From 75a88703f7fb71cab5168f06d87ea88badb8d56e Mon Sep 17 00:00:00 2001
From: Q m <dingqun.li@quvideo.com>
Date: Thu, 20 Nov 2025 11:46:55 +0800
Subject: [PATCH 1/2] fix: upload the certificate to aliyun slb repeatedly

---
 pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go b/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
index d52616ff..077db79f 100644
--- a/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
+++ b/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
@@ -85,8 +85,10 @@ func (c *Certmgr) Upload(ctx context.Context, certPEM, privkeyPEM string) (*cert
 	}
 
 	if describeServerCertificatesResp.Body.ServerCertificates != nil && describeServerCertificatesResp.Body.ServerCertificates.ServerCertificate != nil {
-		fingerprint := sha256.Sum256(certX509.Raw)
-		fingerprintHex := hex.EncodeToString(fingerprint[:])
+		sha256Fingerprint := sha256.Sum256(certX509.Raw)
+		sha256FingerprintHex := hex.EncodeToString(sha256Fingerprint[:])
+		sha1Fingerprint := sha1.Sum(certX509.Raw)
+		sha1FingerprintHex := hex.EncodeToString(sha1Fingerprint[:])
 		for _, certItem := range describeServerCertificatesResp.Body.ServerCertificates.ServerCertificate {
 			if tea.Int32Value(certItem.IsAliCloudCertificate) != 0 {
 				continue
@@ -94,7 +96,8 @@ func (c *Certmgr) Upload(ctx context.Context, certPEM, privkeyPEM string) (*cert
 			if !strings.EqualFold(certX509.Subject.CommonName, tea.StringValue(certItem.CommonName)) {
 				continue
 			}
-			if !strings.EqualFold(fingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) {
+			if !strings.EqualFold(sha256FingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) &&
+				!strings.EqualFold(sha1FingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) {
 				continue
 			}
 

From d1ed3255797ff35404334a859370d60f557a14aa Mon Sep 17 00:00:00 2001
From: Q m <dingqun.li@quvideo.com>
Date: Thu, 20 Nov 2025 17:20:21 +0800
Subject: [PATCH 2/2] fix: init tencent waf deployer add region param

---
 internal/certdeploy/deployers/sp_tencentcloud_waf.go | 1 +
 1 file changed, 1 insertion(+)

diff --git a/internal/certdeploy/deployers/sp_tencentcloud_waf.go b/internal/certdeploy/deployers/sp_tencentcloud_waf.go
index 293d6c81..19216077 100644
--- a/internal/certdeploy/deployers/sp_tencentcloud_waf.go
+++ b/internal/certdeploy/deployers/sp_tencentcloud_waf.go
@@ -20,6 +20,7 @@ func init() {
 			SecretId:   credentials.SecretId,
 			SecretKey:  credentials.SecretKey,
 			Endpoint:   xmaps.GetString(options.ProviderExtendedConfig, "endpoint"),
+			Region:     xmaps.GetString(options.ProviderExtendedConfig, "region"),
 			Domain:     xmaps.GetString(options.ProviderExtendedConfig, "domain"),
 			DomainId:   xmaps.GetString(options.ProviderExtendedConfig, "domainId"),
 			InstanceId: xmaps.GetString(options.ProviderExtendedConfig, "instanceId"),