From 88f5127d9b50fd9d2a2117bbdb54c345f4ff77a9 Mon Sep 17 00:00:00 2001
From: jingrow <support@jingrow.com>
Date: Thu, 1 Jan 2026 17:12:14 +0000
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96ssl=E8=87=AA=E5=8A=A8?=
 =?UTF-8?q?=E5=8C=96=E5=8A=9F=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ssl_manager/route_watcher.py | 19 ++++++++++++++-----
 ssl_manager/test_ssl_auto.py | 20 ++++++++++----------
 2 files changed, 24 insertions(+), 15 deletions(-)

diff --git a/ssl_manager/route_watcher.py b/ssl_manager/route_watcher.py
index 8171d12..8dd0c76 100755
--- a/ssl_manager/route_watcher.py
+++ b/ssl_manager/route_watcher.py
@@ -116,14 +116,23 @@ class RouteWatcher:
     def extract_domains_from_route(self, route: dict) -> Set[str]:
         """从路由中提取域名"""
         domains = set()
+        route_value = route.get('value', {})
         
-        # 从 hosts 字段提取
-        hosts = route.get('value', {}).get('hosts', [])
+        # 从 host 字段提取（单个域名，Dashboard 常用）
+        host = route_value.get('host')
+        if host and isinstance(host, str):
+            domains.add(host)
+        
+        # 从 hosts 字段提取（域名数组）
+        hosts = route_value.get('hosts', [])
         if hosts:
-            domains.update(hosts)
+            if isinstance(hosts, list):
+                domains.update(hosts)
+            elif isinstance(hosts, str):
+                domains.add(hosts)
         
         # 从 uri 字段提取（如果包含域名）
-        uri = route.get('value', {}).get('uri', '')
+        uri = route_value.get('uri', '')
         if uri and '.' in uri and not uri.startswith('/'):
             # 可能是域名格式
             parts = uri.split('/')
@@ -131,7 +140,7 @@ class RouteWatcher:
                 domains.add(parts[0])
         
         # 从 match 字段提取
-        match = route.get('value', {}).get('match', {})
+        match = route_value.get('match', {})
         if isinstance(match, dict):
             for key, value in match.items():
                 if 'host' in key.lower() and isinstance(value, str):
diff --git a/ssl_manager/test_ssl_auto.py b/ssl_manager/test_ssl_auto.py
index 3d5238b..17a2b7c 100755
--- a/ssl_manager/test_ssl_auto.py
+++ b/ssl_manager/test_ssl_auto.py
@@ -176,11 +176,11 @@ class SSLTestRunner:
         return True
     
     def check_webroot_route(self, domain: str) -> bool:
-        """检查 webroot 验证路由"""
-        print_info(f"检查 webroot 验证路由: {domain}...")
+        """检查 webroot 验证路由（通用路由，适用于所有域名）"""
+        print_info(f"检查 webroot 验证路由（适用于所有域名）...")
         
-        # 为每个域名创建独立的 webroot 路由
-        route_id = f"certbot-webroot-{domain}"
+        # 使用通用的 webroot 路由，不指定 host
+        route_id = "certbot-webroot"
         
         try:
             response = requests.get(
@@ -205,16 +205,16 @@ class SSLTestRunner:
             return False
     
     def create_webroot_route(self, domain: str) -> bool:
-        """创建 webroot 验证路由（为每个域名创建独立路由）"""
-        print_info(f"创建 webroot 路由: {domain}")
+        """创建 webroot 验证路由（通用路由，适用于所有域名）"""
+        print_info(f"创建 webroot 路由（适用于所有域名）")
         
-        # 为每个域名创建独立的 webroot 路由，确保 host 匹配
-        route_id = f"certbot-webroot-{domain}"
+        # 使用通用的 webroot 路由，不指定 host，适用于所有域名
+        route_id = "certbot-webroot"
         route_config = {
             "uri": "/.well-known/acme-challenge/*",
             "name": route_id,
-            "host": domain,  # 设置 host，确保正确匹配
-            "priority": 10000,  # 高优先级，在域名路由之前匹配
+            # 不设置 host，匹配所有域名
+            "priority": 99999,  # 最高优先级，确保在所有路由之前匹配
             "plugins": {
                 "serverless-pre-function": {
                     "phase": "rewrite",