perf: 证书申请支持letencrypt profile选项

2025-11-25 09:10:11 +08:00 · 2025-06-06 15:12:24 +08:00
parent ac87bc57e9
commit 2eb0e54909
6 changed files with 75 additions and 42 deletions
--- a/packages/core/acme-client/src/auto.js
+++ b/packages/core/acme-client/src/auto.js
@@ -75,6 +75,9 @@ export default async (client, userOpts) => {

    log("[auto] Placing new certificate order with ACME provider");
    const orderPayload = { identifiers: uniqueDomains.map((d) => ({ type: "dns", value: d })) };
+    if (opts.profile && client.sslProvider === 'letsencrypt' ){
+        orderPayload.profile = opts.profile;
+    }
    const order = await client.createOrder(orderPayload);
    const authorizations = await client.getAuthorizations(order);

--- a/packages/core/acme-client/src/client.js
+++ b/packages/core/acme-client/src/client.js
@@ -90,10 +90,12 @@ const defaultOpts = {
 */

 class AcmeClient {
+    sslProvider
    constructor(opts) {
        if (!Buffer.isBuffer(opts.accountKey)) {
            opts.accountKey = Buffer.from(opts.accountKey);
        }
+        this.sslProvider = opts.sslProvider;

        this.opts = { ...defaultOpts, ...opts };
        this.backoffOpts = {
--- a/packages/core/acme-client/types/index.d.ts
+++ b/packages/core/acme-client/types/index.d.ts
@@ -66,6 +66,7 @@ export interface ClientAutoOptions {
    challengePriority?: string[];
    preferredChain?: string;
    signal?: AbortSignal;
+    profile?:string;
 }

 export class Client {
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/acme.ts
@@ -327,8 +327,9 @@ export class AcmeService {
    csrInfo: any;
    isTest?: boolean;
    privateKeyType?: string;
+    profile?: string;
  }): Promise<CertInfo> {
-    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan } = options;
+    const { email, isTest, csrInfo, dnsProvider, domainsVerifyPlan, profile } = options;
    const client: acme.Client = await this.getAcmeClient(email, isTest);

    let domains = options.domains;
@@ -400,6 +401,7 @@ export class AcmeService {
        return await this.challengeRemoveFn(authz, challenge, keyAuthorization, recordReq, recordRes, dnsProvider, httpUploader);
      },
      signal: this.options.signal,
+      profile,
    });

    const crtString = crt.toString();
--- a/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
+++ b/packages/plugins/plugin-cert/src/plugin/cert-plugin/index.ts
@@ -248,6 +248,30 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
  })
  privateKeyType!: PrivateKeyType;

+  @TaskInput({
+    title: "证书配置",
+    value: "classic",
+    component: {
+      name: "a-select",
+      vModel: "value",
+      options: [
+        { value: "classic", label: "经典（classic）" },
+        { value: "tlsserver", label: "TLS服务器（tlsserver）" },
+        { value: "shortlived", label: "短暂的（shortlived）" },
+      ],
+    },
+    helper: "如无特殊需求，默认即可",
+    required: false,
+    mergeScript: `
+    return {
+        show: ctx.compute(({form})=>{
+            return form.sslProvider === 'letsencrypt'
+        })
+    }
+    `,
+  })
+  certProfile!: string;
+
  @TaskInput({
    title: "使用代理",
    value: false,
@@ -395,6 +419,7 @@ export class CertApplyPlugin extends CertApplyBasePlugin {
        csrInfo,
        isTest: false,
        privateKeyType: this.privateKeyType,
+        profile: this.certProfile,
      });

      const certInfo = this.formatCerts(cert);