOption"
+      :options="optionsRef"
+      :value="value"
+      @click="onClick"
+      @update:value="emit('update:value', $event)"
+    />
     <div class="helper">
       {{ message }}
     </div>
diff --git a/packages/ui/certd-client/src/components/plugins/index.ts b/packages/ui/certd-client/src/components/plugins/index.ts
index 104d3dae..dc93c7e2 100644
--- a/packages/ui/certd-client/src/components/plugins/index.ts
+++ b/packages/ui/certd-client/src/components/plugins/index.ts
@@ -1,8 +1,18 @@
 import SynologyIdDeviceGetter from "./synology/device-id-getter.vue";
 import RemoteSelect from "./common/remote-select.vue";
 import CertDomainsGetter from "./common/cert-domains-getter.vue";
+import OutputSelector from "/@/components/plugins/common/output-selector/index.vue";
+import DnsProviderSelector from "/@/components/plugins/cert/dns-provider-selector/index.vue";
+import DomainsVerifyPlanEditor from "/@/components/plugins/cert/domains-verify-plan-editor/index.vue";
+import AccessSelector from "/@/views/certd/access/access-selector/index.vue";
+
 export default {
   install(app: any) {
+    app.component("OutputSelector", OutputSelector);
+    app.component("DnsProviderSelector", DnsProviderSelector);
+    app.component("DomainsVerifyPlanEditor", DomainsVerifyPlanEditor);
+    app.component("AccessSelector", AccessSelector);
+
     app.component("SynologyDeviceIdGetter", SynologyIdDeviceGetter);
     app.component("RemoteSelect", RemoteSelect);
     app.component("CertDomainsGetter", CertDomainsGetter);
diff --git a/packages/ui/certd-client/src/components/plugins/synology/device-id-getter.vue b/packages/ui/certd-client/src/components/plugins/synology/device-id-getter.vue
index 94e2c149..c7aca533 100644
--- a/packages/ui/certd-client/src/components/plugins/synology/device-id-getter.vue
+++ b/packages/ui/certd-client/src/components/plugins/synology/device-id-getter.vue
@@ -14,6 +14,10 @@ import { defineProps, ref, useAttrs } from "vue";
 import { Modal } from "ant-design-vue";
 import { ComponentPropsType, doRequest } from "/@/components/plugins/lib";
 
+defineOptions({
+  name: "DeviceIdGetter"
+});
+
 const props = defineProps<ComponentPropsType>();
 
 const emit = defineEmits<{
diff --git a/packages/ui/certd-client/src/plugin/fast-crud/index.tsx b/packages/ui/certd-client/src/plugin/fast-crud/index.tsx
index 9a67325d..f4bae8ec 100644
--- a/packages/ui/certd-client/src/plugin/fast-crud/index.tsx
+++ b/packages/ui/certd-client/src/plugin/fast-crud/index.tsx
@@ -68,9 +68,13 @@ function install(app: App, options: any = {}) {
           },
           conditionalRender: {
             match(scope) {
+              if (scope.column.conditionalRenderDisabled) {
+                return false;
+              }
               if (scope.key === "__blank__") {
                 return false;
               }
+
               //不能用 !scope.value ， 否则switch组件设置为关之后就消失了
               const { value, key, props } = scope;
               return !value && key != "_index" && value != false;
@@ -349,8 +353,8 @@ function install(app: App, options: any = {}) {
         columnProps.column = {};
       }
       columnProps.column.resizable = true;
-      if (!columnProps.column.width) {
-        columnProps.column.width = -1;
+      if (columnProps.column.width == null) {
+        columnProps.column.width = 200;
       } else if (typeof columnProps.column?.width === "string" && columnProps.column.width.indexOf("px") > -1) {
         columnProps.column.width = parseInt(columnProps.column.width.replace("px", ""));
       }
diff --git a/packages/ui/certd-client/src/plugin/validator/index.ts b/packages/ui/certd-client/src/plugin/validator/index.ts
index 1dff5f17..b0f0a156 100644
--- a/packages/ui/certd-client/src/plugin/validator/index.ts
+++ b/packages/ui/certd-client/src/plugin/validator/index.ts
@@ -1,19 +1,20 @@
 import Validator from "async-validator";
 // 自定义验证器函数
-function isDomain(rule, value, callback) {
+function isDomain(rule, value) {
   if (value == null) {
-    return;
+    return true;
   }
   let domains: string[] = value;
   if (typeof value === "string") {
     domains = value.split(",");
   }
   for (const domain of domains) {
-    //域名可以是泛域名，中文域名，数字域名，英文域名，域名中可以包含-和.
-    if (!/^(?:[0-9a-zA-Z\u4e00-\u9fa5-]+\.)+[0-9a-zA-Z\u4e00-\u9fa5-]+$/.test(domain)) {
-      callback(new Error(`域名有误：${domain}，请输入正确的域名`));
+    //域名可以是泛域名，中文域名，数字域名，英文域名，域名中可以包含-和. ,可以_开头
+    if (!/^(?:\*\.|[0-9a-zA-Z\u4e00-\u9fa5-]+\.)+[0-9a-zA-Z\u4e00-\u9fa5-]+$/.test(domain)) {
+      throw new Error(`域名有误：${domain}，请输入正确的域名`);
     }
   }
+  return true;
 }
 // 注册自定义验证器
 Validator.register("domains", isDomain);
diff --git a/packages/ui/certd-client/src/router/source/modules/certd.ts b/packages/ui/certd-client/src/router/source/modules/certd.ts
index 740e2bfe..d15fb25a 100644
--- a/packages/ui/certd-client/src/router/source/modules/certd.ts
+++ b/packages/ui/certd-client/src/router/source/modules/certd.ts
@@ -1,7 +1,7 @@
 export const certdResources = [
   {
     title: "证书自动化",
-    name: "certd",
+    name: "CertdRoot",
     path: "/certd",
     redirect: "/certd/pipeline",
     meta: {
@@ -11,7 +11,7 @@ export const certdResources = [
     children: [
       {
         title: "证书自动化流水线",
-        name: "pipeline",
+        name: "PipelineManager",
         path: "/certd/pipeline",
         component: "/certd/pipeline/index.vue",
         meta: {
@@ -20,7 +20,7 @@ export const certdResources = [
       },
       {
         title: "编辑流水线",
-        name: "pipelineEdit",
+        name: "PipelineEdit",
         path: "/certd/pipeline/detail",
         component: "/certd/pipeline/detail.vue",
         meta: {
@@ -29,7 +29,7 @@ export const certdResources = [
       },
       {
         title: "执行历史记录",
-        name: "pipelineHistory",
+        name: "PipelineHistory",
         path: "/certd/history",
         component: "/certd/history/index.vue",
         meta: {
@@ -38,44 +38,43 @@ export const certdResources = [
       },
       {
         title: "授权管理",
-        name: "access",
+        name: "AccessManager",
         path: "/certd/access",
         component: "/certd/access/index.vue",
         meta: {
-          icon: "ion:disc-outline"
+          icon: "ion:disc-outline",
+          auth: true
         }
       },
       {
-        title: "设置",
-        name: "certdSettings",
-        path: "/certd/settings",
-        redirect: "/certd/settings/email",
+        title: "CNAME记录管理",
+        name: "CnameRecord",
+        path: "/certd/cname/record",
+        component: "/certd/cname/record/index.vue",
         meta: {
-          icon: "ion:settings-outline",
+          icon: "ion:disc-outline",
           auth: true
-        },
-        children: [
-          {
-            title: "邮箱设置",
-            name: "email",
-            path: "/certd/settings/email",
-            component: "/certd/settings/email-setting.vue",
-            meta: {
-              icon: "ion:mail-outline",
-              auth: true
-            }
-          },
-          {
-            title: "账号信息",
-            name: "userProfile",
-            path: "/certd/mine/user-profile",
-            component: "/certd/mine/user-profile.vue",
-            meta: {
-              icon: "ion:person-outline",
-              auth: true
-            }
-          }
-        ]
+        }
+      },
+      {
+        title: "邮箱设置",
+        name: "EmailSetting",
+        path: "/certd/settings/email",
+        component: "/certd/settings/email-setting.vue",
+        meta: {
+          icon: "ion:mail-outline",
+          auth: true
+        }
+      },
+      {
+        title: "账号信息",
+        name: "UserProfile",
+        path: "/certd/mine/user-profile",
+        component: "/certd/mine/user-profile.vue",
+        meta: {
+          icon: "ion:person-outline",
+          auth: true
+        }
       }
     ]
   }
diff --git a/packages/ui/certd-client/src/router/source/modules/sys.ts b/packages/ui/certd-client/src/router/source/modules/sys.ts
index fb7f72e9..14ceac70 100644
--- a/packages/ui/certd-client/src/router/source/modules/sys.ts
+++ b/packages/ui/certd-client/src/router/source/modules/sys.ts
@@ -1,12 +1,10 @@
 import LayoutPass from "/@/layout/layout-pass.vue";
-import { computed } from "vue";
-import { useUserStore } from "/@/store/modules/user";
 import { useSettingStore } from "/@/store/modules/settings";
 
 export const sysResources = [
   {
     title: "系统管理",
-    name: "sys",
+    name: "SysRoot",
     path: "/sys",
     redirect: "/sys/settings",
     component: LayoutPass,
@@ -17,7 +15,7 @@ export const sysResources = [
     children: [
       {
         title: "权限管理",
-        name: "authority",
+        name: "AuthorityManager",
         path: "/sys/authority",
         redirect: "/sys/authority/permission",
         meta: {
@@ -28,61 +26,62 @@ export const sysResources = [
         children: [
           {
             title: "权限资源管理",
-            name: "permission",
+            name: "PermissionManager",
+            path: "/sys/authority/permission",
+            component: "/sys/authority/permission/index.vue",
             meta: {
               icon: "ion:list-outline",
               //需要校验权限
               permission: "sys:auth:per:view"
-            },
-            path: "/sys/authority/permission",
-            component: "/sys/authority/permission/index.vue"
+            }
           },
           {
             title: "角色管理",
-            name: "role",
+            name: "RoleManager",
+            path: "/sys/authority/role",
+            component: "/sys/authority/role/index.vue",
             meta: {
               icon: "ion:people-outline",
               permission: "sys:auth:role:view"
-            },
-            path: "/sys/authority/role",
-            component: "/sys/authority/role/index.vue"
+            }
           }
         ]
       },
       {
         title: "用户管理",
-        name: "user",
+        name: "UserManager",
+        path: "/sys/authority/user",
+        component: "/sys/authority/user/index.vue",
         meta: {
           icon: "ion:person-outline",
           permission: "sys:auth:user:view"
-        },
-        path: "/sys/authority/user",
-        component: "/sys/authority/user/index.vue"
-      },
-      {
-        title: "账号绑定",
-        name: "account",
-        meta: {
-          icon: "ion:golf-outline",
-          permission: "sys:settings:view"
-        },
-        path: "/sys/account",
-        component: "/sys/account/index.vue"
+        }
       },
       {
         title: "系统设置",
-        name: "settings",
+        name: "SysSettings",
+        path: "/sys/settings",
+        component: "/sys/settings/index.vue",
         meta: {
           icon: "ion:settings-outline",
           permission: "sys:settings:view"
-        },
-        path: "/sys/settings",
-        component: "/sys/settings/index.vue"
+        }
+      },
+      {
+        title: "CNAME服务设置",
+        name: "CnameSetting",
+        path: "/sys/cname/provider",
+        component: "/sys/cname/provider/index.vue",
+        meta: {
+          icon: "ion:settings-outline",
+          permission: "sys:settings:view"
+        }
       },
       {
         title: "站点个性化",
-        name: "site",
+        name: "SiteSetting",
         path: "/sys/site",
+        component: "/sys/site/index.vue",
         meta: {
           show: () => {
             const settingStore = useSettingStore();
@@ -90,9 +89,8 @@ export const sysResources = [
           },
           icon: "ion:document-text-outline",
           permission: "sys:settings:view"
-        },
-        component: "/sys/site/index.vue"
-      }
+        }
+      },
       // {
       //   title: "商业版设置",
       //   name: "SysCommercial",
@@ -120,6 +118,16 @@ export const sysResources = [
       //     }
       //   ]
       // }
+      {
+        title: "账号绑定",
+        name: "AccountBind",
+        path: "/sys/account",
+        component: "/sys/account/index.vue",
+        meta: {
+          icon: "ion:golf-outline",
+          permission: "sys:settings:view"
+        }
+      }
     ]
   }
 ];
diff --git a/packages/ui/certd-client/src/style/common.less b/packages/ui/certd-client/src/style/common.less
index 3437f539..632e6c2c 100644
--- a/packages/ui/certd-client/src/style/common.less
+++ b/packages/ui/certd-client/src/style/common.less
@@ -20,7 +20,7 @@ div#app {
 
 h1, h2, h3, h4, h5, h6 {
   margin-bottom: 0;
-  margin-top:0;
+  margin-top: 0;
 }
 
 .fs-desc {
@@ -69,13 +69,13 @@ h1, h2, h3, h4, h5, h6 {
   flex: 1;
 }
 
-.flex-col{
-    display: flex;
-    flex-direction: column;
+.flex-col {
+  display: flex;
+  flex-direction: column;
 }
 
-.scroll-y{
-    overflow-y: auto;
+.scroll-y {
+  overflow-y: auto;
 
 }
 
@@ -149,6 +149,7 @@ h1, h2, h3, h4, h5, h6 {
 .w-100 {
   width: 100%;
 }
+
 .h-100 {
   height: 100%;
 }
@@ -187,21 +188,34 @@ h1, h2, h3, h4, h5, h6 {
 }
 
 
-.deleted{
+.deleted {
   color: #c7c7c7;
   //删除线
   text-decoration: line-through;
 }
 
-.cursor-move{
+.cursor-move {
   cursor: move !important;
 }
-.cursor-pointer{
+
+.cursor-pointer {
   cursor: pointer;
 }
 
-.helper{
-    display: inline-block;
-    color: #aeaeae;
-    font-size: 12px;
+.helper {
+  display: inline-block;
+  color: #aeaeae;
+  font-size: 12px;
+}
+
+
+.fs-copyable {
+  .text {
+    flex: 1
+  }
+
+  .copy-button {
+    position: relative !important;
+    /* right: 0; */
+  }
 }
diff --git a/packages/ui/certd-client/src/views/certd/access/access-selector/index.vue b/packages/ui/certd-client/src/views/certd/access/access-selector/index.vue
index b47d37ce..2e3bde1b 100644
--- a/packages/ui/certd-client/src/views/certd/access/access-selector/index.vue
+++ b/packages/ui/certd-client/src/views/certd/access/access-selector/index.vue
@@ -1,11 +1,11 @@
 <template>
-  <div class="pi-access-selector">
+  <div class="access-selector">
     <span v-if="target.name" class="mr-5 cd-flex-inline">
       <span class="mr-5">{{ target.name }}</span>
       <fs-icon class="cd-icon-button" icon="ion:close-circle-outline" @click="clear"></fs-icon>
     </span>
-    <span v-else class="mlr-5 gray">请选择</span>
-    <a-button class="ml-5" @click="chooseForm.open">选择</a-button>
+    <span v-else class="mlr-5 text-gray">{{ placeholder }}</span>
+    <a-button class="ml-5" :size="size" @click="chooseForm.open">选择</a-button>
     <a-form-item-rest v-if="chooseForm.show">
       <a-modal v-model:open="chooseForm.show" title="选择授权提供者" width="900px" @ok="chooseForm.ok">
         <div style="height: 400px; position: relative">
@@ -23,7 +23,7 @@ import CertAccessModal from "./access/index.vue";
 import { GetProviderDefineByAccessType } from "../api";
 
 export default defineComponent({
-  name: "PiAccessSelector",
+  name: "AccessSelector",
   components: { CertAccessModal },
   props: {
     modelValue: {
@@ -33,6 +33,14 @@ export default defineComponent({
     type: {
       type: String,
       default: "aliyun"
+    },
+    placeholder: {
+      type: String,
+      default: "请选择"
+    },
+    size: {
+      type: String,
+      default: "middle"
     }
   },
   emits: ["update:modelValue"],
diff --git a/packages/ui/certd-client/src/views/certd/access/index.vue b/packages/ui/certd-client/src/views/certd/access/index.vue
index 2c84b424..fb28bf89 100644
--- a/packages/ui/certd-client/src/views/certd/access/index.vue
+++ b/packages/ui/certd-client/src/views/certd/access/index.vue
@@ -16,7 +16,7 @@ import { useFs } from "@fast-crud/fast-crud";
 import createCrudOptions from "./crud";
 
 export default defineComponent({
-  name: "CertdAccess",
+  name: "AccessManager",
   setup() {
     const { crudBinding, crudRef, crudExpose } = useFs({ createCrudOptions, context: {} });
 
diff --git a/packages/ui/certd-client/src/views/certd/cname/record/api.ts b/packages/ui/certd-client/src/views/certd/cname/record/api.ts
new file mode 100644
index 00000000..5ee30428
--- /dev/null
+++ b/packages/ui/certd-client/src/views/certd/cname/record/api.ts
@@ -0,0 +1,59 @@
+import { request } from "/src/api/service";
+
+const apiPrefix = "/cname/record";
+
+export async function GetList(query: any) {
+  return await request({
+    url: apiPrefix + "/page",
+    method: "post",
+    data: query
+  });
+}
+
+export async function AddObj(obj: any) {
+  return await request({
+    url: apiPrefix + "/add",
+    method: "post",
+    data: obj
+  });
+}
+
+export async function UpdateObj(obj: any) {
+  return await request({
+    url: apiPrefix + "/update",
+    method: "post",
+    data: obj
+  });
+}
+
+export async function DelObj(id: any) {
+  return await request({
+    url: apiPrefix + "/delete",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function GetObj(id: any) {
+  return await request({
+    url: apiPrefix + "/info",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function GetDetail(id: any) {
+  return await request({
+    url: apiPrefix + "/detail",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function DeleteBatch(ids: any[]) {
+  return await request({
+    url: apiPrefix + "/deleteByIds",
+    method: "post",
+    data: { ids }
+  });
+}
diff --git a/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx b/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx
new file mode 100644
index 00000000..e8b6758e
--- /dev/null
+++ b/packages/ui/certd-client/src/views/certd/cname/record/crud.tsx
@@ -0,0 +1,202 @@
+import * as api from "./api";
+import { useI18n } from "vue-i18n";
+import { computed, Ref, ref } from "vue";
+import { useRouter } from "vue-router";
+import { AddReq, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
+import { useUserStore } from "/@/store/modules/user";
+import { useSettingStore } from "/@/store/modules/settings";
+
+export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
+  const router = useRouter();
+  const { t } = useI18n();
+  const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
+    return await api.GetList(query);
+  };
+  const editRequest = async ({ form, row }: EditReq) => {
+    form.id = row.id;
+    const res = await api.UpdateObj(form);
+    return res;
+  };
+  const delRequest = async ({ row }: DelReq) => {
+    return await api.DelObj(row.id);
+  };
+
+  const addRequest = async ({ form }: AddReq) => {
+    form.content = JSON.stringify({
+      title: form.title
+    });
+    const res = await api.AddObj(form);
+    return res;
+  };
+
+  const userStore = useUserStore();
+  const settingStore = useSettingStore();
+  const selectedRowKeys: Ref<any[]> = ref([]);
+  context.selectedRowKeys = selectedRowKeys;
+
+  return {
+    crudOptions: {
+      settings: {
+        plugins: {
+          //这里使用行选择插件，生成行选择crudOptions配置，最终会与crudOptions合并
+          rowSelection: {
+            enabled: true,
+            order: -2,
+            before: true,
+            // handle: (pluginProps,useCrudProps)=>CrudOptions,
+            props: {
+              multiple: true,
+              crossPage: true,
+              selectedRowKeys
+            }
+          }
+        }
+      },
+      request: {
+        pageRequest,
+        addRequest,
+        editRequest,
+        delRequest
+      },
+      rowHandle: {
+        minWidth: 200,
+        fixed: "right"
+      },
+      columns: {
+        id: {
+          title: "ID",
+          key: "id",
+          type: "number",
+          column: {
+            width: 100
+          },
+          form: {
+            show: false
+          }
+        },
+        domain: {
+          title: "被代理域名",
+          type: "text",
+          search: {
+            show: true
+          },
+          editForm: {
+            component: {
+              disabled: true
+            }
+          }
+        },
+        hostRecord: {
+          title: "主机记录",
+          type: "text",
+          form: {
+            show: false
+          },
+          column: {
+            width: 250,
+            cellRender: ({ value }) => {
+              return <fs-copyable v-model={value} />;
+            }
+          }
+        },
+        recordValue: {
+          title: "请设置CNAME",
+          type: "copyable",
+          form: {
+            show: false
+          },
+          column: {
+            width: 500
+          }
+        },
+        cnameProviderId: {
+          title: "CNAME提供者",
+          type: "dict-select",
+          dict: dict({
+            url: "/cname/provider/list",
+            value: "id",
+            label: "domain"
+          }),
+          form: {
+            component: {
+              onDictChange: ({ form, dict }) => {
+                if (!form.cnameProviderId) {
+                  const item = dict.data.find((item) => item.isDefault);
+                  if (item) {
+                    form.cnameProviderId = item.id;
+                  }
+                }
+              }
+            }
+          },
+          column: {
+            show: false
+          }
+        },
+        status: {
+          title: "状态",
+          type: "dict-select",
+          dict: dict({
+            data: [
+              { label: "待设置CNAME", value: "cname", color: "warning" },
+              { label: "验证中", value: "validating", color: "primary" },
+              { label: "验证成功", value: "valid", color: "success" },
+              { label: "验证失败", value: "failed", color: "error" }
+            ]
+          }),
+          addForm: {
+            show: false
+          },
+          column: {
+            width: 120,
+            align: "center"
+          }
+        },
+        triggerValidate: {
+          title: "验证",
+          type: "text",
+          form: {
+            show: false
+          },
+          column: {
+            conditionalRenderDisabled: true,
+            width: 100,
+            align: "center",
+            cellRender({ row, value }) {
+              if (row.status === "valid") {
+                return "-";
+              }
+              return (
+                <a-button size={"small"} type={"primary"}>
+                  点击验证
+                </a-button>
+              );
+            }
+          }
+        },
+        createTime: {
+          title: "创建时间",
+          type: "datetime",
+          form: {
+            show: false
+          },
+          column: {
+            sorter: true,
+            width: 160,
+            align: "center"
+          }
+        },
+        updateTime: {
+          title: "更新时间",
+          type: "datetime",
+          form: {
+            show: false
+          },
+          column: {
+            show: true
+          }
+        }
+      }
+    }
+  };
+}
diff --git a/packages/ui/certd-client/src/views/certd/cname/record/index.vue b/packages/ui/certd-client/src/views/certd/cname/record/index.vue
new file mode 100644
index 00000000..5b791327
--- /dev/null
+++ b/packages/ui/certd-client/src/views/certd/cname/record/index.vue
@@ -0,0 +1,51 @@
+<template>
+  <fs-page class="page-cert">
+    <template #header>
+      <div class="title">CNAME记录管理</div>
+    </template>
+    <fs-crud ref="crudRef" v-bind="crudBinding">
+      <template #pagination-left>
+        <a-tooltip title="批量删除">
+          <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
+        </a-tooltip>
+      </template>
+    </fs-crud>
+  </fs-page>
+</template>
+
+<script lang="ts" setup>
+import { onMounted } from "vue";
+import { useFs } from "@fast-crud/fast-crud";
+import createCrudOptions from "./crud";
+import { message, Modal } from "ant-design-vue";
+import { DeleteBatch } from "/@/views/certd/history/api";
+
+defineOptions({
+  name: "CnameRecord"
+});
+const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+
+const selectedRowKeys = context.selectedRowKeys;
+const handleBatchDelete = () => {
+  if (selectedRowKeys.value?.length > 0) {
+    Modal.confirm({
+      title: "确认",
+      content: `确定要批量删除这${selectedRowKeys.value.length}条记录吗`,
+      async onOk() {
+        await DeleteBatch(selectedRowKeys.value);
+        message.info("删除成功");
+        crudExpose.doRefresh();
+        selectedRowKeys.value = [];
+      }
+    });
+  } else {
+    message.error("请先勾选记录");
+  }
+};
+
+// 页面打开后获取列表数据
+onMounted(() => {
+  crudExpose.doRefresh();
+});
+</script>
+<style lang="less"></style>
diff --git a/packages/ui/certd-client/src/views/certd/mine/user-profile.vue b/packages/ui/certd-client/src/views/certd/mine/user-profile.vue
index 3ca36222..edb1994d 100644
--- a/packages/ui/certd-client/src/views/certd/mine/user-profile.vue
+++ b/packages/ui/certd-client/src/views/certd/mine/user-profile.vue
@@ -23,6 +23,10 @@ import { Ref, ref } from "vue";
 import { CrudOptions, useColumns, useFormWrapper } from "@fast-crud/fast-crud";
 import { notification } from "ant-design-vue";
 
+defineOptions({
+  name: "UserProfile"
+});
+
 const userInfo: Ref = ref({});
 
 const getUserInfo = async () => {
diff --git a/packages/ui/certd-client/src/views/certd/pipeline/certd-form/crud.tsx b/packages/ui/certd-client/src/views/certd/pipeline/certd-form/crud.tsx
index 7b58fb29..9ea2dbe9 100644
--- a/packages/ui/certd-client/src/views/certd/pipeline/certd-form/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/certd-form/crud.tsx
@@ -3,10 +3,12 @@ import { PluginGroup } from "@certd/pipeline";
 import { useReference } from "/@/use/use-refrence";
 import _ from "lodash-es";
 import { useUserStore } from "/@/store/modules/user";
+import { useSettingStore } from "/@/store/modules/settings";
 
 export default function (certPluginGroup: PluginGroup, formWrapperRef: any): CreateCrudOptionsRet {
   const inputs: any = {};
   const userStore = useUserStore();
+  const settingStore = useSettingStore();
   for (const plugin of certPluginGroup.plugins) {
     for (const inputKey in plugin.input) {
       if (inputs[inputKey]) {
@@ -66,8 +68,8 @@ export default function (certPluginGroup: PluginGroup, formWrapperRef: any): Cre
               render: () => {
                 return (
                   <ul>
-                    <li>JS-ACME：如果你的域名DNS属于阿里云、腾讯云、Cloudflare、西部数码可以选择用它来申请</li>
-                    <li>Lego-ACME：基于Lego实现，支持海量DNS提供商，熟悉LEGO的用户可以使用</li>
+                    <li>JS-ACME：使用简单方便，功能强大【推荐】</li>
+                    <li>Lego-ACME：基于Lego实现，支持海量DNS提供商，熟悉LEGO的用户可以使用【即将废弃】</li>
                   </ul>
                 );
               }
diff --git a/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx b/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
index be9f7c1a..1d65f46b 100644
--- a/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
+++ b/packages/ui/certd-client/src/views/certd/pipeline/crud.tsx
@@ -313,6 +313,9 @@ export default function ({ crudExpose, context: { certdFormRef } }: CreateCrudOp
               name: "a-input"
             }
           },
+          form: {
+            rules: [{ required: true, message: "此项必填" }]
+          },
           column: {
             width: 350,
             sorter: true,
diff --git a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue b/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue
index 6bbc12d9..6fea9229 100644
--- a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue
+++ b/packages/ui/certd-client/src/views/certd/pipeline/pipeline/component/step-form/index.vue
@@ -73,27 +73,28 @@
             <a-alert type="info" :message="currentPlugin.title" :description="currentPlugin.desc"> </a-alert>
           </div>
         </template>
-        <a-form ref="stepFormRef" class="step-form" :model="currentStep" :label-col="labelCol" :wrapper-col="wrapperCol">
-          <fs-form-item
-            v-model="currentStep.title"
-            :item="{
-              title: '任务名称',
-              key: 'title',
-              component: {
-                name: 'a-input',
-                vModel: 'value'
-              },
-              rules: [{ required: true, message: '此项必填' }]
-            }"
-            :get-context-fn="blankFn"
-          />
-          <template v-for="(item, key) in currentPlugin.input" :key="key">
-            <fs-form-item v-if="item.show !== false" v-model="currentStep.input[key]" :item="item" :get-context-fn="blankFn" />
-          </template>
-
-          <fs-form-item v-model="currentStep.strategy.runStrategy" :item="runStrategyProps" :get-context-fn="blankFn" />
-        </a-form>
+        <div class="w-100 h-100">
+          <a-form ref="stepFormRef" class="step-form" :model="currentStep" :label-col="labelCol" :wrapper-col="wrapperCol">
+            <fs-form-item
+              v-model="currentStep.title"
+              :item="{
+                title: '任务名称',
+                key: 'title',
+                component: {
+                  name: 'a-input',
+                  vModel: 'value'
+                },
+                rules: [{ required: true, message: '此项必填' }]
+              }"
+              :get-context-fn="blankFn"
+            />
+            <template v-for="(item, key) in currentPlugin.input" :key="key">
+              <fs-form-item v-if="item.show !== false" v-model="currentStep.input[key]" :item="item" :get-context-fn="blankFn" />
+            </template>
 
+            <fs-form-item v-model="currentStep.strategy.runStrategy" :item="runStrategyProps" :get-context-fn="blankFn" />
+          </a-form>
+        </div>
         <template #footer>
           <div v-if="editMode" class="bottom-button">
             <a-button type="primary" @click="stepSave"> 确定 </a-button>
@@ -394,17 +395,24 @@ export default {
   &.fullscreen {
     .pi-step-form {
       .body {
+        margin: auto;
         .step-plugin {
           width: 16.666666%;
         }
         .step-form {
           display: flex;
           flex-wrap: wrap;
+          width: 1300px;
           .fs-form-item {
-            width: 50%;
+            width: 100%;
           }
         }
       }
+      .footer {
+        .bottom-button {
+          text-align: center;
+        }
+      }
     }
   }
 
diff --git a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue b/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
index cf44f5dd..3882c74a 100644
--- a/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
+++ b/packages/ui/certd-client/src/views/certd/pipeline/pipeline/index.vue
@@ -3,7 +3,7 @@
     <template #header>
       <div class="title">
         <fs-button class="back" icon="ion:chevron-back-outline" @click="goBack"></fs-button>
-        <pi-editable v-model="pipeline.title" :hover-show="false" :disabled="!editMode"></pi-editable>
+        <text-editable v-model="pipeline.title" :hover-show="false" :disabled="!editMode"></text-editable>
       </div>
       <div class="more">
         <template v-if="editMode">
@@ -24,7 +24,7 @@
               <template #header>
                 <div class="stage first-stage">
                   <div class="title stage-move-handle">
-                    <pi-editable model-value="触发源" :disabled="true" />
+                    <text-editable model-value="触发源" :disabled="true" />
                   </div>
                   <div class="tasks">
                     <div class="task-container first-task">
@@ -68,7 +68,7 @@
               <template #item="{ element: stage, index }">
                 <div :key="stage.id" class="stage" :class="{ 'last-stage': isLastStage(index) }">
                   <div class="title">
-                    <pi-editable v-model="stage.title" :disabled="!editMode"></pi-editable>
+                    <text-editable v-model="stage.title" :disabled="!editMode"></text-editable>
                     <div v-plus class="icon-box stage-move-handle">
                       <fs-icon v-if="editMode" title="拖动排序" icon="ion:move-outline"></fs-icon>
                     </div>
@@ -146,7 +146,7 @@
               <template #footer>
                 <div v-if="editMode" class="stage last-stage">
                   <div class="title">
-                    <pi-editable model-value="新阶段" :disabled="true" />
+                    <text-editable model-value="新阶段" :disabled="true" />
                   </div>
                   <div class="tasks">
                     <div class="task-container first-task">
@@ -188,7 +188,7 @@
                 </div>
                 <div v-else class="stage last-stage">
                   <div class="title">
-                    <pi-editable model-value="结束" :disabled="true" />
+                    <text-editable model-value="结束" :disabled="true" />
                   </div>
                   <div v-if="pipeline.notifications?.length > 0" class="tasks">
                     <div v-for="(item, index) of pipeline.notifications" :key="index" class="task-container" :class="{ 'first-task': index == 0 }">
@@ -704,7 +704,7 @@ export default defineComponent({
       .back {
         margin-right: 10px;
       }
-      .pi-editable {
+      .text-editable {
         width: 300px;
       }
     }
diff --git a/packages/ui/certd-client/src/views/certd/settings/email-setting.vue b/packages/ui/certd-client/src/views/certd/settings/email-setting.vue
index 9eba0d70..4b6cf92f 100644
--- a/packages/ui/certd-client/src/views/certd/settings/email-setting.vue
+++ b/packages/ui/certd-client/src/views/certd/settings/email-setting.vue
@@ -79,12 +79,15 @@
 <script setup lang="ts">
 import { reactive } from "vue";
 import * as api from "./api";
-import * as emailApi from "./api.email";
-
 import { SettingKeys } from "./api";
+import * as emailApi from "./api.email";
 import { notification } from "ant-design-vue";
 import { useSettingStore } from "/@/store/modules/settings";
 
+defineOptions({
+  name: "EmailSetting"
+});
+
 interface FormState {
   host: string;
   port: number;
diff --git a/packages/ui/certd-client/src/views/sys/account/index.vue b/packages/ui/certd-client/src/views/sys/account/index.vue
index aaf9c454..7537231e 100644
--- a/packages/ui/certd-client/src/views/sys/account/index.vue
+++ b/packages/ui/certd-client/src/views/sys/account/index.vue
@@ -18,6 +18,10 @@ import { useUserStore } from "/@/store/modules/user";
 import { useSettingStore } from "/@/store/modules/settings";
 import * as api from "./api";
 import { notification } from "ant-design-vue";
+
+defineOptions({
+  name: "AccountBind"
+});
 const iframeRef = ref();
 
 const userStore = useUserStore();
diff --git a/packages/ui/certd-client/src/views/sys/authority/permission/index.vue b/packages/ui/certd-client/src/views/sys/authority/permission/index.vue
index 12625ace..9b58e16c 100644
--- a/packages/ui/certd-client/src/views/sys/authority/permission/index.vue
+++ b/packages/ui/certd-client/src/views/sys/authority/permission/index.vue
@@ -29,7 +29,7 @@ import { usePermission } from "/src/plugin/permission";
 import { useFs, useUi } from "@fast-crud/fast-crud";
 
 export default defineComponent({
-  name: "AuthorityPermission",
+  name: "AuthorityManager",
   components: { FsPermissionTree },
   setup() {
     // 此处传入permission进行通用按钮权限设置，会通过commonOptions去设置actionbar和rowHandle的按钮的show属性
diff --git a/packages/ui/certd-client/src/views/sys/authority/role/index.vue b/packages/ui/certd-client/src/views/sys/authority/role/index.vue
index 170eb489..34418005 100644
--- a/packages/ui/certd-client/src/views/sys/authority/role/index.vue
+++ b/packages/ui/certd-client/src/views/sys/authority/role/index.vue
@@ -5,7 +5,15 @@
     </template>
     <fs-crud ref="crudRef" v-bind="crudBinding" />
     <a-modal v-model:open="authzDialogVisible" width="860px" title="分配权限" @ok="updatePermission">
-      <fs-permission-tree ref="permissionTreeRef" v-model:checkedKeys="checkedKeys" :tree="permissionTreeData" :editable="false" checkable :replace-fields="{ key: 'id', label: 'title' }"> </fs-permission-tree>
+      <fs-permission-tree
+        ref="permissionTreeRef"
+        v-model:checked-keys="checkedKeys"
+        :tree="permissionTreeData"
+        :editable="false"
+        checkable
+        :replace-fields="{ key: 'id', label: 'title' }"
+      >
+      </fs-permission-tree>
     </a-modal>
   </fs-page>
 </template>
@@ -84,7 +92,7 @@ function useAuthz() {
 }
 
 export default defineComponent({
-  name: "AuthorityRole",
+  name: "RoleManager",
   components: { FsPermissionTree },
   setup() {
     //授权配置
diff --git a/packages/ui/certd-client/src/views/sys/authority/user/index.vue b/packages/ui/certd-client/src/views/sys/authority/user/index.vue
index 89b095f5..e2d4d905 100644
--- a/packages/ui/certd-client/src/views/sys/authority/user/index.vue
+++ b/packages/ui/certd-client/src/views/sys/authority/user/index.vue
@@ -12,7 +12,7 @@ import { defineComponent, ref, onMounted } from "vue";
 import { useCrud, useExpose, useFs } from "@fast-crud/fast-crud";
 import createCrudOptions from "./crud";
 export default defineComponent({
-  name: "AuthorityUser",
+  name: "UserManager",
   setup() {
     // 初始化crud配置
     // 此处传入权限前缀进行通用按钮权限设置，会通过commonOptions去设置actionbar和rowHandle的按钮的show属性
diff --git a/packages/ui/certd-client/src/views/sys/cname/provider/api.ts b/packages/ui/certd-client/src/views/sys/cname/provider/api.ts
new file mode 100644
index 00000000..31615e2a
--- /dev/null
+++ b/packages/ui/certd-client/src/views/sys/cname/provider/api.ts
@@ -0,0 +1,75 @@
+import { request } from "/src/api/service";
+
+const apiPrefix = "/sys/cname/provider";
+
+export async function GetList(query: any) {
+  return await request({
+    url: apiPrefix + "/page",
+    method: "post",
+    data: query
+  });
+}
+
+export async function AddObj(obj: any) {
+  return await request({
+    url: apiPrefix + "/add",
+    method: "post",
+    data: obj
+  });
+}
+
+export async function UpdateObj(obj: any) {
+  return await request({
+    url: apiPrefix + "/update",
+    method: "post",
+    data: obj
+  });
+}
+
+export async function DelObj(id: any) {
+  return await request({
+    url: apiPrefix + "/delete",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function GetObj(id: any) {
+  return await request({
+    url: apiPrefix + "/info",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function GetDetail(id: any) {
+  return await request({
+    url: apiPrefix + "/detail",
+    method: "post",
+    params: { id }
+  });
+}
+
+export async function DeleteBatch(ids: any[]) {
+  return await request({
+    url: apiPrefix + "/deleteByIds",
+    method: "post",
+    data: { ids }
+  });
+}
+
+export async function SetDefault(id: any) {
+  return await request({
+    url: apiPrefix + "/setDefault",
+    method: "post",
+    data: { id }
+  });
+}
+
+export async function SetDisabled(id: any, disabled: boolean) {
+  return await request({
+    url: apiPrefix + "/setDisabled",
+    method: "post",
+    data: { id, disabled }
+  });
+}
diff --git a/packages/ui/certd-client/src/views/sys/cname/provider/crud.tsx b/packages/ui/certd-client/src/views/sys/cname/provider/crud.tsx
new file mode 100644
index 00000000..7f6194d5
--- /dev/null
+++ b/packages/ui/certd-client/src/views/sys/cname/provider/crud.tsx
@@ -0,0 +1,245 @@
+import * as api from "./api";
+import { useI18n } from "vue-i18n";
+import { computed, Ref, ref } from "vue";
+import { useRouter } from "vue-router";
+import { AddReq, compute, CreateCrudOptionsProps, CreateCrudOptionsRet, DelReq, dict, EditReq, UserPageQuery, UserPageRes, utils } from "@fast-crud/fast-crud";
+import { useUserStore } from "/@/store/modules/user";
+import { useSettingStore } from "/@/store/modules/settings";
+import { Modal } from "ant-design-vue";
+
+export default function ({ crudExpose, context }: CreateCrudOptionsProps): CreateCrudOptionsRet {
+  const router = useRouter();
+  const { t } = useI18n();
+  const pageRequest = async (query: UserPageQuery): Promise<UserPageRes> => {
+    return await api.GetList(query);
+  };
+  const editRequest = async ({ form, row }: EditReq) => {
+    form.id = row.id;
+    const res = await api.UpdateObj(form);
+    return res;
+  };
+  const delRequest = async ({ row }: DelReq) => {
+    return await api.DelObj(row.id);
+  };
+
+  const addRequest = async ({ form }: AddReq) => {
+    form.content = JSON.stringify({
+      title: form.title
+    });
+    const res = await api.AddObj(form);
+    return res;
+  };
+
+  const userStore = useUserStore();
+  const settingStore = useSettingStore();
+  const selectedRowKeys: Ref<any[]> = ref([]);
+  context.selectedRowKeys = selectedRowKeys;
+
+  return {
+    crudOptions: {
+      settings: {
+        plugins: {
+          //这里使用行选择插件，生成行选择crudOptions配置，最终会与crudOptions合并
+          rowSelection: {
+            enabled: true,
+            order: -2,
+            before: true,
+            // handle: (pluginProps,useCrudProps)=>CrudOptions,
+            props: {
+              multiple: true,
+              crossPage: true,
+              selectedRowKeys
+            }
+          }
+        }
+      },
+      request: {
+        pageRequest,
+        addRequest,
+        editRequest,
+        delRequest
+      },
+      rowHandle: {
+        minWidth: 200,
+        fixed: "right"
+      },
+      columns: {
+        id: {
+          title: "ID",
+          key: "id",
+          type: "number",
+          column: {
+            width: 100
+          },
+          form: {
+            show: false
+          }
+        },
+        domain: {
+          title: "域名",
+          type: "text",
+          editForm: {
+            component: {
+              disabled: true
+            }
+          },
+          form: {
+            helper: "CNAME域名一旦确定不可修改",
+            rules: [{ required: true, message: "此项必填" }]
+          },
+          column: {
+            width: 200
+          }
+        },
+        dnsProviderType: {
+          title: "DNS提供商",
+          type: "dict-select",
+          dict: dict({
+            url: "pi/dnsProvider/list",
+            value: "key",
+            label: "title"
+          }),
+          form: {
+            rules: [{ required: true, message: "此项必填" }]
+          },
+          column: {
+            width: 150,
+            component: {
+              color: "auto"
+            }
+          }
+        },
+        accessId: {
+          title: "DNS提供商授权",
+          type: "dict-select",
+          dict: dict({
+            url: "/pi/access/list",
+            value: "id",
+            label: "name"
+          }),
+          form: {
+            component: {
+              name: "access-selector",
+              vModel: "modelValue",
+              type: compute(({ form }) => {
+                return form.dnsProviderType;
+              })
+            },
+            rules: [{ required: true, message: "此项必填" }]
+          },
+          column: {
+            width: 150,
+            component: {
+              color: "auto"
+            }
+          }
+        },
+        isDefault: {
+          title: "是否默认",
+          type: "dict-switch",
+          dict: dict({
+            data: [
+              { label: "是", value: true, color: "success" },
+              { label: "否", value: false, color: "default" }
+            ]
+          }),
+          form: {
+            value: false,
+            rules: [{ required: true, message: "请选择是否默认" }]
+          },
+          column: {
+            align: "center",
+            width: 100
+          }
+        },
+        setDefault: {
+          title: "设置默认",
+          type: "text",
+          form: {
+            show: false
+          },
+          column: {
+            width: 100,
+            align: "center",
+            conditionalRenderDisabled: true,
+            cellRender: ({ row }) => {
+              if (row.isDefault) {
+                return;
+              }
+              const onClick = async () => {
+                Modal.confirm({
+                  title: "提示",
+                  content: `确定要设置为默认吗？`,
+                  onOk: async () => {
+                    await api.SetDefault(row.id);
+                    await crudExpose.doRefresh();
+                  }
+                });
+              };
+
+              return (
+                <a-button type={"link"} size={"small"} onClick={onClick}>
+                  设为默认
+                </a-button>
+              );
+            }
+          }
+        },
+        disabled: {
+          title: "禁用/启用",
+          type: "dict-switch",
+          dict: dict({
+            data: [
+              { label: "启用", value: false, color: "success" },
+              { label: "禁用", value: true, color: "error" }
+            ]
+          }),
+          form: {
+            value: false
+          },
+          column: {
+            width: 100,
+            component: {
+              title: "点击可禁用/启用",
+              on: {
+                async click({ value, row }) {
+                  Modal.confirm({
+                    title: "提示",
+                    content: `确定要${!value ? "禁用" : "启用"}吗？`,
+                    onOk: async () => {
+                      await api.SetDisabled(row.id, !value);
+                      await crudExpose.doRefresh();
+                    }
+                  });
+                }
+              }
+            }
+          }
+        },
+        createTime: {
+          title: "创建时间",
+          type: "datetime",
+          form: {
+            show: false
+          },
+          column: {
+            sorter: true,
+            width: 160,
+            align: "center"
+          }
+        },
+        updateTime: {
+          title: "更新时间",
+          type: "datetime",
+          form: {
+            show: false
+          },
+          column: {
+            show: true,
+            width: 160
+          }
+        }
+      }
+    }
+  };
+}
diff --git a/packages/ui/certd-client/src/views/sys/cname/provider/index.vue b/packages/ui/certd-client/src/views/sys/cname/provider/index.vue
new file mode 100644
index 00000000..7f3eb0d1
--- /dev/null
+++ b/packages/ui/certd-client/src/views/sys/cname/provider/index.vue
@@ -0,0 +1,56 @@
+<template>
+  <fs-page class="page-cert">
+    <template #header>
+      <div class="title">
+        CNAME服务配置
+        <span class="sub">
+          此处配置的域名作为其他域名校验的代理，当别的域名需要申请证书时，通过CNAME映射到此域名上来验证所有权。好处是任何域名都可以通过此方式申请证书，也无需填写AccessSecret。
+        </span>
+      </div>
+    </template>
+    <fs-crud ref="crudRef" v-bind="crudBinding">
+      <template #pagination-left>
+        <a-tooltip title="批量删除">
+          <fs-button icon="DeleteOutlined" @click="handleBatchDelete"></fs-button>
+        </a-tooltip>
+      </template>
+    </fs-crud>
+  </fs-page>
+</template>
+
+<script lang="ts" setup>
+import { onMounted } from "vue";
+import { useFs } from "@fast-crud/fast-crud";
+import createCrudOptions from "./crud";
+import { message, Modal } from "ant-design-vue";
+import { DeleteBatch } from "/@/views/certd/history/api";
+
+defineOptions({
+  name: "CnameProvider"
+});
+const { crudBinding, crudRef, crudExpose, context } = useFs({ createCrudOptions });
+
+const selectedRowKeys = context.selectedRowKeys;
+const handleBatchDelete = () => {
+  if (selectedRowKeys.value?.length > 0) {
+    Modal.confirm({
+      title: "确认",
+      content: `确定要批量删除这${selectedRowKeys.value.length}条记录吗`,
+      async onOk() {
+        await DeleteBatch(selectedRowKeys.value);
+        message.info("删除成功");
+        crudExpose.doRefresh();
+        selectedRowKeys.value = [];
+      }
+    });
+  } else {
+    message.error("请先勾选记录");
+  }
+};
+
+// 页面打开后获取列表数据
+onMounted(() => {
+  crudExpose.doRefresh();
+});
+</script>
+<style lang="less"></style>
diff --git a/packages/ui/certd-client/src/views/sys/settings/index.vue b/packages/ui/certd-client/src/views/sys/settings/index.vue
index 188ab5fb..fa545b6c 100644
--- a/packages/ui/certd-client/src/views/sys/settings/index.vue
+++ b/packages/ui/certd-client/src/views/sys/settings/index.vue
@@ -47,6 +47,10 @@ import { PublicSettingsSave, SettingKeys } from "./api";
 import { notification } from "ant-design-vue";
 import { useSettingStore } from "/@/store/modules/settings";
 
+defineOptions({
+  name: "SysSettings"
+});
+
 interface FormState {
   registerEnabled: boolean;
   managerOtherUserPipeline: boolean;
diff --git a/packages/ui/certd-client/src/views/sys/site/index.vue b/packages/ui/certd-client/src/views/sys/site/index.vue
index 9ce0f91b..c876492f 100644
--- a/packages/ui/certd-client/src/views/sys/site/index.vue
+++ b/packages/ui/certd-client/src/views/sys/site/index.vue
@@ -68,6 +68,10 @@ import { notification } from "ant-design-vue";
 import { useSettingStore } from "/src/store/modules/settings";
 import { useUserStore } from "/@/store/modules/user";
 
+defineOptions({
+  name: "SiteSetting"
+});
+
 interface FormState {
   title: string;
   slogan: string;
diff --git a/packages/ui/certd-server/db/migration/v10009__cname.sql b/packages/ui/certd-server/db/migration/v10009__cname.sql
new file mode 100644
index 00000000..0e48f51e
--- /dev/null
+++ b/packages/ui/certd-server/db/migration/v10009__cname.sql
@@ -0,0 +1,27 @@
+CREATE TABLE "cd_cname_provider"
+(
+  "id"                integer      NOT NULL PRIMARY KEY AUTOINCREMENT,
+  "domain"            varchar(100) NOT NULL,
+  "dns_provider_type" varchar(100) NOT NULL,
+  "access_id"         integer      NOT NULL,
+  "is_default"        boolean      NOT NULL,
+  "remark"            varchar(200),
+  "disabled"          boolean      NOT NULL,
+  "create_time"       datetime     NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time"       datetime     NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
+
+
+CREATE TABLE "cd_cname_record"
+(
+  "id"                integer      NOT NULL PRIMARY KEY AUTOINCREMENT,
+  "user_id"           integer      NOT NULL,
+  "domain"            varchar(100) NOT NULL,
+  "host_record"       varchar(100) NOT NULL,
+  "record_value"      varchar(200) NOT NULL,
+  "cname_provider_id" integer      NOT NULL,
+  "status"            varchar(100) NOT NULL,
+  "create_time"       datetime     NOT NULL DEFAULT (CURRENT_TIMESTAMP),
+  "update_time"       datetime     NOT NULL DEFAULT (CURRENT_TIMESTAMP)
+);
+
diff --git a/packages/ui/certd-server/package.json b/packages/ui/certd-server/package.json
index dee577a5..f434d8e6 100644
--- a/packages/ui/certd-server/package.json
+++ b/packages/ui/certd-server/package.json
@@ -70,6 +70,7 @@
     "nanoid": "^5.0.7",
     "nodemailer": "^6.9.3",
     "pg": "^8.12.0",
+    "psl": "^1.9.0",
     "qiniu": "^7.12.0",
     "querystring": "^0.2.1",
     "reflect-metadata": "^0.1.13",
diff --git a/packages/ui/certd-server/src/config/config.default.ts b/packages/ui/certd-server/src/config/config.default.ts
index f928dc26..f80e1c11 100644
--- a/packages/ui/certd-server/src/config/config.default.ts
+++ b/packages/ui/certd-server/src/config/config.default.ts
@@ -7,7 +7,7 @@ import { MidwayConfig } from '@midwayjs/core';
 
 // eslint-disable-next-line node/no-extraneous-import
 import { FlywayHistory } from '@certd/midway-flyway-js';
-import { UserEntity } from '../modules/authority/entity/user.js';
+import { UserEntity } from '../modules/sys/authority/entity/user.js';
 import { PipelineEntity } from '../modules/pipeline/entity/pipeline.js';
 //import { logger } from '../utils/logger';
 // load .env file in process.cwd
@@ -67,7 +67,7 @@ const development = {
         logging: false,
 
         // 配置实体模型 或者 entities: '/entity',
-        entities: ['**/modules/*/entity/*.js', ...libServerEntities, ...commercialEntities, PipelineEntity, FlywayHistory, UserEntity],
+        entities: ['**/modules/**/entity/*.js', ...libServerEntities, ...commercialEntities, PipelineEntity, FlywayHistory, UserEntity],
       },
     },
   },
diff --git a/packages/ui/certd-server/src/middleware/authority.ts b/packages/ui/certd-server/src/middleware/authority.ts
index 3a0b5a48..a370ec9e 100644
--- a/packages/ui/certd-server/src/middleware/authority.ts
+++ b/packages/ui/certd-server/src/middleware/authority.ts
@@ -3,7 +3,7 @@ import { IMidwayKoaContext, IWebMiddleware, NextFunction } from '@midwayjs/koa';
 import jwt from 'jsonwebtoken';
 import { Constants } from '@certd/lib-server';
 import { logger } from '@certd/pipeline';
-import { AuthService } from '../modules/authority/service/auth-service.js';
+import { AuthService } from '../modules/sys/authority/service/auth-service.js';
 import { SysSettingsService } from '@certd/lib-server';
 import { SysPrivateSettings } from '@certd/lib-server';
 
diff --git a/packages/ui/certd-server/src/middleware/reset-passwd/middleware.ts b/packages/ui/certd-server/src/middleware/reset-passwd/middleware.ts
index 421b94b2..56fa7bbb 100644
--- a/packages/ui/certd-server/src/middleware/reset-passwd/middleware.ts
+++ b/packages/ui/certd-server/src/middleware/reset-passwd/middleware.ts
@@ -1,7 +1,7 @@
 import { Autoload, Config, Init, Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { IMidwayKoaContext, IWebMiddleware, NextFunction } from '@midwayjs/koa';
 import { CommonException } from '@certd/lib-server';
-import { UserService } from '../../modules/authority/service/user-service.js';
+import { UserService } from '../../modules/sys/authority/service/user-service.js';
 import { logger } from '@certd/pipeline';
 
 /**
diff --git a/packages/ui/certd-server/src/modules/auto/auto-init-site.ts b/packages/ui/certd-server/src/modules/auto/auto-init-site.ts
index 9b42f015..2c5dbea1 100644
--- a/packages/ui/certd-server/src/modules/auto/auto-init-site.ts
+++ b/packages/ui/certd-server/src/modules/auto/auto-init-site.ts
@@ -1,6 +1,6 @@
 import { Autoload, Config, Init, Inject, Scope, ScopeEnum } from '@midwayjs/core';
 import { logger } from '@certd/pipeline';
-import { UserService } from '../authority/service/user-service.js';
+import { UserService } from '../sys/authority/service/user-service.js';
 import { PlusService, SysSettingsService } from '@certd/lib-server';
 import { nanoid } from 'nanoid';
 import { SysInstallInfo, SysPrivateSettings } from '@certd/lib-server';
diff --git a/packages/ui/certd-server/src/modules/basic/controller/file-controller.ts b/packages/ui/certd-server/src/modules/basic/controller/file-controller.ts
index e2842939..714b5d9e 100644
--- a/packages/ui/certd-server/src/modules/basic/controller/file-controller.ts
+++ b/packages/ui/certd-server/src/modules/basic/controller/file-controller.ts
@@ -13,7 +13,7 @@ export class FileController extends BaseController {
   @Inject()
   fileService: FileService;
 
-  @Post('/upload', { summary: 'sys:settings:view' })
+  @Post('/upload', { summary: Constants.per.authOnly })
   async upload(@Files() files: UploadFileInfo<string>[], @Fields() fields: any) {
     console.log('files', files, fields);
     const cacheKey = uploadTmpFileCacheKey + nanoid();
diff --git a/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts b/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts
new file mode 100644
index 00000000..30a9acc4
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/cname/controller/cname-provider-controller.ts
@@ -0,0 +1,27 @@
+import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
+import { BaseController, Constants } from '@certd/lib-server';
+import { CnameRecordService } from '../service/cname-record-service.js';
+import { CnameProviderService } from '../../sys/cname/service/cname-provider-service.js';
+
+/**
+ * 授权
+ */
+@Provide()
+@Controller('/api/cname/provider')
+export class CnameProviderController extends BaseController {
+  @Inject()
+  service: CnameRecordService;
+  @Inject()
+  providerService: CnameProviderService;
+
+  getService(): CnameRecordService {
+    return this.service;
+  }
+
+  @Post('/list', { summary: Constants.per.authOnly })
+  async list(@Body(ALL) body: any) {
+    body.userId = this.ctx.user.id;
+    const res = await this.providerService.find({});
+    return this.ok(res);
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
new file mode 100644
index 00000000..dba164fa
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/cname/controller/cname-record-controller.ts
@@ -0,0 +1,61 @@
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
+import { Constants, CrudController } from '@certd/lib-server';
+import { CnameRecordService } from '../service/cname-record-service.js';
+
+/**
+ * 授权
+ */
+@Provide()
+@Controller('/api/cname/record')
+export class CnameRecordController extends CrudController<CnameRecordService> {
+  @Inject()
+  service: CnameRecordService;
+
+  getService(): CnameRecordService {
+    return this.service;
+  }
+
+  @Post('/page', { summary: Constants.per.authOnly })
+  async page(@Body(ALL) body: any) {
+    body.query = body.query ?? {};
+    body.query.userId = this.ctx.user.id;
+    return await super.page(body);
+  }
+
+  @Post('/list', { summary: Constants.per.authOnly })
+  async list(@Body(ALL) body: any) {
+    body.userId = this.ctx.user.id;
+    return super.list(body);
+  }
+
+  @Post('/add', { summary: Constants.per.authOnly })
+  async add(@Body(ALL) bean: any) {
+    bean.userId = this.ctx.user.id;
+    return super.add(bean);
+  }
+
+  @Post('/update', { summary: Constants.per.authOnly })
+  async update(@Body(ALL) bean: any) {
+    await this.service.checkUserId(bean.id, this.ctx.user.id);
+    return super.update(bean);
+  }
+
+  @Post('/info', { summary: Constants.per.authOnly })
+  async info(@Query('id') id: number) {
+    await this.service.checkUserId(id, this.ctx.user.id);
+    return super.info(id);
+  }
+
+  @Post('/delete', { summary: Constants.per.authOnly })
+  async delete(@Query('id') id: number) {
+    await this.service.checkUserId(id, this.ctx.user.id);
+    return super.delete(id);
+  }
+
+  @Post('/getByDomain', { summary: Constants.per.authOnly })
+  async getByDomain(@Body(ALL) body: { domain: string; createOnNotFound: boolean }) {
+    const userId = this.ctx.user.id;
+    const res = await this.service.getByDomain(body.domain, userId, body.createOnNotFound);
+    return this.ok(res);
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/cname/entity/cname-record.ts b/packages/ui/certd-server/src/modules/cname/entity/cname-record.ts
new file mode 100644
index 00000000..b0036a7d
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/cname/entity/cname-record.ts
@@ -0,0 +1,41 @@
+import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
+
+/**
+ * cname record配置
+ */
+@Entity('cd_cname_record')
+export class CnameRecordEntity {
+  @PrimaryGeneratedColumn()
+  id: number;
+
+  @Column({ comment: '用户ID', name: 'user_id' })
+  userId: number;
+
+  @Column({ comment: '证书申请域名', length: 100 })
+  domain: string;
+
+  @Column({ comment: '主机记录', name: 'host_record', length: 100 })
+  hostRecord: string;
+
+  @Column({ comment: '记录值', name: 'record_value', length: 200 })
+  recordValue: string;
+
+  @Column({ comment: 'CNAME提供者', name: 'cname_provider_id' })
+  cnameProviderId: number;
+
+  @Column({ comment: '验证状态', length: 20 })
+  status: string;
+
+  @Column({
+    comment: '创建时间',
+    name: 'create_time',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  createTime: Date;
+  @Column({
+    comment: '修改时间',
+    name: 'update_time',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  updateTime: Date;
+}
diff --git a/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
new file mode 100644
index 00000000..067ac134
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/cname/service/cname-record-service.ts
@@ -0,0 +1,133 @@
+import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
+import { InjectEntityModel } from '@midwayjs/typeorm';
+import { Repository } from 'typeorm';
+import { BaseService, ValidateException } from '@certd/lib-server';
+import { CnameRecordEntity } from '../entity/cname-record.js';
+import { v4 as uuidv4 } from 'uuid';
+import { CnameProviderService } from '../../sys/cname/service/cname-provider-service.js';
+import { CnameProviderEntity } from '../../sys/cname/entity/cname_provider.js';
+import { parseDomain } from '@certd/plugin-cert';
+
+/**
+ * 授权
+ */
+@Provide()
+@Scope(ScopeEnum.Singleton)
+export class CnameRecordService extends BaseService<CnameRecordEntity> {
+  @InjectEntityModel(CnameRecordEntity)
+  repository: Repository<CnameRecordEntity>;
+
+  @Inject()
+  cnameProviderService: CnameProviderService;
+  getRepository() {
+    return this.repository;
+  }
+  /**
+   * 新增
+   * @param param 数据
+   */
+  async add(param: any): Promise<CnameRecordEntity> {
+    if (!param.domain) {
+      throw new ValidateException('域名不能为空');
+    }
+    if (!param.userId) {
+      throw new ValidateException('userId不能为空');
+    }
+    if (param.domain.startsWith('*.')) {
+      param.domain = param.domain.substring(2);
+    }
+    const info = await this.getRepository().findOne({ where: { domain: param.domain } });
+    if (info) {
+      return info;
+    }
+
+    let cnameProvider: CnameProviderEntity = null;
+    if (!param.cnameProviderId) {
+      //获取默认的cnameProviderId
+      cnameProvider = await this.cnameProviderService.getByPriority();
+      if (cnameProvider == null) {
+        throw new ValidateException('找不到CNAME服务，请先联系管理员添加CNAME服务');
+      }
+    } else {
+      cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
+    }
+    this.cnameProviderChanged(param, cnameProvider);
+
+    param.status = 'cname';
+    const { id } = await super.add(param);
+    return await this.info(id);
+  }
+
+  private cnameProviderChanged(param: any, cnameProvider: CnameProviderEntity) {
+    param.cnameProviderId = cnameProvider.id;
+
+    const realDomain = parseDomain(param.domain);
+    const prefix = param.domain.replace(realDomain, '');
+    let hostRecord = `_acme-challenge.${prefix}`;
+    if (hostRecord.endsWith('.')) {
+      hostRecord = hostRecord.substring(0, hostRecord.length - 1);
+    }
+    param.hostRecord = hostRecord;
+
+    const cnameKey = uuidv4().replaceAll('-', '');
+    param.recordValue = `${cnameKey}.${cnameProvider.domain}`;
+  }
+
+  async update(param: any) {
+    if (!param.id) {
+      throw new ValidateException('id不能为空');
+    }
+
+    const old = await this.info(param.id);
+    if (!old) {
+      throw new ValidateException('数据不存在');
+    }
+    if (old.domain !== param.domain) {
+      throw new ValidateException('域名不允许修改');
+    }
+    if (old.cnameProviderId !== param.cnameProviderId) {
+      const cnameProvider = await this.cnameProviderService.info(param.cnameProviderId);
+      this.cnameProviderChanged(param, cnameProvider);
+      param.status = 'cname';
+    }
+    return await super.update(param);
+  }
+
+  async validate(id: number) {
+    const info = await this.info(id);
+    if (info.status === 'success') {
+      return true;
+    }
+
+    //开始校验
+    // 1.  dnsProvider
+    // 2.  添加txt记录
+    // 3.  检查原域名是否有cname记录
+  }
+
+  async getByDomain(domain: string, userId: number, createOnNotFound = true) {
+    if (!domain) {
+      throw new ValidateException('domain不能为空');
+    }
+    if (userId == null) {
+      throw new ValidateException('userId不能为空');
+    }
+    let record = await this.getRepository().findOne({ where: { domain, userId } });
+    if (record == null) {
+      if (createOnNotFound) {
+        record = await this.add({ domain, userId });
+      } else {
+        throw new ValidateException(`找不到${domain}的CNAME记录`);
+      }
+    }
+    const provider = await this.cnameProviderService.info(record.cnameProviderId);
+    if (provider == null) {
+      throw new ValidateException(`找不到${domain}的CNAME服务`);
+    }
+
+    return {
+      ...record,
+      cnameProvider: provider,
+    };
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/login/controller/register-controller.ts b/packages/ui/certd-server/src/modules/login/controller/register-controller.ts
index e0f092cf..fcb957e1 100644
--- a/packages/ui/certd-server/src/modules/login/controller/register-controller.ts
+++ b/packages/ui/certd-server/src/modules/login/controller/register-controller.ts
@@ -1,8 +1,8 @@
 import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
 import { BaseController } from '@certd/lib-server';
 import { Constants } from '@certd/lib-server';
-import { UserService } from '../../authority/service/user-service.js';
-import { UserEntity } from '../../authority/entity/user.js';
+import { UserService } from '../../sys/authority/service/user-service.js';
+import { UserEntity } from '../../sys/authority/entity/user.js';
 import { SysSettingsService } from '@certd/lib-server';
 
 /**
diff --git a/packages/ui/certd-server/src/modules/login/service/login-service.ts b/packages/ui/certd-server/src/modules/login/service/login-service.ts
index 9212714f..d16e1005 100644
--- a/packages/ui/certd-server/src/modules/login/service/login-service.ts
+++ b/packages/ui/certd-server/src/modules/login/service/login-service.ts
@@ -1,9 +1,9 @@
 import { Config, Inject, Provide } from '@midwayjs/core';
-import { UserService } from '../../authority/service/user-service.js';
+import { UserService } from '../../sys/authority/service/user-service.js';
 import jwt from 'jsonwebtoken';
 import { CommonException } from '@certd/lib-server';
-import { RoleService } from '../../authority/service/role-service.js';
-import { UserEntity } from '../../authority/entity/user.js';
+import { RoleService } from '../../sys/authority/service/role-service.js';
+import { UserEntity } from '../../sys/authority/entity/user.js';
 import { SysSettingsService } from '@certd/lib-server';
 import { SysPrivateSettings } from '@certd/lib-server';
 
diff --git a/packages/ui/certd-server/src/modules/mine/controller/mine-controller.ts b/packages/ui/certd-server/src/modules/mine/controller/mine-controller.ts
index d60a93b4..c4a21ae2 100644
--- a/packages/ui/certd-server/src/modules/mine/controller/mine-controller.ts
+++ b/packages/ui/certd-server/src/modules/mine/controller/mine-controller.ts
@@ -1,7 +1,7 @@
 import { ALL, Body, Controller, Inject, Post, Provide } from '@midwayjs/core';
 import { BaseController, Constants } from '@certd/lib-server';
-import { UserService } from '../../authority/service/user-service.js';
-import { RoleService } from '../../authority/service/role-service.js';
+import { UserService } from '../../sys/authority/service/user-service.js';
+import { RoleService } from '../../sys/authority/service/role-service.js';
 
 /**
  */
diff --git a/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts b/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts
index 569e1d12..88c530f0 100644
--- a/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts
+++ b/packages/ui/certd-server/src/modules/mine/controller/user-settings-controller.ts
@@ -1,12 +1,4 @@
-import {
-  ALL,
-  Body,
-  Controller,
-  Inject,
-  Post,
-  Provide,
-  Query,
-} from '@midwayjs/core';
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
 import { CrudController } from '@certd/lib-server';
 import { Constants } from '@certd/lib-server';
 import { UserSettingsService } from '../service/user-settings-service.js';
diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts
index 3052d3cd..99ecf34a 100644
--- a/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/history-controller.ts
@@ -8,7 +8,7 @@ import { HistoryLogEntity } from '../entity/history-log.js';
 import { PipelineService } from '../service/pipeline-service.js';
 import * as fs from 'fs';
 import { logger } from '@certd/pipeline';
-import { AuthService } from '../../authority/service/auth-service.js';
+import { AuthService } from '../../sys/authority/service/auth-service.js';
 import { SysSettingsService } from '@certd/lib-server';
 import { In } from 'typeorm';
 
diff --git a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
index 9a1b0b99..bcd28e2f 100644
--- a/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/controller/pipeline-controller.ts
@@ -4,7 +4,7 @@ import { PipelineService } from '../service/pipeline-service.js';
 import { PipelineEntity } from '../entity/pipeline.js';
 import { Constants } from '@certd/lib-server';
 import { HistoryService } from '../service/history-service.js';
-import { AuthService } from '../../authority/service/auth-service.js';
+import { AuthService } from '../../sys/authority/service/auth-service.js';
 import { SysSettingsService } from '@certd/lib-server';
 
 /**
diff --git a/packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts b/packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts
new file mode 100644
index 00000000..0292f4ba
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-getter.ts
@@ -0,0 +1,14 @@
+import { IAccessService } from '@certd/pipeline';
+
+export class AccessGetter implements IAccessService {
+  userId: number;
+  getter: <T>(id: any, userId?: number) => Promise<T>;
+  constructor(userId: number, getter: (id: any, userId: number) => Promise<any>) {
+    this.userId = userId;
+    this.getter = getter;
+  }
+
+  async getById<T = any>(id: any) {
+    return await this.getter<T>(id, this.userId);
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts b/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
index 6d92dba6..1dd3b0bd 100644
--- a/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/access-service.ts
@@ -1,18 +1,17 @@
 import { Inject, Provide, Scope, ScopeEnum } from '@midwayjs/core';
 import { InjectEntityModel } from '@midwayjs/typeorm';
 import { Repository } from 'typeorm';
-import { BaseService } from '@certd/lib-server';
+import { BaseService, PermissionException, ValidateException } from '@certd/lib-server';
 import { AccessEntity } from '../entity/access.js';
-import { AccessDefine, accessRegistry, IAccessService, newAccess } from '@certd/pipeline';
+import { AccessDefine, accessRegistry, newAccess } from '@certd/pipeline';
 import { EncryptService } from './encrypt-service.js';
-import { ValidateException } from '@certd/lib-server';
 
 /**
  * 授权
  */
 @Provide()
 @Scope(ScopeEnum.Singleton)
-export class AccessService extends BaseService<AccessEntity> implements IAccessService {
+export class AccessService extends BaseService<AccessEntity> {
   @InjectEntityModel(AccessEntity)
   repository: Repository<AccessEntity>;
 
@@ -102,11 +101,14 @@ export class AccessService extends BaseService<AccessEntity> implements IAccessS
     return await super.update(param);
   }
 
-  async getById(id: any): Promise<any> {
+  async getById(id: any, userId?: number): Promise<any> {
     const entity = await this.info(id);
     if (entity == null) {
       throw new Error(`该授权配置不存在,请确认是否已被删除:id=${id}`);
     }
+    if (userId !== entity.userId) {
+      throw new PermissionException('您对该授权无访问权限');
+    }
     // const access = accessRegistry.get(entity.type);
     const setting = this.decryptAccessEntity(entity);
     const input = {
diff --git a/packages/ui/certd-server/src/modules/pipeline/service/cname-proxy-service.ts b/packages/ui/certd-server/src/modules/pipeline/service/cname-proxy-service.ts
new file mode 100644
index 00000000..1e39d5c2
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/pipeline/service/cname-proxy-service.ts
@@ -0,0 +1,14 @@
+import { CnameRecord, ICnameProxyService } from '@certd/pipeline';
+
+export class CnameProxyService implements ICnameProxyService {
+  userId: number;
+  getter: <T>(domain: string, userId?: number) => Promise<T>;
+  constructor(userId: number, getter: (domain: string, userId: number) => Promise<any>) {
+    this.userId = userId;
+    this.getter = getter;
+  }
+
+  getByDomain(domain: string): Promise<CnameRecord> {
+    return this.getter<CnameRecord>(domain, this.userId);
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
index cbec066a..57757451 100644
--- a/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
+++ b/packages/ui/certd-server/src/modules/pipeline/service/pipeline-service.ts
@@ -16,7 +16,10 @@ import { HistoryLogService } from './history-log-service.js';
 import { logger } from '@certd/pipeline';
 import { EmailService } from '../../basic/service/email-service.js';
 import { NeedVIPException } from '@certd/lib-server';
-import { UserService } from '../../authority/service/user-service.js';
+import { UserService } from '../../sys/authority/service/user-service.js';
+import { AccessGetter } from './access-getter.js';
+import { CnameRecordService } from '../../cname/service/cname-record-service.js';
+import { CnameProxyService } from './cname-proxy-service.js';
 
 const runningTasks: Map<string | number, Executor> = new Map();
 const freeCount = 10;
@@ -34,6 +37,8 @@ export class PipelineService extends BaseService<PipelineEntity> {
   @Inject()
   accessService: AccessService;
   @Inject()
+  cnameRecordService: CnameRecordService;
+  @Inject()
   storageService: StorageService;
   @Inject()
   historyService: HistoryService;
@@ -341,11 +346,14 @@ export class PipelineService extends BaseService<PipelineEntity> {
       id: userId,
       role: userIsAdmin ? 'admin' : 'user',
     };
+    const accessGetter = new AccessGetter(userId, this.accessService.getById.bind(this.accessService));
+    const cnameProxyService = new CnameProxyService(userId, this.cnameRecordService.getByDomain.bind(this.cnameRecordService));
     const executor = new Executor({
       user,
       pipeline,
       onChanged,
-      accessService: this.accessService,
+      accessService: accessGetter,
+      cnameProxyService,
       storage: new DbStorage(userId, this.storageService),
       emailService: this.emailService,
       fileRootDir: this.certdConfig.fileRootDir,
diff --git a/packages/ui/certd-server/src/modules/account/account-controller.ts b/packages/ui/certd-server/src/modules/sys/account/account-controller.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/account/account-controller.ts
rename to packages/ui/certd-server/src/modules/sys/account/account-controller.ts
diff --git a/packages/ui/certd-server/src/modules/authority/controller/permission-controller.ts b/packages/ui/certd-server/src/modules/sys/authority/controller/permission-controller.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/controller/permission-controller.ts
rename to packages/ui/certd-server/src/modules/sys/authority/controller/permission-controller.ts
diff --git a/packages/ui/certd-server/src/modules/authority/controller/role-controller.ts b/packages/ui/certd-server/src/modules/sys/authority/controller/role-controller.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/controller/role-controller.ts
rename to packages/ui/certd-server/src/modules/sys/authority/controller/role-controller.ts
diff --git a/packages/ui/certd-server/src/modules/authority/controller/user-controller.ts b/packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/controller/user-controller.ts
rename to packages/ui/certd-server/src/modules/sys/authority/controller/user-controller.ts
diff --git a/packages/ui/certd-server/src/modules/authority/entity/permission.ts b/packages/ui/certd-server/src/modules/sys/authority/entity/permission.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/entity/permission.ts
rename to packages/ui/certd-server/src/modules/sys/authority/entity/permission.ts
diff --git a/packages/ui/certd-server/src/modules/authority/entity/role-permission.ts b/packages/ui/certd-server/src/modules/sys/authority/entity/role-permission.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/entity/role-permission.ts
rename to packages/ui/certd-server/src/modules/sys/authority/entity/role-permission.ts
diff --git a/packages/ui/certd-server/src/modules/authority/entity/role.ts b/packages/ui/certd-server/src/modules/sys/authority/entity/role.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/entity/role.ts
rename to packages/ui/certd-server/src/modules/sys/authority/entity/role.ts
diff --git a/packages/ui/certd-server/src/modules/authority/entity/user-role.ts b/packages/ui/certd-server/src/modules/sys/authority/entity/user-role.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/entity/user-role.ts
rename to packages/ui/certd-server/src/modules/sys/authority/entity/user-role.ts
diff --git a/packages/ui/certd-server/src/modules/authority/entity/user.ts b/packages/ui/certd-server/src/modules/sys/authority/entity/user.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/entity/user.ts
rename to packages/ui/certd-server/src/modules/sys/authority/entity/user.ts
diff --git a/packages/ui/certd-server/src/modules/authority/enums/ResourceTypeEnum.ts b/packages/ui/certd-server/src/modules/sys/authority/enums/ResourceTypeEnum.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/enums/ResourceTypeEnum.ts
rename to packages/ui/certd-server/src/modules/sys/authority/enums/ResourceTypeEnum.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/auth-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/auth-service.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/service/auth-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/auth-service.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/permission-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/permission-service.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/service/permission-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/permission-service.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/role-permission-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/role-permission-service.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/service/role-permission-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/role-permission-service.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/role-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/role-service.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/service/role-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/role-service.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/user-role-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/user-role-service.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/authority/service/user-role-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/user-role-service.ts
diff --git a/packages/ui/certd-server/src/modules/authority/service/user-service.ts b/packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts
similarity index 99%
rename from packages/ui/certd-server/src/modules/authority/service/user-service.ts
rename to packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts
index ad2750b1..eaef744f 100644
--- a/packages/ui/certd-server/src/modules/authority/service/user-service.ts
+++ b/packages/ui/certd-server/src/modules/sys/authority/service/user-service.ts
@@ -14,7 +14,7 @@ import { UserRoleEntity } from '../entity/user-role.js';
 import bcrypt from 'bcryptjs';
 import { SysSettingsService } from '@certd/lib-server';
 import { SysInstallInfo } from '@certd/lib-server';
-import { RandomUtil } from '../../../utils/random.js';
+import { RandomUtil } from '../../../../utils/random.js';
 
 /**
  * 系统用户
diff --git a/packages/ui/certd-server/src/modules/sys/cname/controller/cname-provider-controller.ts b/packages/ui/certd-server/src/modules/sys/cname/controller/cname-provider-controller.ts
new file mode 100644
index 00000000..b2608adb
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/sys/cname/controller/cname-provider-controller.ts
@@ -0,0 +1,66 @@
+import { ALL, Body, Controller, Inject, Post, Provide, Query } from '@midwayjs/core';
+import { CrudController } from '@certd/lib-server';
+import { CnameProviderService } from '../service/cname-provider-service.js';
+import { merge } from 'lodash-es';
+
+/**
+ * 授权
+ */
+@Provide()
+@Controller('/api/sys/cname/provider')
+export class CnameRecordController extends CrudController<CnameProviderService> {
+  @Inject()
+  service: CnameProviderService;
+
+  getService(): CnameProviderService {
+    return this.service;
+  }
+
+  @Post('/page', { summary: 'sys:settings:view' })
+  async page(@Body(ALL) body: any) {
+    body.query = body.query ?? {};
+    return await super.page(body);
+  }
+
+  @Post('/list', { summary: 'sys:settings:view' })
+  async list(@Body(ALL) body: any) {
+    return super.list(body);
+  }
+
+  @Post('/add', { summary: 'sys:settings:edit' })
+  async add(@Body(ALL) bean: any) {
+    const def: any = {
+      isDefault: false,
+      disabled: false,
+    };
+    merge(bean, def);
+    return super.add(bean);
+  }
+
+  @Post('/update', { summary: 'sys:settings:edit' })
+  async update(@Body(ALL) bean: any) {
+    return super.update(bean);
+  }
+
+  @Post('/info', { summary: 'sys:settings:view' })
+  async info(@Query('id') id: number) {
+    return super.info(id);
+  }
+
+  @Post('/delete', { summary: 'sys:settings:edit' })
+  async delete(@Query('id') id: number) {
+    return super.delete(id);
+  }
+
+  @Post('/setDefault', { summary: 'sys:settings:edit' })
+  async setDefault(@Body('id') id: number) {
+    await this.service.setDefault(id);
+    return this.ok();
+  }
+
+  @Post('/setDisabled', { summary: 'sys:settings:edit' })
+  async setDisabled(@Body('id') id: number, @Body('disabled') disabled: boolean) {
+    await this.service.setDisabled(id, disabled);
+    return this.ok();
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/sys/cname/entity/cname_provider.ts b/packages/ui/certd-server/src/modules/sys/cname/entity/cname_provider.ts
new file mode 100644
index 00000000..b439bfc6
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/sys/cname/entity/cname_provider.ts
@@ -0,0 +1,35 @@
+import { Column, Entity, PrimaryGeneratedColumn } from 'typeorm';
+
+/**
+ * cname配置
+ */
+@Entity('cd_cname_provider')
+export class CnameProviderEntity {
+  @PrimaryGeneratedColumn()
+  id: number;
+  @Column({ comment: '域名', length: 100 })
+  domain: string;
+  @Column({ comment: 'DNS提供商类型', name: 'dns_provider_type', length: 20 })
+  dnsProviderType: string;
+  @Column({ comment: 'DNS授权Id', name: 'access_id' })
+  accessId: number;
+  @Column({ comment: '是否默认', name: 'is_default' })
+  isDefault: boolean;
+  @Column({ comment: '是否禁用', name: 'disabled' })
+  disabled: boolean;
+  @Column({ comment: '备注', length: 200 })
+  remark: string;
+
+  @Column({
+    comment: '创建时间',
+    name: 'create_time',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  createTime: Date;
+  @Column({
+    comment: '修改时间',
+    name: 'update_time',
+    default: () => 'CURRENT_TIMESTAMP',
+  })
+  updateTime: Date;
+}
diff --git a/packages/ui/certd-server/src/modules/sys/cname/service/cname-provider-service.ts b/packages/ui/certd-server/src/modules/sys/cname/service/cname-provider-service.ts
new file mode 100644
index 00000000..bd78a31f
--- /dev/null
+++ b/packages/ui/certd-server/src/modules/sys/cname/service/cname-provider-service.ts
@@ -0,0 +1,85 @@
+import { Provide, Scope, ScopeEnum } from '@midwayjs/core';
+import { InjectEntityModel } from '@midwayjs/typeorm';
+import { Repository } from 'typeorm';
+import { BaseService, ValidateException } from '@certd/lib-server';
+import { CnameProviderEntity } from '../entity/cname_provider.js';
+
+/**
+ * 授权
+ */
+@Provide()
+@Scope(ScopeEnum.Singleton)
+export class CnameProviderService extends BaseService<CnameProviderEntity> {
+  @InjectEntityModel(CnameProviderEntity)
+  repository: Repository<CnameProviderEntity>;
+
+  getRepository() {
+    return this.repository;
+  }
+
+  async getDefault() {
+    return await this.repository.findOne({ where: { isDefault: true } });
+  }
+  /**
+   * 新增
+   * @param param 数据
+   */
+  async add(param: any) {
+    const def = await this.getDefault();
+    if (!def) {
+      param.isDefault = true;
+    }
+    const res = await super.add(param);
+    if (param.isDefault) {
+      await this.setDefault(res.id);
+    }
+    return res;
+  }
+
+  /**
+   * 修改
+   * @param param 数据
+   */
+  async update(param: any) {
+    await super.update(param);
+    if (param.isDefault) {
+      await this.setDefault(param.id);
+    }
+  }
+
+  async delete(ids: any) {
+    if (!(ids instanceof Array)) {
+      ids = [ids];
+    }
+    for (const id of ids) {
+      const info = await this.info(id);
+      if (info.isDefault) {
+        throw new ValidateException('默认的CNAME服务不能删除，请先修改为非默认值');
+      }
+    }
+    await super.delete(ids);
+  }
+
+  async setDefault(id: number) {
+    await this.transaction(async em => {
+      await em.getRepository(CnameProviderEntity).update({ isDefault: true }, { isDefault: false });
+      await em.getRepository(CnameProviderEntity).update({ id }, { isDefault: true });
+    });
+  }
+
+  async setDisabled(id: number, disabled: boolean) {
+    await this.repository.update({ id }, { disabled });
+  }
+
+  async getByPriority() {
+    const def = await this.getDefault();
+    if (def) {
+      return def;
+    }
+    const found = await this.repository.findOne({ order: { createTime: 'DESC' } });
+    if (found) {
+      return found;
+    }
+    return null;
+  }
+}
diff --git a/packages/ui/certd-server/src/modules/system/controller/plus-controller.ts b/packages/ui/certd-server/src/modules/sys/plus/plus-controller.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/system/controller/plus-controller.ts
rename to packages/ui/certd-server/src/modules/sys/plus/plus-controller.ts
diff --git a/packages/ui/certd-server/src/modules/system/controller/sys-settings-controller.ts b/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts
similarity index 96%
rename from packages/ui/certd-server/src/modules/system/controller/sys-settings-controller.ts
rename to packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts
index 0b4b9a4c..680e7139 100644
--- a/packages/ui/certd-server/src/modules/system/controller/sys-settings-controller.ts
+++ b/packages/ui/certd-server/src/modules/sys/settings/controller/sys-settings-controller.ts
@@ -4,7 +4,7 @@ import { SysSettingsService } from '@certd/lib-server';
 import { SysSettingsEntity } from '../entity/sys-settings.js';
 import { SysPublicSettings } from '@certd/lib-server';
 import * as _ from 'lodash-es';
-import { PipelineService } from '../../pipeline/service/pipeline-service.js';
+import { PipelineService } from '../../../pipeline/service/pipeline-service.js';
 
 /**
  */
diff --git a/packages/ui/certd-server/src/modules/system/entity/sys-settings.ts b/packages/ui/certd-server/src/modules/sys/settings/entity/sys-settings.ts
similarity index 100%
rename from packages/ui/certd-server/src/modules/system/entity/sys-settings.ts
rename to packages/ui/certd-server/src/modules/sys/settings/entity/sys-settings.ts
diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
index c6f6fa9e..8a11abee 100644
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/dns-provider/aliyun-dns-provider.ts
@@ -17,13 +17,13 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
   async onInstance() {
     const access: any = this.access;
 
-    this.client = new AliyunClient({logger:this.logger})
+    this.client = new AliyunClient({ logger: this.logger });
     await this.client.init({
       accessKeyId: access.accessKeyId,
       accessKeySecret: access.accessKeySecret,
       endpoint: 'https://alidns.aliyuncs.com',
       apiVersion: '2015-01-09',
-    })
+    });
   }
   //
   // async getDomainList() {
@@ -101,7 +101,6 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
       // Line: 'oversea' // 海外
     };
 
-   
     const requestOption = {
       method: 'POST',
     };
@@ -119,7 +118,8 @@ export class AliyunDnsProvider extends AbstractDnsProvider {
     }
   }
   async removeRecord(options: RemoveRecordOptions<any>): Promise<any> {
-    const { fullRecord, value, record } = options;
+    const { fullRecord, value } = options.recordReq;
+    const record = options.recordRes;
     const params = {
       RegionId: 'cn-hangzhou',
       RecordId: record,
diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-cdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-cdn/index.ts
index 6b8b6863..d1821c53 100644
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-cdn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-cdn/index.ts
@@ -31,7 +31,7 @@ export class DeployCertToAliyunCDN extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -42,7 +42,7 @@ export class DeployCertToAliyunCDN extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: '阿里云授权AccessKeyId、AccessKeySecret',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'aliyun',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-dcdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-dcdn/index.ts
index ed5b9312..6e287c7c 100644
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-dcdn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/deploy-to-dcdn/index.ts
@@ -31,7 +31,7 @@ export class DeployCertToAliyunDCDN extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -42,7 +42,7 @@ export class DeployCertToAliyunDCDN extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: '阿里云授权AccessKeyId、AccessKeySecret',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'aliyun',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts
index f9dc455c..4f86c5ae 100644
--- a/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-aliyun/plugin/upload-to-aliyun/index.ts
@@ -37,7 +37,7 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -48,7 +48,7 @@ export class UploadCertToAliyun extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: '阿里云授权AccessKeyId、AccessKeySecret',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'aliyun',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts
index 29449247..f4b1ce1f 100644
--- a/packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-cloudflare/dns-provider.ts
@@ -1,9 +1,4 @@
-import {
-  AbstractDnsProvider,
-  CreateRecordOptions,
-  IsDnsProvider,
-  RemoveRecordOptions,
-} from '@certd/plugin-cert';
+import { AbstractDnsProvider, CreateRecordOptions, IsDnsProvider, RemoveRecordOptions } from '@certd/plugin-cert';
 import { Autowire, HttpClient, ILogger } from '@certd/pipeline';
 import { CloudflareAccess } from './access.js';
 
@@ -88,9 +83,7 @@ export class CloudflareDnsProvider extends AbstractDnsProvider<CloudflareRecord>
       ttl: 60,
     });
     const record = res.result as CloudflareRecord;
-    this.logger.info(
-      `添加域名解析成功:fullRecord=${fullRecord},value=${value}`
-    );
+    this.logger.info(`添加域名解析成功:fullRecord=${fullRecord},value=${value}`);
     this.logger.info(`dns解析记录:${JSON.stringify(record)}`);
 
     //本接口需要返回本次创建的dns解析记录，这个记录会在删除的时候用到
@@ -101,10 +94,9 @@ export class CloudflareDnsProvider extends AbstractDnsProvider<CloudflareRecord>
    *  删除dns解析记录,清理申请痕迹
    * @param options
    */
-  async removeRecord(
-    options: RemoveRecordOptions<CloudflareRecord>
-  ): Promise<void> {
-    const { fullRecord, value, record } = options;
+  async removeRecord(options: RemoveRecordOptions<CloudflareRecord>): Promise<void> {
+    const { fullRecord, value } = options.recordReq;
+    const record = options.recordRes;
     this.logger.info('删除域名解析：', fullRecord, value);
     if (!record) {
       this.logger.info('record不存在');
@@ -115,9 +107,7 @@ export class CloudflareDnsProvider extends AbstractDnsProvider<CloudflareRecord>
     const recordId = record.id;
     const url = `https://api.cloudflare.com/client/v4/zones/${zoneId}/dns_records/${recordId}`;
     await this.doRequestApi(url, null, 'delete');
-    this.logger.info(
-      `删除域名解析成功:fullRecord=${fullRecord},value=${value}`
-    );
+    this.logger.info(`删除域名解析成功:fullRecord=${fullRecord},value=${value}`);
   }
 }
 
diff --git a/packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts b/packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts
index 2a836147..85bdf26f 100644
--- a/packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-cloudflare/plugins/plugin-deploy-to-cdn.ts
@@ -54,7 +54,7 @@ export class CloudflareDeployToCDNPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -66,7 +66,7 @@ export class CloudflareDeployToCDNPlugin extends AbstractTaskPlugin {
     title: 'demo授权',
     helper: 'demoAccess授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'plugins',
     },
     rules: [{ required: true, message: '此项必填' }],
diff --git a/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts
index df058411..1734beea 100644
--- a/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-demo/dns-provider.ts
@@ -61,8 +61,9 @@ export class DemoDnsProvider extends AbstractDnsProvider<DemoRecord> {
    * @param options
    */
   async removeRecord(options: RemoveRecordOptions<DemoRecord>): Promise<void> {
-    const { fullRecord, value, record } = options;
-    this.logger.info('删除域名解析：', fullRecord, value, record);
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
+    this.logger.info('删除域名解析：', domain, fullRecord, value, record);
     //这里调用删除txt dns解析记录接口
     //请根据实际接口情况调用，例如：
 
diff --git a/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts b/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
index 3f2d26a1..fe426060 100644
--- a/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-demo/plugins/plugin-test.ts
@@ -53,7 +53,7 @@ export class DemoTestPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     // required: true,
@@ -65,7 +65,7 @@ export class DemoTestPlugin extends AbstractTaskPlugin {
     title: 'demo授权',
     helper: 'demoAccess授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'demo', //固定授权类型
     },
     // rules: [{ required: true, message: '此项必填' }],
diff --git a/packages/ui/certd-server/src/plugins/plugin-doge/plugins/deploy-to-cdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-doge/plugins/deploy-to-cdn/index.ts
index 15c7f76a..56e87c60 100644
--- a/packages/ui/certd-server/src/plugins/plugin-doge/plugins/deploy-to-cdn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-doge/plugins/deploy-to-cdn/index.ts
@@ -26,7 +26,7 @@ export class DogeCloudDeployToCDNPlugin extends AbstractTaskPlugin {
     title: '证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -38,7 +38,7 @@ export class DogeCloudDeployToCDNPlugin extends AbstractTaskPlugin {
     title: '多吉云授权',
     helper: '多吉云AccessKey',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'dogecloud',
     },
     rules: [{ required: true, message: '此项必填' }],
diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts
index c9a7bafb..faa156cc 100644
--- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/copy-to-local/index.ts
@@ -66,7 +66,7 @@ export class CopyCertToLocalPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts
index 3be6679d..0683c7b2 100644
--- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/host-shell-execute/index.ts
@@ -19,7 +19,7 @@ export class HostShellExecutePlugin extends AbstractTaskPlugin {
     title: '主机登录配置',
     helper: '登录',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'ssh',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts b/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts
index e408c48f..140f5c71 100644
--- a/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-host/plugin/upload-to-host/index.ts
@@ -65,7 +65,7 @@ export class UploadCertToHostPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -76,7 +76,7 @@ export class UploadCertToHostPlugin extends AbstractTaskPlugin {
     title: '主机登录配置',
     helper: 'access授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'ssh',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-huawei/dns-provider/huawei-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-huawei/dns-provider/huawei-dns-provider.ts
index fd6d53f8..7f9e58c8 100644
--- a/packages/ui/certd-server/src/plugins/plugin-huawei/dns-provider/huawei-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-huawei/dns-provider/huawei-dns-provider.ts
@@ -73,8 +73,8 @@ export class HuaweiDnsProvider extends AbstractDnsProvider {
     if (records && records.length > 0) {
       for (const record of records) {
         await this.removeRecord({
-          record,
-          ...options,
+          recordRes: record,
+          recordReq: options,
         });
       }
     }
@@ -101,7 +101,8 @@ export class HuaweiDnsProvider extends AbstractDnsProvider {
     }
   }
   async removeRecord(options: RemoveRecordOptions<any>): Promise<any> {
-    const { fullRecord, value, record } = options;
+    const { fullRecord, value } = options.recordReq;
+    const record = options.recordRes;
     const req: ApiRequestOptions = {
       url: `${this.dnsEndpoint}/v2/zones/${record.zone_id}/recordsets/${record.id}`,
       method: 'DELETE',
diff --git a/packages/ui/certd-server/src/plugins/plugin-jdcloud/dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-jdcloud/dns-provider.ts
index e7865bae..95755776 100644
--- a/packages/ui/certd-server/src/plugins/plugin-jdcloud/dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-jdcloud/dns-provider.ts
@@ -102,10 +102,11 @@ export class JDCloudDnsProvider extends AbstractDnsProvider {
 
   /**
    *  删除dns解析记录,清理申请痕迹
-   * @param opts
+   * @param options
    */
-  async removeRecord(opts: RemoveRecordOptions<any>): Promise<void> {
-    const { record } = opts;
+  async removeRecord(options: RemoveRecordOptions<any>): Promise<void> {
+    // const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
     const deleteResourceRecord = promisfy(this.service.deleteResourceRecord);
     const res: any = await deleteResourceRecord(
       {
diff --git a/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-script.ts b/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-script.ts
index 0815c55d..fb6a61c0 100644
--- a/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-script.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-other/plugins/plugin-script.ts
@@ -36,7 +36,7 @@ export class CustomScriptPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: false,
diff --git a/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/deploy-to-cdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/deploy-to-cdn/index.ts
index d523a50a..9ad04d1e 100644
--- a/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/deploy-to-cdn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/deploy-to-cdn/index.ts
@@ -26,7 +26,7 @@ export class QiniuDeployCertToCDN extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书，或者上传到七牛云的证书id',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego', 'QiniuCertUpload'],
     },
     required: true,
@@ -37,7 +37,7 @@ export class QiniuDeployCertToCDN extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: '七牛云授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'qiniu',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/upload-cert/index.ts b/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/upload-cert/index.ts
index c4f2cde9..aed1a1d6 100644
--- a/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/upload-cert/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-qiniu/plugin/upload-cert/index.ts
@@ -25,7 +25,7 @@ export class QiniuCertUpload extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -36,7 +36,7 @@ export class QiniuCertUpload extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: '七牛云授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'qiniu',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/dnspod-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/dnspod-dns-provider.ts
index 625be743..e966cde5 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/dnspod-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/dnspod-dns-provider.ts
@@ -86,7 +86,8 @@ export class DnspodDnsProvider extends AbstractDnsProvider {
   }
 
   async removeRecord(options: RemoveRecordOptions<any>) {
-    const { fullRecord, value, record } = options;
+    const { fullRecord, value } = options.recordReq;
+    const record = options.recordRes;
     const domain = await this.matchDomain(fullRecord);
 
     const ret = await this.doRequest({
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts
index 8496ffa4..f331d5ee 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/dns-provider/tencent-dns-provider.ts
@@ -70,8 +70,8 @@ export class TencentDnsProvider extends AbstractDnsProvider {
   }
 
   async removeRecord(options: RemoveRecordOptions<any>) {
-    const { fullRecord, value, domain, record } = options;
-
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
     const params = {
       Domain: domain,
       RecordId: record.RecordId,
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts
index 7f749147..a3d4dbb7 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-cdn/index.ts
@@ -18,7 +18,7 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -29,7 +29,7 @@ export class DeployToCdnPlugin extends AbstractTaskPlugin {
     title: 'Access提供者',
     helper: 'access 授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'tencent',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts
index 63544dcd..9b66fdcb 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-clb/index.ts
@@ -75,7 +75,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
@@ -86,7 +86,7 @@ export class DeployToClbPlugin extends AbstractTaskPlugin {
     title: 'Access提供者',
     helper: 'access授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'tencent',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts
index cea27372..743dd8d5 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/deploy-to-eo/index.ts
@@ -18,7 +18,7 @@ export class DeployToEOPlugin extends AbstractTaskPlugin {
     title: '已上传证书ID',
     helper: '请选择前置任务上传到腾讯云的证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: 'UploadCertToTencent',
     },
     required: true,
@@ -29,7 +29,7 @@ export class DeployToEOPlugin extends AbstractTaskPlugin {
     title: 'Access提供者',
     helper: 'access 授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'tencent',
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts
index 53af421e..26eaffcb 100644
--- a/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-tencent/plugin/upload-to-tencent/index.ts
@@ -21,7 +21,7 @@ export class UploadToTencentPlugin extends AbstractTaskPlugin {
     title: 'Access授权',
     helper: 'access授权',
     component: {
-      name: 'pi-access-selector',
+      name: 'access-selector',
       type: 'tencent',
     },
     required: true,
@@ -32,7 +32,7 @@ export class UploadToTencentPlugin extends AbstractTaskPlugin {
     title: '域名证书',
     helper: '请选择前置任务输出的域名证书',
     component: {
-      name: 'pi-output-selector',
+      name: 'output-selector',
       from: ['CertApply', 'CertApplyLego'],
     },
     required: true,
diff --git a/packages/ui/certd-server/src/plugins/plugin-west/dns-provider.ts b/packages/ui/certd-server/src/plugins/plugin-west/dns-provider.ts
index 15131115..3a89f131 100644
--- a/packages/ui/certd-server/src/plugins/plugin-west/dns-provider.ts
+++ b/packages/ui/certd-server/src/plugins/plugin-west/dns-provider.ts
@@ -97,7 +97,8 @@ export class WestDnsProvider extends AbstractDnsProvider<westRecord> {
    * @param options
    */
   async removeRecord(options: RemoveRecordOptions<westRecord>): Promise<void> {
-    const { fullRecord, value, record, domain } = options;
+    const { fullRecord, value, domain } = options.recordReq;
+    const record = options.recordRes;
     this.logger.info('删除域名解析：', fullRecord, value, record);
     if (!record) {
       this.logger.info('record不存在');