From 75a88703f7fb71cab5168f06d87ea88badb8d56e Mon Sep 17 00:00:00 2001
From: Q m <dingqun.li@quvideo.com>
Date: Thu, 20 Nov 2025 11:46:55 +0800
Subject: [PATCH] fix: upload the certificate to aliyun slb repeatedly

---
 pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go b/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
index d52616ff..077db79f 100644
--- a/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
+++ b/pkg/core/certmgr/providers/aliyun-slb/aliyun_slb.go
@@ -85,8 +85,10 @@ func (c *Certmgr) Upload(ctx context.Context, certPEM, privkeyPEM string) (*cert
 	}
 
 	if describeServerCertificatesResp.Body.ServerCertificates != nil && describeServerCertificatesResp.Body.ServerCertificates.ServerCertificate != nil {
-		fingerprint := sha256.Sum256(certX509.Raw)
-		fingerprintHex := hex.EncodeToString(fingerprint[:])
+		sha256Fingerprint := sha256.Sum256(certX509.Raw)
+		sha256FingerprintHex := hex.EncodeToString(sha256Fingerprint[:])
+		sha1Fingerprint := sha1.Sum(certX509.Raw)
+		sha1FingerprintHex := hex.EncodeToString(sha1Fingerprint[:])
 		for _, certItem := range describeServerCertificatesResp.Body.ServerCertificates.ServerCertificate {
 			if tea.Int32Value(certItem.IsAliCloudCertificate) != 0 {
 				continue
@@ -94,7 +96,8 @@ func (c *Certmgr) Upload(ctx context.Context, certPEM, privkeyPEM string) (*cert
 			if !strings.EqualFold(certX509.Subject.CommonName, tea.StringValue(certItem.CommonName)) {
 				continue
 			}
-			if !strings.EqualFold(fingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) {
+			if !strings.EqualFold(sha256FingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) &&
+				!strings.EqualFold(sha1FingerprintHex, strings.ReplaceAll(tea.StringValue(certItem.Fingerprint), ":", "")) {
 				continue
 			}